Sophos Virus Removal Tool question Part 2

On June 27 of 2017 I posted a question to this forum regarding a message I got and still get when I run this tool. I am running a windows home version 7 I have attached a copy of the log file from the time just before the appearance of the message up to the most recent running of the tool. Is there anyone out there who can help with this problem. over 300 people have looked at my first post and not one reply? Am I the only person who has come across this?

 

Thanks for any help,

Kevin

2017-05-13 18:23:59.568 Sophos Virus Removal Tool version 2.5.6
2017-05-13 18:23:59.568 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-05-13 18:23:59.568 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-05-13 18:23:59.568 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-05-13 18:23:59.568 Checking for updates...
2017-05-13 18:23:59.599 Update progress: proxy server not available
2017-05-13 18:24:31.212 Downloading updates...
2017-05-13 18:24:31.212 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-05-13 18:24:31.212 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 18:24:31.212 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 18:24:31.212 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-05-13 18:24:31.212 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-05-13 18:24:31.212 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
2017-05-13 18:24:31.212 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-05-13 18:24:31.212 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-05-13 18:24:31.212 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-05-13 18:24:31.212 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 18:24:31.399 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-05-13 18:24:31.399 Update progress: [I19463] Product download size 14593313 bytes
2017-05-13 18:24:50.324 Update progress: [I19463] Syncing product IDE539 LATEST path=
2017-05-13 18:24:50.324 Update progress: [I19463] Product download size 2453408 bytes
2017-05-13 18:24:50.886 Option all = no
2017-05-13 18:24:50.886 Option recurse = yes
2017-05-13 18:24:50.886 Option archive = no
2017-05-13 18:24:50.886 Option service = yes
2017-05-13 18:24:50.886 Option confirm = yes
2017-05-13 18:24:50.886 Option sxl = yes
2017-05-13 18:24:50.886 Option max-data-age = 35
2017-05-13 18:24:50.886 Option vdl-logging = yes
2017-05-13 18:24:50.917 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-13 18:24:50.917 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-13 18:24:50.964 Component SVRTcli.exe version 2.5.6
2017-05-13 18:24:50.964 Component control.dll version 2.5.6
2017-05-13 18:24:50.964 Component SVRTservice.exe version 2.5.6
2017-05-13 18:24:50.964 Component engine\osdp.dll version 1.44.1.2280
2017-05-13 18:24:50.964 Component engine\veex.dll version 3.68.0.2280
2017-05-13 18:24:50.964 Component engine\savi.dll version 9.0.7.2280
2017-05-13 18:24:50.964 Component rkdisk.dll version 1.5.31.1
2017-05-13 18:24:50.964 Version info: Product version 2.5.6
2017-05-13 18:24:50.980 Version info: Detection engine 3.68.0
2017-05-13 18:24:50.980 Version info: Detection data 5.36
2017-05-13 18:24:50.980 Version info: Build date 2/7/2017
2017-05-13 18:24:50.980 Version info: Data files added 210
2017-05-13 18:24:50.980 Version info: Last successful update 2/26/2017 7:05:36 PM
2017-05-13 18:24:56.675 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-05-13 18:24:56.675 Update progress: [I19463] Product download size 1784068 bytes
2017-05-13 18:25:01.400 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-05-13 18:25:01.400 Update progress: [I19463] Product download size 940268 bytes
2017-05-13 18:25:03.350 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-05-13 18:25:03.443 Installing updates...
2017-05-13 18:25:04.660 Error level 1
2017-05-13 18:25:09.543 Update successful
2017-05-13 18:25:22.849 Option all = no
2017-05-13 18:25:22.849 Option recurse = yes
2017-05-13 18:25:22.849 Option archive = no
2017-05-13 18:25:22.849 Option service = yes
2017-05-13 18:25:22.849 Option confirm = yes
2017-05-13 18:25:22.849 Option sxl = yes
2017-05-13 18:25:22.849 Option max-data-age = 35
2017-05-13 18:25:22.849 Option vdl-logging = yes
2017-05-13 18:25:22.880 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-13 18:25:22.880 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-13 18:25:22.880 Component SVRTcli.exe version 2.5.6
2017-05-13 18:25:22.880 Component control.dll version 2.5.6
2017-05-13 18:25:22.880 Component SVRTservice.exe version 2.5.6
2017-05-13 18:25:22.880 Component engine\osdp.dll version 1.44.1.2281
2017-05-13 18:25:22.880 Component engine\veex.dll version 3.68.1.2281
2017-05-13 18:25:22.880 Component engine\savi.dll version 9.0.7.2281
2017-05-13 18:25:22.880 Component rkdisk.dll version 1.5.31.1
2017-05-13 18:25:22.880 Version info: Product version 2.5.6
2017-05-13 18:25:22.880 Version info: Detection engine 3.68.1
2017-05-13 18:25:22.880 Version info: Detection data 5.38
2017-05-13 18:25:22.880 Version info: Build date 4/4/2017
2017-05-13 18:25:22.880 Version info: Data files added 335
2017-05-13 18:25:22.880 Version info: Last successful update 5/13/2017 2:25:09 PM
2017-05-13 18:25:31.881 Error level 1

2017-05-13 18:25:31.881 Scan completed.
2017-05-13 18:25:31.881

------------------------------------------------------------

2017-05-13 19:00:41.088 Sophos Virus Removal Tool version 2.5.6
2017-05-13 19:00:41.088 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-05-13 19:00:41.088 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-05-13 19:00:41.088 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-05-13 19:00:41.088 Checking for updates...
2017-05-13 19:00:41.588 Update progress: proxy server not available
2017-05-13 19:01:06.398 Downloading updates...
2017-05-13 19:01:06.398 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-05-13 19:01:06.398 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 19:01:06.398 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 19:01:06.398 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-05-13 19:01:06.398 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-05-13 19:01:06.398 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
2017-05-13 19:01:06.398 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-05-13 19:01:06.398 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-05-13 19:01:06.398 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-05-13 19:01:06.398 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 19:01:06.507 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-05-13 19:01:06.616 Update progress: [I19463] Syncing product IDE539 LATEST path=
2017-05-13 19:01:06.694 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-05-13 19:01:06.772 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-05-13 19:01:06.788 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-05-13 19:01:06.990 Installing updates...
2017-05-13 19:01:31.873 Option all = no
2017-05-13 19:01:33.087 Option recurse = yes
2017-05-13 19:01:33.087 Option archive = no
2017-05-13 19:01:33.087 Option service = yes
2017-05-13 19:01:33.087 Option confirm = yes
2017-05-13 19:01:33.087 Option sxl = yes
2017-05-13 19:01:33.087 Option max-data-age = 35
2017-05-13 19:01:33.087 Option vdl-logging = yes
2017-05-13 19:01:33.087 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-13 19:01:33.088 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-13 19:01:33.088 Component SVRTcli.exe version 2.5.6
2017-05-13 19:01:33.088 Component control.dll version 2.5.6
2017-05-13 19:01:33.088 Component SVRTservice.exe version 2.5.6
2017-05-13 19:01:33.088 Component engine\osdp.dll version 1.44.1.2281
2017-05-13 19:01:33.088 Component engine\veex.dll version 3.68.1.2281
2017-05-13 19:01:33.088 Component engine\savi.dll version 9.0.7.2281
2017-05-13 19:01:33.088 Component rkdisk.dll version 1.5.31.1
2017-05-13 19:01:33.088 Version info: Product version 2.5.6
2017-05-13 19:01:33.088 Version info: Detection engine 3.68.1
2017-05-13 19:01:33.088 Version info: Detection data 5.38
2017-05-13 19:01:33.088 Version info: Build date 4/4/2017
2017-05-13 19:01:33.088 Version info: Data files added 335
2017-05-13 19:01:33.088 Version info: Last successful update 5/13/2017 2:25:09 PM
2017-05-13 19:01:33.088 Error level 1
2017-05-13 19:01:33.588 Update successful
2017-05-13 19:01:46.784 Option all = no
2017-05-13 19:01:46.784 Option recurse = yes
2017-05-13 19:01:46.784 Option archive = no
2017-05-13 19:01:46.784 Option service = yes
2017-05-13 19:01:46.784 Option confirm = yes
2017-05-13 19:01:46.784 Option sxl = yes
2017-05-13 19:01:46.784 Option max-data-age = 35
2017-05-13 19:01:46.784 Option vdl-logging = yes
2017-05-13 19:01:46.799 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-13 19:01:46.799 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-13 19:01:46.799 Component SVRTcli.exe version 2.5.6
2017-05-13 19:01:46.799 Component control.dll version 2.5.6
2017-05-13 19:01:46.799 Component SVRTservice.exe version 2.5.6
2017-05-13 19:01:46.799 Component engine\osdp.dll version 1.44.1.2281
2017-05-13 19:01:46.799 Component engine\veex.dll version 3.68.1.2281
2017-05-13 19:01:46.799 Component engine\savi.dll version 9.0.7.2281
2017-05-13 19:01:46.799 Component rkdisk.dll version 1.5.31.1
2017-05-13 19:01:46.799 Version info: Product version 2.5.6
2017-05-13 19:01:46.799 Version info: Detection engine 3.68.1
2017-05-13 19:01:46.799 Version info: Detection data 5.38
2017-05-13 19:01:46.799 Version info: Build date 4/4/2017
2017-05-13 19:01:46.799 Version info: Data files added 335
2017-05-13 19:01:46.799 Version info: Last successful update 5/13/2017 3:01:33 PM

2017-05-13 19:08:34.621 Sophos Virus Removal Tool version 2.5.6
2017-05-13 19:08:34.621 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-05-13 19:08:34.621 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-05-13 19:08:34.621 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-05-13 19:08:34.621 Checking for updates...
2017-05-13 19:08:35.479 Update progress: proxy server not available
2017-05-13 19:08:39.739 Warning: failed to start SMS service (1056: An instance of the service is already running.)
2017-05-13 19:09:51.578 Downloading updates...
2017-05-13 19:09:51.578 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-05-13 19:09:51.578 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 19:09:51.578 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 19:09:51.578 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-05-13 19:09:51.578 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-05-13 19:09:51.578 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-05-13 19:09:51.578 Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-05-13 19:09:51.578 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
2017-05-13 19:09:51.578 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
2017-05-13 19:09:51.578 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
2017-05-13 19:09:51.578 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-05-13 19:09:51.578 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-05-13 19:09:51.594 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-05-13 19:09:51.594 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-05-13 19:09:51.594 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-05-13 19:09:51.594 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-05-13 19:09:51.594 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-05-13 19:09:51.594 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-05-13 19:09:51.594 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-13 19:09:51.687 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-05-13 19:09:51.765 Update progress: [I19463] Syncing product IDE539 LATEST path=
2017-05-13 19:09:51.828 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-05-13 19:09:51.874 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-05-13 19:09:51.874 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-05-13 19:09:52.015 Installing updates...
2017-05-13 19:09:52.639 Option all = no
2017-05-13 19:09:53.450 Option recurse = yes
2017-05-13 19:09:53.450 Option archive = no
2017-05-13 19:09:53.450 Option service = yes
2017-05-13 19:09:53.450 Option confirm = yes
2017-05-13 19:09:53.450 Option sxl = yes
2017-05-13 19:09:53.450 Option max-data-age = 35
2017-05-13 19:09:53.450 Option vdl-logging = yes
2017-05-13 19:09:53.450 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-13 19:09:53.450 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-13 19:09:53.450 Component SVRTcli.exe version 2.5.6
2017-05-13 19:09:53.450 Component control.dll version 2.5.6
2017-05-13 19:09:53.450 Component SVRTservice.exe version 2.5.6
2017-05-13 19:09:53.450 Component engine\osdp.dll version 1.44.1.2281
2017-05-13 19:09:53.450 Component engine\veex.dll version 3.68.1.2281
2017-05-13 19:09:53.450 Component engine\savi.dll version 9.0.7.2281
2017-05-13 19:09:53.450 Component rkdisk.dll version 1.5.31.1
2017-05-13 19:09:53.450 Version info: Product version 2.5.6
2017-05-13 19:09:53.450 Version info: Detection engine 3.68.1
2017-05-13 19:09:53.450 Version info: Detection data 5.38
2017-05-13 19:09:53.450 Version info: Build date 4/4/2017
2017-05-13 19:09:53.450 Version info: Data files added 335
2017-05-13 19:09:53.450 Version info: Last successful update 5/13/2017 3:01:33 PM
2017-05-13 19:09:53.450 Error level 1
2017-05-13 19:09:53.918 Update successful
2017-05-13 19:10:05.527 Option all = no
2017-05-13 19:10:05.527 Option recurse = yes
2017-05-13 19:10:05.527 Option archive = no
2017-05-13 19:10:05.527 Option service = yes
2017-05-13 19:10:05.527 Option confirm = yes
2017-05-13 19:10:05.527 Option sxl = yes
2017-05-13 19:10:05.527 Option max-data-age = 35
2017-05-13 19:10:05.527 Option vdl-logging = yes
2017-05-13 19:10:05.542 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-13 19:10:05.542 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-13 19:10:05.542 Component SVRTcli.exe version 2.5.6
2017-05-13 19:10:05.542 Component control.dll version 2.5.6
2017-05-13 19:10:05.542 Component SVRTservice.exe version 2.5.6
2017-05-13 19:10:05.542 Component engine\osdp.dll version 1.44.1.2281
2017-05-13 19:10:05.542 Component engine\veex.dll version 3.68.1.2281
2017-05-13 19:10:05.542 Component engine\savi.dll version 9.0.7.2281
2017-05-13 19:10:05.542 Component rkdisk.dll version 1.5.31.1
2017-05-13 19:10:05.542 Version info: Product version 2.5.6
2017-05-13 19:10:05.542 Version info: Detection engine 3.68.1
2017-05-13 19:10:05.542 Version info: Detection data 5.38
2017-05-13 19:10:05.542 Version info: Build date 4/4/2017
2017-05-13 19:10:05.542 Version info: Data files added 335
2017-05-13 19:10:05.542 Version info: Last successful update 5/13/2017 3:09:53 PM

2017-05-13 19:10:12.642 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-05-13 19:10:12.642 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-05-13 19:10:12.642 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-05-13 19:10:12.642 The following items will be cleaned up:
2017-05-13 19:10:12.642 Troj/KvterMem-B
2017-05-13 19:10:41.325 Threat 'Troj/KvterMem-B' has been cleaned up.
2017-05-13 19:10:41.325 Process "C:\Windows\System32\regsvr32.exe:pid:000015a4" belongs to 'Troj/KvterMem-B'.
2017-05-13 19:10:41.326 Process "C:\Windows\System32\regsvr32.exe:pid:000015a4" has been cleaned up.
2017-05-13 19:10:41.326 Process "C:\Windows\System32\regsvr32.exe:pid:00001634" belongs to 'Troj/KvterMem-B'.
2017-05-13 19:10:41.326 Process "C:\Windows\System32\regsvr32.exe:pid:00001634" has been cleaned up.
2017-05-13 19:10:41.326 Process "C:\Windows\System32\regsvr32.exe:pid:000015a4" belongs to 'Troj/KvterMem-B'.
2017-05-13 19:10:41.326 Process "C:\Windows\System32\regsvr32.exe:pid:000015a4" has been cleaned up.
2017-05-13 19:10:41.326 Process "C:\Windows\System32\regsvr32.exe:pid:00001634" belongs to 'Troj/KvterMem-B'.
2017-05-13 19:10:41.326 Process "C:\Windows\System32\regsvr32.exe:pid:00001634" has been cleaned up.
2017-05-13 19:10:41.326 Memory area "System Memory" belongs to 'Troj/KvterMem-B'.
2017-05-13 19:10:41.326 Memory area "System Memory" has been cleaned up.
2017-05-13 19:10:41.326 Removal successful
2017-05-13 19:28:02.414 Could not open C:\boot\BCD
2017-05-13 19:28:07.638 Could not open C:\pagefile.sys
2017-05-13 19:44:21.739 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-05-13 19:44:21.739 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-05-13 19:44:25.937 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-05-13 19:44:25.937 Could not open C:\Windows\System32\config\RegBack\SAM
2017-05-13 19:44:25.937 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-05-13 19:44:25.953 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-05-13 19:44:25.953 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-05-13 20:07:32.145 Could not open LOGICAL:0004:00000000
2017-05-13 20:07:32.160 Could not open E:\
2017-05-13 20:07:33.439 Error level 0

2017-05-13 20:13:59.512 Scan completed.
2017-05-13 20:13:59.512

------------------------------------------------------------

2017-05-16 00:50:49.557 Sophos Virus Removal Tool version 2.5.6
2017-05-16 00:50:49.557 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-05-16 00:50:49.557 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-05-16 00:50:49.557 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-05-16 00:50:49.558 Checking for updates...
2017-05-16 00:50:50.612 Update progress: proxy server not available
2017-05-16 00:51:11.788 Downloading updates...
2017-05-16 00:51:11.788 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-05-16 00:51:11.788 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-16 00:51:11.788 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-16 00:51:11.789 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-05-16 00:51:11.789 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-05-16 00:51:11.789 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
2017-05-16 00:51:11.789 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-05-16 00:51:11.789 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-05-16 00:51:11.789 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-05-16 00:51:11.789 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-16 00:51:11.972 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-05-16 00:51:12.197 Update progress: [I19463] Syncing product IDE539 LATEST path=
2017-05-16 00:51:12.278 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-05-16 00:51:12.338 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-05-16 00:51:12.338 Update progress: [I19463] Product download size 154802 bytes
2017-05-16 00:51:12.639 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-05-16 00:51:12.747 Installing updates...
2017-05-16 00:51:41.624 Option all = no
2017-05-16 00:51:43.560 Update successful
2017-05-16 00:51:43.691 Option recurse = yes
2017-05-16 00:51:43.692 Option archive = no
2017-05-16 00:51:43.692 Option service = yes
2017-05-16 00:51:43.692 Option confirm = yes
2017-05-16 00:51:43.692 Option sxl = yes
2017-05-16 00:51:43.692 Option max-data-age = 35
2017-05-16 00:51:43.692 Option vdl-logging = yes
2017-05-16 00:51:43.692 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-16 00:51:43.692 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-16 00:51:43.692 Component SVRTcli.exe version 2.5.6
2017-05-16 00:51:43.692 Component control.dll version 2.5.6
2017-05-16 00:51:43.692 Component SVRTservice.exe version 2.5.6
2017-05-16 00:51:43.692 Component engine\osdp.dll version 1.44.1.2281
2017-05-16 00:51:43.692 Component engine\veex.dll version 3.68.1.2281
2017-05-16 00:51:43.692 Component engine\savi.dll version 9.0.7.2281
2017-05-16 00:51:43.692 Component rkdisk.dll version 1.5.31.1
2017-05-16 00:51:43.692 Version info: Product version 2.5.6
2017-05-16 00:51:43.692 Version info: Detection engine 3.68.1
2017-05-16 00:51:43.692 Version info: Detection data 5.38
2017-05-16 00:51:43.692 Version info: Build date 4/4/2017
2017-05-16 00:51:43.692 Version info: Data files added 335
2017-05-16 00:51:43.692 Version info: Last successful update 5/13/2017 3:09:53 PM
2017-05-16 00:51:47.588 Error: an instance of this application is already running.
2017-05-16 00:51:47.588 Error level 1

2017-05-16 00:52:45.781 Scan failed due to fatal error.
2017-05-16 00:52:45.781

------------------------------------------------------------

2017-05-18 23:57:18.823 Sophos Virus Removal Tool version 2.5.6
2017-05-18 23:57:18.823 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-05-18 23:57:18.823 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-05-18 23:57:18.823 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-05-18 23:57:18.823 Checking for updates...
2017-05-18 23:57:19.296 Update progress: proxy server not available
2017-05-18 23:57:27.416 Downloading updates...
2017-05-18 23:57:27.418 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-05-18 23:57:27.418 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-18 23:57:27.418 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-18 23:57:27.418 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-05-18 23:57:27.418 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-05-18 23:57:27.418 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
2017-05-18 23:57:27.418 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-05-18 23:57:27.418 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-05-18 23:57:27.418 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-05-18 23:57:27.418 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-18 23:57:27.572 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-05-18 23:57:27.659 Update progress: [I19463] Syncing product IDE539 LATEST path=
2017-05-18 23:57:27.772 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-05-18 23:57:27.837 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-05-18 23:57:27.837 Update progress: [I19463] Product download size 244978 bytes
2017-05-18 23:57:28.370 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-05-18 23:57:28.472 Installing updates...
2017-05-18 23:57:48.229 Option all = no
2017-05-18 23:57:50.049 Option recurse = yes
2017-05-18 23:57:50.049 Option archive = no
2017-05-18 23:57:50.049 Option service = yes
2017-05-18 23:57:50.049 Option confirm = yes
2017-05-18 23:57:50.049 Option sxl = yes
2017-05-18 23:57:50.049 Option max-data-age = 35
2017-05-18 23:57:50.049 Option vdl-logging = yes
2017-05-18 23:57:50.049 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-18 23:57:50.049 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-18 23:57:50.049 Component SVRTcli.exe version 2.5.6
2017-05-18 23:57:50.049 Component control.dll version 2.5.6
2017-05-18 23:57:50.049 Component SVRTservice.exe version 2.5.6
2017-05-18 23:57:50.049 Component engine\osdp.dll version 1.44.1.2281
2017-05-18 23:57:50.049 Component engine\veex.dll version 3.68.1.2281
2017-05-18 23:57:50.049 Component engine\savi.dll version 9.0.7.2281
2017-05-18 23:57:50.049 Component rkdisk.dll version 1.5.31.1
2017-05-18 23:57:50.050 Version info: Product version 2.5.6
2017-05-18 23:57:50.050 Version info: Detection engine 3.68.1
2017-05-18 23:57:50.050 Version info: Detection data 5.38
2017-05-18 23:57:50.050 Version info: Build date 4/4/2017
2017-05-18 23:57:50.050 Version info: Data files added 346
2017-05-18 23:57:50.050 Version info: Last successful update 5/15/2017 8:51:43 PM
2017-05-18 23:57:50.050 Error level 1
2017-05-18 23:57:50.978 Update successful
2017-05-18 23:58:06.400 Option all = no
2017-05-18 23:58:06.400 Option recurse = yes
2017-05-18 23:58:06.400 Option archive = no
2017-05-18 23:58:06.400 Option service = yes
2017-05-18 23:58:06.400 Option confirm = yes
2017-05-18 23:58:06.400 Option sxl = yes
2017-05-18 23:58:06.402 Option max-data-age = 35
2017-05-18 23:58:06.402 Option vdl-logging = yes
2017-05-18 23:58:06.408 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-18 23:58:06.409 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-18 23:58:06.411 Component SVRTcli.exe version 2.5.6
2017-05-18 23:58:06.411 Component control.dll version 2.5.6
2017-05-18 23:58:06.411 Component SVRTservice.exe version 2.5.6
2017-05-18 23:58:06.413 Component engine\osdp.dll version 1.44.1.2281
2017-05-18 23:58:06.413 Component engine\veex.dll version 3.68.1.2281
2017-05-18 23:58:06.414 Component engine\savi.dll version 9.0.7.2281
2017-05-18 23:58:06.414 Component rkdisk.dll version 1.5.31.1
2017-05-18 23:58:06.414 Version info: Product version 2.5.6
2017-05-18 23:58:06.415 Version info: Detection engine 3.68.1
2017-05-18 23:58:06.415 Version info: Detection data 5.38
2017-05-18 23:58:06.415 Version info: Build date 4/4/2017
2017-05-18 23:58:06.415 Version info: Data files added 360
2017-05-18 23:58:06.415 Version info: Last successful update 5/18/2017 7:57:50 PM

2017-05-18 23:58:16.102 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-05-18 23:58:16.103 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-05-18 23:58:16.104 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-05-18 23:58:16.107 The following items will be cleaned up:
2017-05-18 23:58:16.108 Troj/KvterMem-B
2017-05-18 23:58:43.409 Threat 'Troj/KvterMem-B' has been cleaned up.
2017-05-18 23:58:43.409 Process "C:\Windows\System32\regsvr32.exe:pid:000017c0" belongs to 'Troj/KvterMem-B'.
2017-05-18 23:58:43.409 Process "C:\Windows\System32\regsvr32.exe:pid:000017c0" has been cleaned up.
2017-05-18 23:58:43.409 Process "C:\Windows\System32\regsvr32.exe:pid:000010dc" belongs to 'Troj/KvterMem-B'.
2017-05-18 23:58:43.409 Process "C:\Windows\System32\regsvr32.exe:pid:000010dc" has been cleaned up.
2017-05-18 23:58:43.409 Process "C:\Windows\System32\regsvr32.exe:pid:000017c0" belongs to 'Troj/KvterMem-B'.
2017-05-18 23:58:43.409 Process "C:\Windows\System32\regsvr32.exe:pid:000017c0" has been cleaned up.
2017-05-18 23:58:43.409 Process "C:\Windows\System32\regsvr32.exe:pid:000010dc" belongs to 'Troj/KvterMem-B'.
2017-05-18 23:58:43.409 Process "C:\Windows\System32\regsvr32.exe:pid:000010dc" has been cleaned up.
2017-05-18 23:58:43.409 Memory area "System Memory" belongs to 'Troj/KvterMem-B'.
2017-05-18 23:58:43.409 Memory area "System Memory" has been cleaned up.
2017-05-18 23:58:43.409 Removal successful
2017-05-19 00:16:52.563 Could not open C:\boot\BCD
2017-05-19 00:16:57.742 Could not open C:\pagefile.sys
2017-05-19 00:35:54.910 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-05-19 00:35:54.972 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-05-19 00:36:00.590 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-05-19 00:36:00.606 Could not open C:\Windows\System32\config\RegBack\SAM
2017-05-19 00:36:00.606 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-05-19 00:36:00.606 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-05-19 00:36:00.622 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-05-19 01:03:10.737 Could not open LOGICAL:0004:00000000
2017-05-19 01:03:10.752 Could not open E:\
2017-05-19 01:03:12.562 Error level 0

2017-05-19 13:33:21.067 Scan completed.
2017-05-19 13:33:21.067

------------------------------------------------------------

2017-05-23 01:50:03.077 Sophos Virus Removal Tool version 2.5.6
2017-05-23 01:50:03.077 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-05-23 01:50:03.093 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-05-23 01:50:03.093 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-05-23 01:50:03.093 Checking for updates...
2017-05-23 01:50:04.775 Update progress: proxy server not available
2017-05-23 01:50:16.526 Downloading updates...
2017-05-23 01:50:16.526 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-05-23 01:50:16.541 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-23 01:50:16.541 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-23 01:50:16.541 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-05-23 01:50:16.541 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-05-23 01:50:16.541 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
2017-05-23 01:50:16.541 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-05-23 01:50:16.541 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-05-23 01:50:16.541 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-05-23 01:50:16.541 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-05-23 01:50:16.827 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-05-23 01:50:16.992 Update progress: [I19463] Syncing product IDE539 LATEST path=
2017-05-23 01:50:17.096 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-05-23 01:50:17.167 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-05-23 01:50:17.167 Update progress: [I19463] Product download size 209717 bytes
2017-05-23 01:50:18.347 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-05-23 01:50:18.641 Installing updates...
2017-05-23 01:50:33.114 Option all = no
2017-05-23 01:50:34.126 Option recurse = yes
2017-05-23 01:50:34.126 Option archive = no
2017-05-23 01:50:34.126 Option service = yes
2017-05-23 01:50:34.126 Option confirm = yes
2017-05-23 01:50:34.126 Option sxl = yes
2017-05-23 01:50:34.127 Option max-data-age = 35
2017-05-23 01:50:34.127 Option vdl-logging = yes
2017-05-23 01:50:34.127 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-23 01:50:34.127 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-23 01:50:34.127 Component SVRTcli.exe version 2.5.6
2017-05-23 01:50:34.127 Component control.dll version 2.5.6
2017-05-23 01:50:34.127 Component SVRTservice.exe version 2.5.6
2017-05-23 01:50:34.127 Component engine\osdp.dll version 1.44.1.2281
2017-05-23 01:50:34.127 Component engine\veex.dll version 3.68.1.2281
2017-05-23 01:50:34.127 Component engine\savi.dll version 9.0.7.2281
2017-05-23 01:50:34.127 Component rkdisk.dll version 1.5.31.1
2017-05-23 01:50:34.127 Version info: Product version 2.5.6
2017-05-23 01:50:34.127 Version info: Detection engine 3.68.1
2017-05-23 01:50:34.127 Version info: Detection data 5.38
2017-05-23 01:50:34.127 Version info: Build date 4/4/2017
2017-05-23 01:50:34.127 Version info: Data files added 360
2017-05-23 01:50:34.127 Version info: Last successful update 5/18/2017 7:57:50 PM
2017-05-23 01:50:34.128 Error level 1
2017-05-23 01:50:34.846 Update successful
2017-05-23 01:50:47.976 Option all = no
2017-05-23 01:50:47.976 Option recurse = yes
2017-05-23 01:50:47.976 Option archive = no
2017-05-23 01:50:47.976 Option service = yes
2017-05-23 01:50:47.976 Option confirm = yes
2017-05-23 01:50:47.976 Option sxl = yes
2017-05-23 01:50:47.976 Option max-data-age = 35
2017-05-23 01:50:47.976 Option vdl-logging = yes
2017-05-23 01:50:47.976 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-05-23 01:50:47.976 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-05-23 01:50:47.976 Component SVRTcli.exe version 2.5.6
2017-05-23 01:50:47.976 Component control.dll version 2.5.6
2017-05-23 01:50:47.976 Component SVRTservice.exe version 2.5.6
2017-05-23 01:50:47.976 Component engine\osdp.dll version 1.44.1.2281
2017-05-23 01:50:47.976 Component engine\veex.dll version 3.68.1.2281
2017-05-23 01:50:47.976 Component engine\savi.dll version 9.0.7.2281
2017-05-23 01:50:47.976 Component rkdisk.dll version 1.5.31.1
2017-05-23 01:50:47.976 Version info: Product version 2.5.6
2017-05-23 01:50:47.976 Version info: Detection engine 3.68.1
2017-05-23 01:50:47.976 Version info: Detection data 5.38
2017-05-23 01:50:47.976 Version info: Build date 4/4/2017
2017-05-23 01:50:47.976 Version info: Data files added 379
2017-05-23 01:50:47.976 Version info: Last successful update 5/22/2017 9:50:34 PM

2017-05-23 01:51:11.147 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-05-23 01:51:11.147 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-05-23 01:51:11.148 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-05-23 01:51:11.151 The following items will be cleaned up:
2017-05-23 01:51:11.151 Troj/KvterMem-B
2017-05-23 01:51:52.437 Threat 'Troj/KvterMem-B' has been cleaned up.
2017-05-23 01:51:52.437 Process "C:\Windows\System32\regsvr32.exe:pid:00000974" belongs to 'Troj/KvterMem-B'.
2017-05-23 01:51:52.437 Process "C:\Windows\System32\regsvr32.exe:pid:00000974" has been cleaned up.
2017-05-23 01:51:52.437 Process "C:\Windows\System32\regsvr32.exe:pid:000017b0" belongs to 'Troj/KvterMem-B'.
2017-05-23 01:51:52.437 Process "C:\Windows\System32\regsvr32.exe:pid:000017b0" has been cleaned up.
2017-05-23 01:51:52.438 Process "C:\Windows\System32\regsvr32.exe:pid:00000974" belongs to 'Troj/KvterMem-B'.
2017-05-23 01:51:52.438 Process "C:\Windows\System32\regsvr32.exe:pid:00000974" has been cleaned up.
2017-05-23 01:51:52.438 Process "C:\Windows\System32\regsvr32.exe:pid:000017b0" belongs to 'Troj/KvterMem-B'.
2017-05-23 01:51:52.438 Process "C:\Windows\System32\regsvr32.exe:pid:000017b0" has been cleaned up.
2017-05-23 01:51:52.438 Memory area "System Memory" belongs to 'Troj/KvterMem-B'.
2017-05-23 01:51:52.438 Memory area "System Memory" has been cleaned up.
2017-05-23 01:51:52.438 Removal successful
2017-05-23 05:03:19.093 Could not open C:\boot\BCD
2017-05-23 05:03:39.393 Could not open C:\pagefile.sys
2017-05-23 05:14:46.798 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-05-23 05:14:46.798 Could not open C:\System Volume Information\{8875debe-3f46-11e7-a4a3-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-05-23 05:27:07.365 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-05-23 05:27:07.365 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-05-23 05:27:14.964 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-05-23 05:27:14.964 Could not open C:\Windows\System32\config\RegBack\SAM
2017-05-23 05:27:14.964 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-05-23 05:27:14.964 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-05-23 05:27:14.964 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-05-23 05:34:59.034 Could not open C:\Windows\Temp\TMP1754F9C75D4DB5A6
2017-05-23 06:11:03.081 Could not open LOGICAL:0004:00000000
2017-05-23 06:11:03.112 Could not open E:\
2017-05-23 06:24:20.103 Could not open H:\System Volume Information\{0ac823e6-94f6-11e3-8f9f-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-05-23 06:24:20.119 Could not open H:\System Volume Information\{214d4a94-2bb4-11e5-a54b-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-05-23 06:24:20.119 Could not open H:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-05-23 06:24:28.841 Error level 0

2017-05-23 12:49:40.622 Scan completed.
2017-05-23 12:49:40.622

------------------------------------------------------------

2017-06-14 01:03:33.956 Sophos Virus Removal Tool version 2.5.6
2017-06-14 01:03:33.956 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-06-14 01:03:33.956 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-06-14 01:03:33.956 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-06-14 01:03:33.957 Checking for updates...
2017-06-14 01:03:35.446 Update progress: proxy server not available
2017-06-14 01:05:33.438 Downloading updates...
2017-06-14 01:05:33.438 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-06-14 01:05:33.438 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-14 01:05:33.438 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-14 01:05:33.438 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-06-14 01:05:33.442 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-06-14 01:05:33.442 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-06-14 01:05:33.442 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-06-14 01:05:33.442 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-06-14 01:05:33.442 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-06-14 01:05:33.442 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-14 01:05:33.632 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-06-14 01:05:33.632 Update progress: [I19463] Product download size 13156674 bytes
2017-06-14 01:05:45.965 Option all = no
2017-06-14 01:05:45.965 Option recurse = yes
2017-06-14 01:05:45.965 Option archive = no
2017-06-14 01:05:45.965 Option service = yes
2017-06-14 01:05:45.965 Option confirm = yes
2017-06-14 01:05:45.965 Option sxl = yes
2017-06-14 01:05:45.967 Option max-data-age = 35
2017-06-14 01:05:45.967 Option vdl-logging = yes
2017-06-14 01:05:46.218 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-14 01:05:46.218 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-06-14 01:05:46.284 Component SVRTcli.exe version 2.5.6
2017-06-14 01:05:46.284 Component control.dll version 2.5.6
2017-06-14 01:05:46.284 Component SVRTservice.exe version 2.5.6
2017-06-14 01:05:46.285 Component engine\osdp.dll version 1.44.1.2281
2017-06-14 01:05:46.285 Component engine\veex.dll version 3.68.1.2281
2017-06-14 01:05:46.285 Component engine\savi.dll version 9.0.7.2281
2017-06-14 01:05:46.339 Component rkdisk.dll version 1.5.31.1
2017-06-14 01:05:46.339 Version info: Product version 2.5.6
2017-06-14 01:05:46.340 Version info: Detection engine 3.68.1
2017-06-14 01:05:46.340 Version info: Detection data 5.38
2017-06-14 01:05:46.340 Version info: Build date 4/4/2017
2017-06-14 01:05:46.340 Version info: Data files added 379
2017-06-14 01:05:46.340 Version info: Last successful update 5/22/2017 9:50:34 PM
2017-06-14 01:05:47.988 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-06-14 01:05:48.363 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-06-14 01:05:48.363 Update progress: [I19463] Product download size 715718 bytes
2017-06-14 01:05:50.473 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-06-14 01:05:50.473 Update progress: [I19463] Product download size 1057454 bytes
2017-06-14 01:05:54.265 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-06-14 01:05:54.442 Installing updates...
2017-06-14 01:05:58.257 Error level 1
2017-06-14 01:06:01.602 Update successful
2017-06-14 01:06:25.244 Option all = no
2017-06-14 01:06:25.244 Option recurse = yes
2017-06-14 01:06:25.244 Option archive = no
2017-06-14 01:06:25.244 Option service = yes
2017-06-14 01:06:25.244 Option confirm = yes
2017-06-14 01:06:25.244 Option sxl = yes
2017-06-14 01:06:25.246 Option max-data-age = 35
2017-06-14 01:06:25.246 Option vdl-logging = yes
2017-06-14 01:06:25.261 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-14 01:06:25.261 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-06-14 01:06:25.263 Component SVRTcli.exe version 2.5.6
2017-06-14 01:06:25.264 Component control.dll version 2.5.6
2017-06-14 01:06:25.264 Component SVRTservice.exe version 2.5.6
2017-06-14 01:06:25.264 Component engine\osdp.dll version 1.44.1.2285
2017-06-14 01:06:25.264 Component engine\veex.dll version 3.68.5.2285
2017-06-14 01:06:25.264 Component engine\savi.dll version 9.0.7.2285
2017-06-14 01:06:25.265 Component rkdisk.dll version 1.5.31.1
2017-06-14 01:06:25.265 Version info: Product version 2.5.6
2017-06-14 01:06:25.266 Version info: Detection engine 3.68.5
2017-06-14 01:06:25.266 Version info: Detection data 5.39
2017-06-14 01:06:25.266 Version info: Build date 5/2/2017
2017-06-14 01:06:25.266 Version info: Data files added 339
2017-06-14 01:06:25.266 Version info: Last successful update 6/13/2017 9:06:01 PM

2017-06-14 01:07:07.532 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-06-14 01:07:07.532 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-06-14 01:07:07.532 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-06-14 01:07:07.535 The following items will be cleaned up:
2017-06-14 01:07:07.535 Troj/KvterMem-B
2017-06-14 01:08:19.130 Threat 'Troj/KvterMem-B' has been cleaned up.
2017-06-14 01:08:19.130 Process "C:\Windows\System32\regsvr32.exe:pid:000013a8" belongs to 'Troj/KvterMem-B'.
2017-06-14 01:08:19.130 Process "C:\Windows\System32\regsvr32.exe:pid:000013a8" has been cleaned up.
2017-06-14 01:08:19.130 Process "C:\Windows\System32\regsvr32.exe:pid:000011a4" belongs to 'Troj/KvterMem-B'.
2017-06-14 01:08:19.130 Process "C:\Windows\System32\regsvr32.exe:pid:000011a4" has been cleaned up.
2017-06-14 01:08:19.131 Process "C:\Windows\System32\regsvr32.exe:pid:000013a8" belongs to 'Troj/KvterMem-B'.
2017-06-14 01:08:19.131 Process "C:\Windows\System32\regsvr32.exe:pid:000013a8" has been cleaned up.
2017-06-14 01:08:19.131 Process "C:\Windows\System32\regsvr32.exe:pid:000011a4" belongs to 'Troj/KvterMem-B'.
2017-06-14 01:08:19.131 Process "C:\Windows\System32\regsvr32.exe:pid:000011a4" has been cleaned up.
2017-06-14 01:08:19.131 Memory area "System Memory" belongs to 'Troj/KvterMem-B'.
2017-06-14 01:08:19.131 Memory area "System Memory" has been cleaned up.
2017-06-14 01:08:19.131 Removal successful
2017-06-14 02:06:15.560 Could not open C:\boot\BCD
2017-06-14 02:06:27.431 Could not open C:\pagefile.sys
2017-06-14 02:16:42.755 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-14 02:16:42.755 Could not open C:\System Volume Information\{9af946f5-4be3-11e7-8633-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-14 02:33:30.474 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-06-14 02:33:30.490 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-06-14 02:33:37.817 Could not open C:\Windows\System32\config\components
2017-06-14 02:33:37.956 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-06-14 02:33:37.958 Could not open C:\Windows\System32\config\RegBack\SAM
2017-06-14 02:33:37.970 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-06-14 02:33:37.972 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-06-14 02:33:37.974 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-06-14 03:01:41.401 Could not open LOGICAL:0004:00000000
2017-06-14 03:01:41.421 Could not open E:\
2017-06-14 03:01:48.202 Error level 0
2017-06-14 13:54:43.426 Sophos Virus Removal Tool version 2.5.6
2017-06-14 13:54:43.426 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-06-14 13:54:43.426 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-06-14 13:54:43.427 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-06-14 13:54:43.427 Checking for updates...
2017-06-14 13:54:43.878 Update progress: proxy server not available
2017-06-14 13:54:58.263 Downloading updates...
2017-06-14 13:54:58.264 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-06-14 13:54:58.264 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-14 13:54:58.264 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-14 13:54:58.264 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-06-14 13:54:58.264 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-06-14 13:54:58.264 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-06-14 13:54:58.264 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-06-14 13:54:58.265 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-06-14 13:54:58.265 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-06-14 13:54:58.265 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-06-14 13:54:58.265 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-06-14 13:54:58.265 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-06-14 13:54:58.265 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-06-14 13:54:58.265 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-06-14 13:54:58.265 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-06-14 13:54:58.265 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-06-14 13:54:58.265 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-06-14 13:54:58.265 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-06-14 13:54:58.265 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-14 13:54:58.518 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-06-14 13:54:58.598 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-06-14 13:54:58.743 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-06-14 13:54:58.825 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-06-14 13:54:58.828 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-06-14 13:54:59.145 Installing updates...
2017-06-14 13:55:24.862 Option all = no
2017-06-14 13:55:26.265 Option recurse = yes
2017-06-14 13:55:26.265 Option archive = no
2017-06-14 13:55:26.265 Option service = yes
2017-06-14 13:55:26.266 Option confirm = yes
2017-06-14 13:55:26.266 Option sxl = yes
2017-06-14 13:55:26.266 Option max-data-age = 35
2017-06-14 13:55:26.266 Option vdl-logging = yes
2017-06-14 13:55:26.266 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-14 13:55:26.266 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-06-14 13:55:26.266 Component SVRTcli.exe version 2.5.6
2017-06-14 13:55:26.266 Component control.dll version 2.5.6
2017-06-14 13:55:26.266 Component SVRTservice.exe version 2.5.6
2017-06-14 13:55:26.266 Component engine\osdp.dll version 1.44.1.2285
2017-06-14 13:55:26.266 Component engine\veex.dll version 3.68.5.2285
2017-06-14 13:55:26.266 Component engine\savi.dll version 9.0.7.2285
2017-06-14 13:55:26.266 Component rkdisk.dll version 1.5.31.1
2017-06-14 13:55:26.266 Version info: Product version 2.5.6
2017-06-14 13:55:26.266 Version info: Detection engine 3.68.5
2017-06-14 13:55:26.266 Version info: Detection data 5.39
2017-06-14 13:55:26.266 Version info: Build date 5/2/2017
2017-06-14 13:55:26.266 Version info: Data files added 339
2017-06-14 13:55:26.266 Version info: Last successful update 6/13/2017 9:06:01 PM
2017-06-14 13:55:26.266 Error level 1
2017-06-14 13:55:26.825 Update successful
2017-06-14 13:55:40.849 Option all = no
2017-06-14 13:55:40.849 Option recurse = yes
2017-06-14 13:55:40.849 Option archive = no
2017-06-14 13:55:40.849 Option service = yes
2017-06-14 13:55:40.849 Option confirm = yes
2017-06-14 13:55:40.849 Option sxl = yes
2017-06-14 13:55:40.851 Option max-data-age = 35
2017-06-14 13:55:40.851 Option vdl-logging = yes
2017-06-14 13:55:40.855 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-14 13:55:40.855 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-06-14 13:55:40.857 Component SVRTcli.exe version 2.5.6
2017-06-14 13:55:40.857 Component control.dll version 2.5.6
2017-06-14 13:55:40.857 Component SVRTservice.exe version 2.5.6
2017-06-14 13:55:40.857 Component engine\osdp.dll version 1.44.1.2285
2017-06-14 13:55:40.858 Component engine\veex.dll version 3.68.5.2285
2017-06-14 13:55:40.858 Component engine\savi.dll version 9.0.7.2285
2017-06-14 13:55:40.859 Component rkdisk.dll version 1.5.31.1
2017-06-14 13:55:40.859 Version info: Product version 2.5.6
2017-06-14 13:55:40.859 Version info: Detection engine 3.68.5
2017-06-14 13:55:40.859 Version info: Detection data 5.39
2017-06-14 13:55:40.859 Version info: Build date 5/2/2017
2017-06-14 13:55:40.859 Version info: Data files added 339
2017-06-14 13:55:40.859 Version info: Last successful update 6/14/2017 9:55:26 AM

2017-06-14 13:55:49.237 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-06-14 13:55:49.237 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-06-14 13:55:49.238 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-06-14 13:55:49.238 The following items will be cleaned up:
2017-06-14 13:55:49.238 Troj/KvterMem-B
2017-06-14 13:56:31.756 Threat 'Troj/KvterMem-B' has been cleaned up.
2017-06-14 13:56:31.757 Process "C:\Windows\System32\regsvr32.exe:pid:000011f0" belongs to 'Troj/KvterMem-B'.
2017-06-14 13:56:31.757 Process "C:\Windows\System32\regsvr32.exe:pid:000011f0" has been cleaned up.
2017-06-14 13:56:31.757 Process "C:\Windows\System32\regsvr32.exe:pid:0000117c" belongs to 'Troj/KvterMem-B'.
2017-06-14 13:56:31.757 Process "C:\Windows\System32\regsvr32.exe:pid:0000117c" has been cleaned up.
2017-06-14 13:56:31.757 Process "C:\Windows\System32\regsvr32.exe:pid:000011f0" belongs to 'Troj/KvterMem-B'.
2017-06-14 13:56:31.757 Process "C:\Windows\System32\regsvr32.exe:pid:000011f0" has been cleaned up.
2017-06-14 13:56:31.757 Process "C:\Windows\System32\regsvr32.exe:pid:0000117c" belongs to 'Troj/KvterMem-B'.
2017-06-14 13:56:31.757 Process "C:\Windows\System32\regsvr32.exe:pid:0000117c" has been cleaned up.
2017-06-14 13:56:31.757 Memory area "System Memory" belongs to 'Troj/KvterMem-B'.
2017-06-14 13:56:31.757 Memory area "System Memory" has been cleaned up.
2017-06-14 13:56:31.757 Removal successful
2017-06-14 14:31:37.256 Could not open C:\boot\BCD
2017-06-14 14:31:45.880 Could not open C:\pagefile.sys
2017-06-14 14:43:28.429 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-14 14:43:28.429 Could not open C:\System Volume Information\{9af946f5-4be3-11e7-8633-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-14 15:05:10.324 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-06-14 15:05:10.325 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-06-14 15:05:19.062 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-06-14 15:05:19.064 Could not open C:\Windows\System32\config\RegBack\SAM
2017-06-14 15:05:19.065 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-06-14 15:05:19.066 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-06-14 15:05:19.068 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-06-14 15:36:48.345 Could not open LOGICAL:0004:00000000
2017-06-14 15:36:48.366 Could not open E:\
2017-06-14 15:36:50.041 Error level 0

2017-06-15 01:07:34.321 Scan completed.
2017-06-15 01:07:34.321

------------------------------------------------------------

2017-06-19 22:39:15.541 Sophos Virus Removal Tool version 2.5.6
2017-06-19 22:39:15.541 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-06-19 22:39:15.541 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-06-19 22:39:15.541 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-06-19 22:39:15.542 Checking for updates...
2017-06-19 22:39:16.734 Update progress: proxy server not available
2017-06-19 22:39:31.408 Downloading updates...
2017-06-19 22:39:31.411 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-06-19 22:39:31.411 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-19 22:39:31.411 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-19 22:39:31.411 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-06-19 22:39:31.411 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-06-19 22:39:31.411 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-06-19 22:39:31.411 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-06-19 22:39:31.411 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-06-19 22:39:31.411 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-06-19 22:39:31.411 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-06-19 22:39:31.411 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-06-19 22:39:31.411 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-06-19 22:39:31.413 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-06-19 22:39:31.413 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-06-19 22:39:31.413 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-06-19 22:39:31.413 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-06-19 22:39:31.413 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-06-19 22:39:31.413 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-06-19 22:39:31.413 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-19 22:39:31.632 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-06-19 22:39:31.744 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-06-19 22:39:31.848 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-06-19 22:39:31.905 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-06-19 22:39:31.905 Update progress: [I19463] Product download size 302726 bytes
2017-06-19 22:39:32.699 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-06-19 22:39:32.946 Installing updates...
2017-06-19 22:39:50.133 Option all = no
2017-06-19 22:39:51.333 Option recurse = yes
2017-06-19 22:39:51.333 Option archive = no
2017-06-19 22:39:51.333 Option service = yes
2017-06-19 22:39:51.333 Option confirm = yes
2017-06-19 22:39:51.333 Option sxl = yes
2017-06-19 22:39:51.333 Option max-data-age = 35
2017-06-19 22:39:51.333 Option vdl-logging = yes
2017-06-19 22:39:51.334 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-19 22:39:51.334 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-06-19 22:39:51.334 Component SVRTcli.exe version 2.5.6
2017-06-19 22:39:51.334 Component control.dll version 2.5.6
2017-06-19 22:39:51.334 Component SVRTservice.exe version 2.5.6
2017-06-19 22:39:51.334 Component engine\osdp.dll version 1.44.1.2285
2017-06-19 22:39:51.334 Component engine\veex.dll version 3.68.5.2285
2017-06-19 22:39:51.334 Component engine\savi.dll version 9.0.7.2285
2017-06-19 22:39:51.334 Component rkdisk.dll version 1.5.31.1
2017-06-19 22:39:51.334 Version info: Product version 2.5.6
2017-06-19 22:39:51.334 Version info: Detection engine 3.68.5
2017-06-19 22:39:51.334 Version info: Detection data 5.39
2017-06-19 22:39:51.334 Version info: Build date 5/2/2017
2017-06-19 22:39:51.334 Version info: Data files added 339
2017-06-19 22:39:51.334 Version info: Last successful update 6/14/2017 9:55:26 AM
2017-06-19 22:39:51.334 Error level 1
2017-06-19 22:39:52.056 Update successful
2017-06-19 22:40:05.253 Option all = no
2017-06-19 22:40:05.253 Option recurse = yes
2017-06-19 22:40:05.253 Option archive = no
2017-06-19 22:40:05.253 Option service = yes
2017-06-19 22:40:05.253 Option confirm = yes
2017-06-19 22:40:05.253 Option sxl = yes
2017-06-19 22:40:05.255 Option max-data-age = 35
2017-06-19 22:40:05.255 Option vdl-logging = yes
2017-06-19 22:40:05.259 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-19 22:40:05.259 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-06-19 22:40:05.260 Component SVRTcli.exe version 2.5.6
2017-06-19 22:40:05.260 Component control.dll version 2.5.6
2017-06-19 22:40:05.260 Component SVRTservice.exe version 2.5.6
2017-06-19 22:40:05.261 Component engine\osdp.dll version 1.44.1.2285
2017-06-19 22:40:05.261 Component engine\veex.dll version 3.68.5.2285
2017-06-19 22:40:05.261 Component engine\savi.dll version 9.0.7.2285
2017-06-19 22:40:05.262 Component rkdisk.dll version 1.5.31.1
2017-06-19 22:40:05.262 Version info: Product version 2.5.6
2017-06-19 22:40:05.263 Version info: Detection engine 3.68.5
2017-06-19 22:40:05.263 Version info: Detection data 5.39
2017-06-19 22:40:05.263 Version info: Build date 5/2/2017
2017-06-19 22:40:05.263 Version info: Data files added 362
2017-06-19 22:40:05.263 Version info: Last successful update 6/19/2017 6:39:52 PM

2017-06-19 22:40:14.121 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-06-19 22:40:14.121 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-06-19 22:40:14.121 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-06-19 22:40:14.125 The following items will be cleaned up:
2017-06-19 22:40:14.125 Troj/KvterMem-B
2017-06-19 22:40:35.539 Threat 'Troj/KvterMem-B' has been cleaned up.
2017-06-19 22:40:35.539 Process "C:\Windows\System32\regsvr32.exe:pid:00000cd8" belongs to 'Troj/KvterMem-B'.
2017-06-19 22:40:35.539 Process "C:\Windows\System32\regsvr32.exe:pid:00000cd8" has been cleaned up.
2017-06-19 22:40:35.540 Process "C:\Windows\System32\regsvr32.exe:pid:00000ffc" belongs to 'Troj/KvterMem-B'.
2017-06-19 22:40:35.540 Process "C:\Windows\System32\regsvr32.exe:pid:00000ffc" has been cleaned up.
2017-06-19 22:40:35.540 Process "C:\Windows\System32\regsvr32.exe:pid:00000cd8" belongs to 'Troj/KvterMem-B'.
2017-06-19 22:40:35.540 Process "C:\Windows\System32\regsvr32.exe:pid:00000cd8" has been cleaned up.
2017-06-19 22:40:35.540 Process "C:\Windows\System32\regsvr32.exe:pid:00000ffc" belongs to 'Troj/KvterMem-B'.
2017-06-19 22:40:35.540 Process "C:\Windows\System32\regsvr32.exe:pid:00000ffc" has been cleaned up.
2017-06-19 22:40:35.540 Memory area "System Memory" belongs to 'Troj/KvterMem-B'.
2017-06-19 22:40:35.540 Memory area "System Memory" has been cleaned up.
2017-06-19 22:40:35.540 Removal successful
2017-06-19 23:08:13.689 Could not open C:\boot\BCD
2017-06-19 23:08:18.706 Could not open C:\pagefile.sys
2017-06-19 23:17:47.458 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-19 23:17:47.458 Could not open C:\System Volume Information\{8d85be61-51cc-11e7-9437-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-19 23:17:47.459 Could not open C:\System Volume Information\{9af946f5-4be3-11e7-8633-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-19 23:35:08.412 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-06-19 23:35:08.627 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-06-19 23:35:16.709 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-06-19 23:35:16.711 Could not open C:\Windows\System32\config\RegBack\SAM
2017-06-19 23:35:16.713 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-06-19 23:35:16.715 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-06-19 23:35:16.716 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-06-20 00:15:22.895 Could not open LOGICAL:0004:00000000
2017-06-20 00:15:22.928 Could not open E:\
2017-06-20 00:15:54.971 Error level 0

2017-06-20 00:56:03.260 Scan completed.
2017-06-20 00:56:03.260

------------------------------------------------------------

2017-06-20 00:57:54.088 Sophos Virus Removal Tool version 2.5.6
2017-06-20 00:57:54.088 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-06-20 00:57:54.088 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-06-20 00:57:54.089 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-06-20 00:57:54.090 Checking for updates...
2017-06-20 00:57:54.590 Update progress: proxy server not available
2017-06-20 00:58:09.916 Downloading updates...
2017-06-20 00:58:09.934 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-06-20 00:58:09.934 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-20 00:58:09.934 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-20 00:58:09.934 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-06-20 00:58:09.934 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-06-20 00:58:09.934 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-06-20 00:58:09.934 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-06-20 00:58:09.934 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-06-20 00:58:09.934 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-06-20 00:58:09.935 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-06-20 00:58:09.935 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-06-20 00:58:09.935 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-06-20 00:58:09.935 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-06-20 00:58:09.935 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-06-20 00:58:09.935 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-06-20 00:58:09.935 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-06-20 00:58:09.935 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-06-20 00:58:09.935 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-06-20 00:58:09.935 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-20 00:58:10.137 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-06-20 00:58:10.213 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-06-20 00:58:10.306 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-06-20 00:58:10.385 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-06-20 00:58:10.389 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-06-20 00:58:10.642 Installing updates...
2017-06-20 00:58:41.480 Update successful
2017-06-20 00:58:45.482 Error: an instance of this application is already running.
2017-06-20 00:58:47.638 Option all = no
2017-06-20 00:58:49.242 Option recurse = yes
2017-06-20 00:58:49.242 Option archive = no
2017-06-20 00:58:49.242 Option service = yes
2017-06-20 00:58:49.242 Option confirm = yes
2017-06-20 00:58:49.242 Option sxl = yes
2017-06-20 00:58:49.243 Option max-data-age = 35
2017-06-20 00:58:49.243 Option vdl-logging = yes
2017-06-20 00:58:49.243 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-20 00:58:49.243 Machine ID: 1703a9eb0dd1428faa7d6b1eab55e7bb
2017-06-20 00:58:49.243 Component SVRTcli.exe version 2.5.6
2017-06-20 00:58:49.243 Component control.dll version 2.5.6
2017-06-20 00:58:49.243 Component SVRTservice.exe version 2.5.6
2017-06-20 00:58:49.243 Component engine\osdp.dll version 1.44.1.2285
2017-06-20 00:58:49.243 Component engine\veex.dll version 3.68.5.2285
2017-06-20 00:58:49.243 Component engine\savi.dll version 9.0.7.2285
2017-06-20 00:58:49.243 Component rkdisk.dll version 1.5.31.1
2017-06-20 00:58:49.243 Version info: Product version 2.5.6
2017-06-20 00:58:49.243 Version info: Detection engine 3.68.5
2017-06-20 00:58:49.243 Version info: Detection data 5.39
2017-06-20 00:58:49.243 Version info: Build date 5/2/2017
2017-06-20 00:58:49.243 Version info: Data files added 362
2017-06-20 00:58:49.243 Version info: Last successful update 6/19/2017 8:58:41 PM
2017-06-20 00:58:49.244 Error level 1

2017-06-20 01:02:14.199 Scan failed due to fatal error.
2017-06-20 01:02:14.199

------------------------------------------------------------

2017-06-26 00:49:15.940 Sophos Virus Removal Tool version 2.6.0
2017-06-26 00:49:15.940 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-06-26 00:49:15.940 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-06-26 00:49:15.940 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-06-26 00:49:15.940 Checking for updates...
2017-06-26 00:49:22.315 Update progress: proxy server not available
2017-06-26 00:49:50.452 Option all = no
2017-06-26 00:49:50.452 Option recurse = yes
2017-06-26 00:49:50.452 Option archive = no
2017-06-26 00:49:50.452 Option service = yes
2017-06-26 00:49:50.452 Option confirm = yes
2017-06-26 00:49:50.452 Option sxl = yes
2017-06-26 00:49:50.454 Option max-data-age = 35
2017-06-26 00:49:50.454 Option vdl-logging = yes
2017-06-26 00:49:50.460 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-26 00:49:50.460 Machine ID: fbc1daf47d5d4e9db999c320bb7d4f94
2017-06-26 00:49:50.461 Component SVRTcli.exe version 2.6.0
2017-06-26 00:49:50.462 Component control.dll version 2.6.0
2017-06-26 00:49:50.462 Component SVRTservice.exe version 2.6.0
2017-06-26 00:49:50.462 Component engine\osdp.dll version 1.44.1.2285
2017-06-26 00:49:50.463 Component engine\veex.dll version 3.68.5.2285
2017-06-26 00:49:50.463 Component engine\savi.dll version 9.0.7.2285
2017-06-26 00:49:50.464 Component rkdisk.dll version 1.5.31.1
2017-06-26 00:49:50.464 Version info: Product version 2.6.0
2017-06-26 00:49:50.464 Version info: Detection engine 3.68.5
2017-06-26 00:49:50.465 Version info: Detection data 5.39
2017-06-26 00:49:50.465 Version info: Build date 5/2/2017
2017-06-26 00:49:50.465 Version info: Data files added 363
2017-06-26 00:49:50.465 Version info: Last successful update (not yet updated)
2017-06-26 00:50:01.475 Downloading updates...
2017-06-26 00:50:01.479 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-06-26 00:50:01.479 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-26 00:50:01.479 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-26 00:50:01.479 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-06-26 00:50:01.479 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-06-26 00:50:01.479 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-06-26 00:50:01.479 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-06-26 00:50:01.479 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-06-26 00:50:01.479 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-06-26 00:50:01.479 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-06-26 00:50:01.642 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-06-26 00:50:01.741 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-06-26 00:50:01.840 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-06-26 00:50:01.907 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-06-26 00:50:01.907 Update progress: [I19463] Product download size 563046 bytes
2017-06-26 00:50:02.782 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-06-26 00:50:03.002 Installing updates...
2017-06-26 00:50:04.230 Error level 1
2017-06-26 00:50:06.081 Update successful
2017-06-26 00:50:23.082 Option all = no
2017-06-26 00:50:23.082 Option recurse = yes
2017-06-26 00:50:23.082 Option archive = no
2017-06-26 00:50:23.082 Option service = yes
2017-06-26 00:50:23.082 Option confirm = yes
2017-06-26 00:50:23.082 Option sxl = yes
2017-06-26 00:50:23.084 Option max-data-age = 35
2017-06-26 00:50:23.084 Option vdl-logging = yes
2017-06-26 00:50:23.089 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-06-26 00:50:23.089 Machine ID: fbc1daf47d5d4e9db999c320bb7d4f94
2017-06-26 00:50:23.090 Component SVRTcli.exe version 2.6.0
2017-06-26 00:50:23.090 Component control.dll version 2.6.0
2017-06-26 00:50:23.090 Component SVRTservice.exe version 2.6.0
2017-06-26 00:50:23.090 Component engine\osdp.dll version 1.44.1.2285
2017-06-26 00:50:23.091 Component engine\veex.dll version 3.68.5.2285
2017-06-26 00:50:23.091 Component engine\savi.dll version 9.0.7.2285
2017-06-26 00:50:23.091 Component rkdisk.dll version 1.5.31.1
2017-06-26 00:50:23.092 Version info: Product version 2.6.0
2017-06-26 00:50:23.092 Version info: Detection engine 3.68.5
2017-06-26 00:50:23.092 Version info: Detection data 5.39
2017-06-26 00:50:23.092 Version info: Build date 5/2/2017
2017-06-26 00:50:23.092 Version info: Data files added 392
2017-06-26 00:50:23.092 Version info: Last successful update 6/25/2017 8:50:06 PM

2017-06-26 00:50:49.936 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-06-26 00:50:49.936 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-06-26 00:50:49.936 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-06-26 00:50:49.941 The following items will be cleaned up:
2017-06-26 00:50:49.941 Troj/KvterMem-B
2017-06-26 00:52:53.354 Threat 'Troj/KvterMem-B' has been cleaned up.
2017-06-26 00:52:53.354 Process "C:\Windows\System32\regsvr32.exe:pid:0000127c" belongs to 'Troj/KvterMem-B'.
2017-06-26 00:52:53.354 Process "C:\Windows\System32\regsvr32.exe:pid:0000127c" has been cleaned up.
2017-06-26 00:52:53.354 Process "C:\Windows\System32\regsvr32.exe:pid:00001714" belongs to 'Troj/KvterMem-B'.
2017-06-26 00:52:53.354 Process "C:\Windows\System32\regsvr32.exe:pid:00001714" has been cleaned up.
2017-06-26 00:52:53.354 Process "C:\Windows\System32\regsvr32.exe:pid:0000127c" belongs to 'Troj/KvterMem-B'.
2017-06-26 00:52:53.354 Process "C:\Windows\System32\regsvr32.exe:pid:0000127c" has been cleaned up.
2017-06-26 00:52:53.354 Process "C:\Windows\System32\regsvr32.exe:pid:00001714" belongs to 'Troj/KvterMem-B'.
2017-06-26 00:52:53.355 Process "C:\Windows\System32\regsvr32.exe:pid:00001714" has been cleaned up.
2017-06-26 00:52:53.355 Memory area "System Memory" belongs to 'Troj/KvterMem-B'.
2017-06-26 00:52:53.355 Memory area "System Memory" has been cleaned up.
2017-06-26 00:52:53.355 Removal successful
2017-06-26 01:34:13.004 Could not open C:\boot\BCD
2017-06-26 01:34:25.255 Could not open C:\pagefile.sys
2017-06-26 01:47:58.182 Could not open C:\System Volume Information\{08a8afc3-590e-11e7-ae93-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-26 01:47:58.183 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-26 01:47:58.183 Could not open C:\System Volume Information\{94b7d771-5908-11e7-b32d-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-26 01:47:58.183 Could not open C:\System Volume Information\{94b7d780-5908-11e7-b32d-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-26 01:47:58.184 Could not open C:\System Volume Information\{94b7d795-5908-11e7-b32d-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-26 01:47:58.184 Could not open C:\System Volume Information\{94b7d8c6-5908-11e7-b32d-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-26 01:47:58.185 Could not open C:\System Volume Information\{be765e54-5281-11e7-aabd-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-06-26 02:17:27.863 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-06-26 02:17:27.865 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-06-26 02:17:41.318 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-06-26 02:17:41.319 Could not open C:\Windows\System32\config\RegBack\SAM
2017-06-26 02:17:41.321 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-06-26 02:17:41.349 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-06-26 02:17:41.351 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-06-26 02:46:32.212 Could not open LOGICAL:0004:00000000
2017-06-26 02:46:32.232 Could not open E:\
2017-06-26 02:46:34.091 Error level 0
2017-07-01 18:52:24.665 Sophos Virus Removal Tool version 2.6.0
2017-07-01 18:52:24.665 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-07-01 18:52:24.665 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-07-01 18:52:24.665 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-07-01 18:52:24.666 Checking for updates...
2017-07-01 18:52:29.703 Update progress: proxy server not available
2017-07-01 18:54:41.008 Option all = no
2017-07-01 18:54:41.008 Option recurse = yes
2017-07-01 18:54:41.008 Option archive = no
2017-07-01 18:54:41.008 Option service = yes
2017-07-01 18:54:41.008 Option confirm = yes
2017-07-01 18:54:41.008 Option sxl = yes
2017-07-01 18:54:41.008 Option max-data-age = 35
2017-07-01 18:54:41.008 Option vdl-logging = yes
2017-07-01 18:54:41.008 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-07-01 18:54:41.008 Machine ID: fbc1daf47d5d4e9db999c320bb7d4f94
2017-07-01 18:54:41.133 Component SVRTcli.exe version 2.6.0
2017-07-01 18:54:41.133 Component control.dll version 2.6.0
2017-07-01 18:54:41.149 Component SVRTservice.exe version 2.6.0
2017-07-01 18:54:41.149 Component engine\osdp.dll version 1.44.1.2285
2017-07-01 18:54:41.149 Component engine\veex.dll version 3.68.5.2285
2017-07-01 18:54:41.149 Component engine\savi.dll version 9.0.7.2285
2017-07-01 18:54:41.242 Component rkdisk.dll version 1.5.31.1
2017-07-01 18:54:41.242 Version info: Product version 2.6.0
2017-07-01 18:54:41.242 Version info: Detection engine 3.68.5
2017-07-01 18:54:41.242 Version info: Detection data 5.39
2017-07-01 18:54:41.242 Version info: Build date 5/2/2017
2017-07-01 18:54:41.242 Version info: Data files added 392
2017-07-01 18:54:41.242 Version info: Last successful update 6/25/2017 8:50:06 PM
2017-07-01 18:54:47.206 Downloading updates...
2017-07-01 18:54:47.206 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-07-01 18:54:47.206 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-01 18:54:47.206 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-01 18:54:47.206 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-07-01 18:54:47.206 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-07-01 18:54:47.206 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-07-01 18:54:47.206 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-07-01 18:54:47.206 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-07-01 18:54:47.206 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-07-01 18:54:47.206 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-01 18:54:47.362 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-07-01 18:54:47.455 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-07-01 18:54:47.533 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-07-01 18:54:47.596 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-07-01 18:54:47.596 Update progress: [I19463] Product download size 95004 bytes
2017-07-01 18:54:48.033 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-07-01 18:54:48.033 Update progress: [I19463] Product download size 358172 bytes
2017-07-01 18:54:50.289 Installing updates...
2017-07-01 18:54:51.303 Error level 1
2017-07-01 18:54:52.754 Update successful
2017-07-01 18:55:08.384 Option all = no
2017-07-01 18:55:08.384 Option recurse = yes
2017-07-01 18:55:08.384 Option archive = no
2017-07-01 18:55:08.384 Option service = yes
2017-07-01 18:55:08.384 Option confirm = yes
2017-07-01 18:55:08.384 Option sxl = yes
2017-07-01 18:55:08.384 Option max-data-age = 35
2017-07-01 18:55:08.384 Option vdl-logging = yes
2017-07-01 18:55:08.416 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-07-01 18:55:08.416 Machine ID: fbc1daf47d5d4e9db999c320bb7d4f94
2017-07-01 18:55:08.416 Component SVRTcli.exe version 2.6.0
2017-07-01 18:55:08.416 Component control.dll version 2.6.0
2017-07-01 18:55:08.416 Component SVRTservice.exe version 2.6.0
2017-07-01 18:55:08.416 Component engine\osdp.dll version 1.44.1.2285
2017-07-01 18:55:08.416 Component engine\veex.dll version 3.68.5.2285
2017-07-01 18:55:08.416 Component engine\savi.dll version 9.0.7.2285
2017-07-01 18:55:08.416 Component rkdisk.dll version 1.5.31.1
2017-07-01 18:55:08.416 Version info: Product version 2.6.0
2017-07-01 18:55:08.416 Version info: Detection engine 3.68.5
2017-07-01 18:55:08.416 Version info: Detection data 5.39
2017-07-01 18:55:08.416 Version info: Build date 5/2/2017
2017-07-01 18:55:08.416 Version info: Data files added 423
2017-07-01 18:55:08.416 Version info: Last successful update 7/1/2017 2:54:52 PM

2017-07-01 19:18:37.222 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-07-01 19:18:37.438 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-07-01 19:18:37.438 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-07-01 19:18:37.463 The following items will be cleaned up:
2017-07-01 19:18:37.463 Troj/KvterMem-B
2017-07-01 19:34:46.016 Threat 'Troj/KvterMem-B' has been cleaned up.
2017-07-01 19:34:46.016 Process "C:\Windows\System32\regsvr32.exe:pid:0000106c" belongs to 'Troj/KvterMem-B'.
2017-07-01 19:34:46.016 Process "C:\Windows\System32\regsvr32.exe:pid:0000106c" has been cleaned up.
2017-07-01 19:34:46.017 Process "C:\Windows\System32\regsvr32.exe:pid:00000f5c" belongs to 'Troj/KvterMem-B'.
2017-07-01 19:34:46.017 Process "C:\Windows\System32\regsvr32.exe:pid:00000f5c" has been cleaned up.
2017-07-01 19:34:46.017 Process "C:\Windows\System32\regsvr32.exe:pid:0000106c" belongs to 'Troj/KvterMem-B'.
2017-07-01 19:34:46.017 Process "C:\Windows\System32\regsvr32.exe:pid:0000106c" has been cleaned up.
2017-07-01 19:34:46.017 Process "C:\Windows\System32\regsvr32.exe:pid:00000f5c" belongs to 'Troj/KvterMem-B'.
2017-07-01 19:34:46.017 Process "C:\Windows\System32\regsvr32.exe:pid:00000f5c" has been cleaned up.
2017-07-01 19:34:46.017 Memory area "System Memory" belongs to 'Troj/KvterMem-B'.
2017-07-01 19:34:46.017 Memory area "System Memory" has been cleaned up.
2017-07-01 19:34:46.017 Removal successful
2017-07-01 19:59:21.190 Could not open C:\boot\BCD
2017-07-01 19:59:31.845 Could not open C:\pagefile.sys
2017-07-01 20:07:06.292 Could not open C:\System Volume Information\{08a8afc3-590e-11e7-ae93-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-01 20:07:06.292 Could not open C:\System Volume Information\{19fb390f-5e81-11e7-b28b-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-01 20:07:06.292 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-01 20:07:06.292 Could not open C:\System Volume Information\{9263f8dd-5e85-11e7-9018-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-01 20:07:06.292 Could not open C:\System Volume Information\{9263f8e4-5e85-11e7-9018-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-01 20:07:06.292 Could not open C:\System Volume Information\{9263f8e8-5e85-11e7-9018-002564cb118e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-01 20:21:30.176 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-07-01 20:21:30.176 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-07-01 20:21:45.616 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-07-01 20:21:45.618 Could not open C:\Windows\System32\config\RegBack\SAM
2017-07-01 20:21:45.619 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-07-01 20:21:45.620 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-07-01 20:21:45.622 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-07-01 20:46:32.203 Could not open LOGICAL:0004:00000000
2017-07-01 20:46:32.219 Could not open E:\
2017-07-01 20:46:36.897 Error level 0

2017-07-11 00:19:23.555 Scan completed.
2017-07-11 00:19:23.555

------------------------------------------------------------

2017-07-21 18:01:53.802 Sophos Virus Removal Tool version 2.6.0
2017-07-21 18:01:53.802 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-07-21 18:01:53.802 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-07-21 18:01:53.802 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-07-21 18:01:53.803 Checking for updates...
2017-07-21 18:01:54.965 Update progress: proxy server not available
2017-07-21 18:04:15.555 Option all = no
2017-07-21 18:04:15.556 Option recurse = yes
2017-07-21 18:04:15.556 Option archive = no
2017-07-21 18:04:15.556 Option service = yes
2017-07-21 18:04:15.556 Option confirm = yes
2017-07-21 18:04:15.556 Option sxl = yes
2017-07-21 18:04:15.558 Option max-data-age = 35
2017-07-21 18:04:15.558 Option vdl-logging = yes
2017-07-21 18:04:15.684 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-07-21 18:04:15.684 Machine ID: fbc1daf47d5d4e9db999c320bb7d4f94
2017-07-21 18:04:15.895 Component SVRTcli.exe version 2.6.0
2017-07-21 18:04:15.895 Component control.dll version 2.6.0
2017-07-21 18:04:15.896 Component SVRTservice.exe version 2.6.0
2017-07-21 18:04:15.896 Component engine\osdp.dll version 1.44.1.2285
2017-07-21 18:04:15.896 Component engine\veex.dll version 3.68.5.2285
2017-07-21 18:04:15.896 Component engine\savi.dll version 9.0.7.2285
2017-07-21 18:04:16.099 Component rkdisk.dll version 1.5.31.1
2017-07-21 18:04:16.100 Version info: Product version 2.6.0
2017-07-21 18:04:16.101 Version info: Detection engine 3.68.5
2017-07-21 18:04:16.101 Version info: Detection data 5.39
2017-07-21 18:04:16.101 Version info: Build date 5/2/2017
2017-07-21 18:04:16.101 Version info: Data files added 423
2017-07-21 18:04:16.101 Version info: Last successful update 7/1/2017 2:54:52 PM
2017-07-21 18:05:03.808 Update error: invalid login credentials (error 5)
[T46381] ..\SUL\Handle.cpp:98 + SU::Handle::readRemoteMetadata()
[T75884] ..\SUL\Metadata.cpp:144 SU::Metadata::readRemoteMetadata()
[I40394] Downloading customer file from sophos:1:1
[E19127] Couldn't find DCI for user. URL was: dci.sophosupd.com/update
[I31036] No proxy was used.
[I40394] Downloading customer file from sophos:2:1
[E19127] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
[I31036] No proxy was used.
[I40394] Downloading customer file from sophos:3:1
[E75373] Ran out of sophos aliases for this update source
[E54187] Couldn't find DCI for user. URL was: dci.sophosupd.net/update

2017-07-21 18:20:02.255 Scan completed.
2017-07-21 18:20:02.255

------------------------------------------------------------

2017-08-06 19:31:41.587 Sophos Virus Removal Tool version 2.6.0
2017-08-06 19:31:41.587 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-08-06 19:31:41.587 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-08-06 19:31:41.587 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-08-06 19:31:41.628 Checking for updates...
2017-08-06 19:31:44.337 Update progress: proxy server not available
2017-08-06 19:34:29.685 Option all = no
2017-08-06 19:34:29.741 Option recurse = yes
2017-08-06 19:34:29.741 Option archive = no
2017-08-06 19:34:29.741 Option service = yes
2017-08-06 19:34:29.741 Option confirm = yes
2017-08-06 19:34:29.741 Option sxl = yes
2017-08-06 19:34:29.741 Option max-data-age = 35
2017-08-06 19:34:29.741 Option vdl-logging = yes
2017-08-06 19:34:29.744 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-08-06 19:34:29.744 Machine ID: fbc1daf47d5d4e9db999c320bb7d4f94
2017-08-06 19:34:29.910 Component SVRTcli.exe version 2.6.0
2017-08-06 19:34:29.910 Component control.dll version 2.6.0
2017-08-06 19:34:29.910 Component SVRTservice.exe version 2.6.0
2017-08-06 19:34:29.910 Component engine\osdp.dll version 1.44.1.2285
2017-08-06 19:34:29.911 Component engine\veex.dll version 3.68.5.2285
2017-08-06 19:34:29.911 Component engine\savi.dll version 9.0.7.2285
2017-08-06 19:34:30.022 Component rkdisk.dll version 1.5.31.1
2017-08-06 19:34:30.086 Version info: Product version 2.6.0
2017-08-06 19:34:30.086 Version info: Detection engine 3.68.5
2017-08-06 19:34:30.086 Version info: Detection data 5.39
2017-08-06 19:34:30.086 Version info: Build date 5/2/2017
2017-08-06 19:34:30.086 Version info: Data files added 423
2017-08-06 19:34:30.086 Version info: Last successful update 7/1/2017 2:54:52 PM
2017-08-06 19:35:23.417 Update error: invalid login credentials (error 5)
[T46381] ..\SUL\Handle.cpp:98 + SU::Handle::readRemoteMetadata()
[T75884] ..\SUL\Metadata.cpp:144 SU::Metadata::readRemoteMetadata()
[I40394] Downloading customer file from sophos:1:1
[E19127] Couldn't find DCI for user. URL was: dci.sophosupd.com/update
[I31036] No proxy was used.
[I40394] Downloading customer file from sophos:2:1
[E19127] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
[I31036] No proxy was used.
[I40394] Downloading customer file from sophos:3:1
[E75373] Ran out of sophos aliases for this update source
[E54187] Couldn't find DCI for user. URL was: dci.sophosupd.net/update

2017-08-07 00:07:54.278 Scan completed.
2017-08-07 00:07:54.278

------------------------------------------------------------

2017-08-07 00:09:59.862 Sophos Virus Removal Tool version 2.6.1
2017-08-07 00:09:59.862 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-08-07 00:09:59.862 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-08-07 00:09:59.863 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 Win32
2017-08-07 00:09:59.915 Checking for updates...
2017-08-07 00:10:02.551 Update progress: proxy server not available
2017-08-07 00:11:30.595 Option all = no
2017-08-07 00:11:30.595 Option recurse = yes
2017-08-07 00:11:30.595 Option archive = no
2017-08-07 00:11:30.595 Option service = yes
2017-08-07 00:11:30.595 Option confirm = yes
2017-08-07 00:11:30.595 Option sxl = yes
2017-08-07 00:11:30.597 Option max-data-age = 35
2017-08-07 00:11:30.597 Option vdl-logging = yes
2017-08-07 00:11:30.693 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-08-07 00:11:30.693 Machine ID: af945df489914ef4a094c534c40800e6
2017-08-07 00:11:30.757 Component SVRTcli.exe version 2.6.1
2017-08-07 00:11:30.758 Component control.dll version 2.6.1
2017-08-07 00:11:30.758 Component SVRTservice.exe version 2.6.1
2017-08-07 00:11:30.758 Component engine\osdp.dll version 1.44.1.2286
2017-08-07 00:11:30.759 Component engine\veex.dll version 3.68.6.2286
2017-08-07 00:11:30.759 Component engine\savi.dll version 9.0.7.2286
2017-08-07 00:11:30.860 Component rkdisk.dll version 1.5.31.1
2017-08-07 00:11:30.860 Version info: Product version 2.6.1
2017-08-07 00:11:30.861 Version info: Detection engine 3.68.6
2017-08-07 00:11:30.861 Version info: Detection data 5.40
2017-08-07 00:11:30.861 Version info: Build date 5/30/2017
2017-08-07 00:11:30.861 Version info: Data files added 471
2017-08-07 00:11:30.861 Version info: Last successful update (not yet updated)
2017-08-07 00:13:03.120 Downloading updates...
2017-08-07 00:13:03.123 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-08-07 00:13:03.123 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-08-07 00:13:03.123 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-08-07 00:13:03.123 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-08-07 00:13:03.123 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-08-07 00:13:03.123 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-08-07 00:13:03.123 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-08-07 00:13:03.124 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-08-07 00:13:03.124 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-08-07 00:13:03.124 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-08-07 00:13:03.124 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-08-07 00:13:03.124 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-08-07 00:13:03.124 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-08-07 00:13:03.124 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-08-07 00:13:03.124 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-08-07 00:13:03.124 Update progress: [I49502] sdds.data0910.xml: found supplement IDE544 LATEST path= baseVersion= [included from product IDE543 LATEST path=]
2017-08-07 00:13:03.124 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE544 LATEST path=
2017-08-07 00:13:03.124 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE544 LATEST path=
2017-08-07 00:13:03.125 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product IDE544 LATEST path=]
2017-08-07 00:13:03.125 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
2017-08-07 00:13:03.125 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
2017-08-07 00:13:03.125 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-08-07 00:13:03.611 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-08-07 00:13:03.611 Update progress: [I19463] Product download size 12184181 bytes
2017-08-07 00:13:07.132 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-08-07 00:13:07.318 Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-08-07 00:13:07.405 Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-08-07 00:13:07.405 Update progress: [I19463] Product download size 2292287 bytes
2017-08-07 00:13:10.523 Update progress: [I19463] Syncing product IDE544 LATEST path=
2017-08-07 00:13:10.523 Update progress: [I19463] Product download size 860275 bytes
2017-08-07 00:13:12.167 Update progress: [I19463] Syncing product IDE545 LATEST path=
2017-08-07 00:13:12.301 Installing updates...
2017-08-07 00:13:14.317 Error level 1
2017-08-07 00:13:26.740 Update successful
2017-08-07 00:13:57.036 Option all = no
2017-08-07 00:13:57.036 Option recurse = yes
2017-08-07 00:13:57.036 Option archive = no
2017-08-07 00:13:57.036 Option service = yes
2017-08-07 00:13:57.036 Option confirm = yes
2017-08-07 00:13:57.036 Option sxl = yes
2017-08-07 00:13:57.038 Option max-data-age = 35
2017-08-07 00:13:57.038 Option vdl-logging = yes
2017-08-07 00:13:57.142 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-08-07 00:13:57.142 Machine ID: af945df489914ef4a094c534c40800e6
2017-08-07 00:13:57.228 Component SVRTcli.exe version 2.6.1
2017-08-07 00:13:57.228 Component control.dll version 2.6.1
2017-08-07 00:13:57.228 Component SVRTservice.exe version 2.6.1
2017-08-07 00:13:57.228 Component engine\osdp.dll version 1.44.1.2286
2017-08-07 00:13:57.229 Component engine\veex.dll version 3.68.6.2286
2017-08-07 00:13:57.229 Component engine\savi.dll version 9.0.7.2286
2017-08-07 00:13:57.854 Component rkdisk.dll version 1.5.31.1
2017-08-07 00:13:57.854 Version info: Product version 2.6.1
2017-08-07 00:13:57.968 Version info: Detection engine 3.68.6
2017-08-07 00:13:57.968 Version info: Detection data 5.40
2017-08-07 00:13:57.968 Version info: Build date 5/30/2017
2017-08-07 00:13:57.968 Version info: Data files added 472
2017-08-07 00:13:57.968 Version info: Last successful update 8/6/2017 8:13:26 PM

2017-08-07 00:15:02.335 >>> Virus 'Troj/KvterMem-B' found in file System Memory
2017-08-07 00:15:02.335 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-08-07 00:15:02.336 >>> Virus 'Troj/KvterMem-B' found in file C:\Windows\System32\regsvr32.exe
2017-08-07 00:15:02.357 The following items will be cleaned up:
2017-08-07 00:15:02.357 Troj/KvterMem-B

This thread was automatically locked due to age.