Jump to content

brookeizrad

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 8.1 Pro x64Ran by Brooke on Wed 08/06/2014 at 10:14:20.22~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Wed 08/06/2014 at 10:20:41.88End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Adware:# AdwCleaner v3.302 - Report created 06/08/2014 at 10:24:03# Updated 30/07/2014 by Xplode# Operating System : Windows 8.1 Pro (64 bits)# Username : Brooke - KERMIT# Running from : C:\Users\Brooke\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Google Chrome v36.0.1985.125 [ File : C:\Users\Brooke\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [784 octets] - [28/07/2014 23:06:36]AdwCleaner[R1].txt - [898 octets] - [06/08/2014 10:22:48]AdwCleaner[s0].txt - [844 octets] - [28/07/2014 23:08:35]AdwCleaner[s1].txt - [820 octets] - [06/08/2014 10:24:03] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [879 octets] ########## MBAM:Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 8/6/2014Scan Time: 10:50:45 AMLogfile: 8-6-14.txtAdministrator: Yes Version: 2.00.2.1012Malware Database: v2014.08.06.06Rootkit Database: v2014.08.04.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Brooke Scan Type: Threat ScanResult: CompletedObjects Scanned: 315400Time Elapsed: 4 min, 38 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) ESET no threats found FRST.txt Addition.txt
  2. Hello, My original attempts to run MBAM resulted in clean scans, but no log in existence--either in log files or through the software. I uninstalled the software using the clean removal. Upon attempting to reinstall a new copy I received errors indicated the file was corrupt or that it could not run on this computer. I restarted in safe mode and received the same notifications (on two different downloads of the exe file). I then downloaded the file again while in safe mode and was able to install MBAM. I then rebooted in regular mode, ran rkill (I did not repeat backup of the registry) and then ran the MBAM scan. I then attempted to install roguekiller and received similar warnings and blockings. I downloaded a clean copy and was able to install it. Below are the MBAM scan log and RogueKiller scan log, in that order. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 8/5/2014Scan Time: 3:42:34 PMLogfile: 8-5-14 not safe mode.txtAdministrator: Yes Version: 2.00.2.1012Malware Database: v2014.08.05.08Rootkit Database: v2014.08.04.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Brooke Scan Type: Threat ScanResult: CompletedObjects Scanned: 314525Time Elapsed: 5 min, 20 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) RogueKiller: RogueKiller V9.2.4.0 (x64) [Jul 11 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 8.1 (6.3.9200 ) 64 bits versionStarted in : Normal modeUser : Brooke [Admin rights]Mode : Scan -- Date : 08/05/2014 15:59:10 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 14 ¤¤¤[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MFE_RR -> FOUND[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MFE_RR -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.16.209.205 166.102.165.11 166.102.165.13 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.16.209.205 166.102.165.11 166.102.165.13 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{46A32F11-5450-4F1D-B0CA-810DF1B281A6} | DhcpNameServer : 172.16.209.205 166.102.165.11 166.102.165.13 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{46A32F11-5450-4F1D-B0CA-810DF1B281A6} | DhcpNameServer : 172.16.209.205 166.102.165.11 166.102.165.13 -> FOUND[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3552061939-2072627544-1029712448-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3552061939-2072627544-1029712448-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3552061939-2072627544-1029712448-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3552061939-2072627544-1029712448-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: HFS064G3AMNB-2200A +++++--- User ---[MBR] f02af12b4e64ec0e4377c0e68b23fcaa[bSP] 19efb1aad7e62820acb70e0f362991bb : Empty MBR CodePartition table:0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MBUser = LL1 ... OKUser = LL2 ... OK
  3. Hello and thank you in advance for you support! I have two devices that I am concerned about, both are connected within a home network. I am only going to post about one device at this time. 1) Computer was running poorly and I believed it was from a recent update. 2) People with whom I share dropbox folders informed me that random files were being deleted by this device at times I did not use it or files I never looked at (immediately unlinked everything!) 3) Multiple AV software could not detect any problems, but subtle things blocked installation of AV software at times 4) MBAM, after two failed scans, finally detected over 300 items (trojans, backdoors, etc--see attached log) located on mounted micro sd card 5) could not reformat sd card after multiple attempts--removed it and considered it lost cause 6) still concerned about malware existing on computer and would like help ensuring it is clean (other device scans show nothing at all, but device runs poorly in a similar manner) Attached are the MBAM log with malware information found and the FRST files requested. Thanks! Brooke dirty dirty dirty.txt FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.