Tech Support Forum banner
Status
Not open for further replies.
1 - 20 of 40 Posts

·
Registered
Joined
·
1,153 Posts
Discussion Starter · #1 ·
At first, it generated a second manifest file named release\AndroidManifest.xml which had errors and caused the build to fail. Then, now when I click the arrow to build it pops up a window to Edit Configuration. The other manifest file is called main\AndroidManifest.xml.

Here is the FRST info is here
 

Attachments

·
Moderator , Security Team
Joined
·
1,568 Posts
If they were, they would have posted a reply to your post.

Posts get overlooked, or else helpers are busy (many of us work on multiple forums) so we don't always have the time available to answer every post.

Your symptoms are not symptomatic of any infection I'm aware of, but we'll check for infection anyway.

However. you have only posted the Addition.txt, and FRST produces 2 logs (FRST.txt and Addition.txt) I need to see them both.
 

·
Moderator , Security Team
Joined
·
1,568 Posts
That generally happens when/if the forum software detects something in the file that it doesn't "like" (generally for no good reason).

Zip it, and then try attaching it. That usually resolves things.

If not you'll have to upload it to a file sharing site of your choice, and post me the link (please use a site where I don't need to register to retrieve it, because I won't do that).
 

·
Moderator , Security Team
Joined
·
1,568 Posts
Looking over your logs now. Dependent on how much of it I have to research this may take some time, and as it's getting late now where I am, it may be tomorrow morning (my time GMT) before I get back to you.
 

·
Moderator , Security Team
Joined
·
1,568 Posts
OK, I've gone through your logs, and there is no real signs of an active infection. There are a few remnants that need attention however from an earlier infection, and these need removing.

First ....

Your logs show that your ISP is Shaw Communications, however there are a couple of other connections ...

Tcpip\..\Interfaces\{93130a01-34d0-44db-8ffe-f2baac36cd65}: [NameServer] 100.120.24.1
Tcpip\..\Interfaces\{c5d1124d-33e2-4d04-a92a-6e5e3d17c3a4}: [DhcpNameServer] 40.23.1.12
... the first as far as I can determine connects to GAIN CB TRANSIT a company which I can't find any reliable information about, the second connects to Eli Lilly.

Do you know why they are there ?

Next ...

Please remove the following Chrome extension ....

CHR Extension: (Ask Web Search) - C:\Users\brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp [2020-08-28]

Next ...

  • Start FRST.
  • Hit your Windows Key + R to open a Run window
  • Type Notepad then click OK
  • This will open an empty Notepad document
  • Copy/Paste the following into it (Don't include Code: ) .....
Code:
CHR HomePage: Default -> hxxp://start.funmoods.com/?f=1&a=make
CHR DefaultSearchURL: Default -> hxxp://search.babylon.com/?q={searchTerms}&affID=116742&tt=4612_5&babsrc=SP_ss&mntrId=e072eba500000000000090fba64bf3a8
CHR DefaultSearchKeyword: Default -> babylon.com
CHR HKU\S-1-5-21-2265311004-2890312936-1862091254-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cflanjgoamglnnocilcllegbbbfogfjc]
SearchScopes: HKLM -> {7A5A7412-59C3-4EAF-92FB-80E68F541CE3} URL = hxxp://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {7A5A7412-59C3-4EAF-92FB-80E68F541CE3} URL = hxxp://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2265311004-2890312936-1862091254-1001 -> {7A5A7412-59C3-4EAF-92FB-80E68F541CE3} URL = hxxp://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
cmd:ipconfig /flushdns
emptytemp:
  • Save it as fixlist.txt to the same location as FRST (must be in this location)
  • NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post me the log

Finally ....

Personally I think the most probable cause for your problem is the fact that you have Avast installed. Avast is IMO no longer a reliable AV, and I have seen it cause all sorts of wierd and varied problems on various people's computers.

My recommendation would be for you to uninstall it, and rely on Microsoft Defender for your AV protection. The Microsoft Defender that is now built into W10 is a much superior product to the earlier versions (of similar name) that were included with earlier versions of Windows, and is perfectly adequate for most people's needs.

If you do choose to remove Avast, do not do so using the on-board uninstaller that came with it, since that does not do a very good job, and leaves lots of orphans behind that can cause problems. Instead use the following tool created by Avast, which does a much better job .... Uninstalling Avast Free Antivirus | Official Avast Support
 

·
Moderator , Security Team
Joined
·
1,568 Posts
With FRST open, the Fix button is the one on the far right of the 4 buttons below the Search field.

As you still have the Avast browser, it would appear that there are some orphans left that we need to remove. So first we're going to have to find out where they are.

To do that ....

  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to the disclaimer.
    • Copy/Paste or Type the following line into the Search: box.
    SearchAll:Avast
    • Press the Search Files button.
    • When finished searching a log will open on your Desktop ... Search.txt
    • Please post it in your next reply.
 

·
Moderator , Security Team
Joined
·
1,568 Posts
Lots of Avast orphans to remove.

It's going to take me a while to write a script to remove them, and I've got other commitments tonight, so it may be tomorrow morning before I can post it.

I'll try to get it done before then if I can, but that may not be possible.
 
1 - 20 of 40 Posts
Status
Not open for further replies.
Top