Jump to content

heliojmsemedo

Members
  • Content Count

    23
  • Joined

  • Last visited

About heliojmsemedo

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. It has been alright - I believe most of the malware that was present on my computer came from some...rather...shady websites (mostly torrent ones) that I visited while I was desperate for some STUFF when I had just got my new laptop. Usually I'm more careful. Thank you for all the help Aura
  2. I'm so sorry these last days have been busy, I've done what you said, here are the logs JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Pro x64 Ran by H‚lio (Administrator) on 31/05/2017 at 12:46:15.95 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 4 Successfully deleted: C:\Windows\system32\Tasks\update-S-1-5-21-2012374422-2313409269-352401216-1001 (Task) Successfully deleted: C:\Windows\system32\Tasks\update-sys (Task) Successfully deleted: C:\Windows\Tasks\update-S-1-5-21-2012374422-2313409269-352401216-1001.job (Task) Successfully deleted: C:\Windows\Tasks\update-sys.job (Task) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 31/05/2017 at 12:47:35.17 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner: # AdwCleaner v6.047 - Logfile created 31/05/2017 at 12:58:57 # Updated on 19/05/2017 by Malwarebytes # Database : 2017-05-30.2 [Server] # Operating System : Windows 10 Pro (X64) # Username : Hélio - DESKTOP-TT4OA43 # Running from : C:\Users\Hélio\Desktop\AdwCleaner.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\ProgramData\VideoMemoryDiagnostic ***** [ Files ] ***** [-] File deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log [-] File deleted: C:\Users\Public\Documents\temp.dat [-] File deleted: C:\Users\Public\Documents\report.dat ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** [-] Task deleted: MSISCMTsk ***** [ Registry ] ***** [-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE [#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE [-] Key deleted: HKU\S-1-5-21-2012374422-2313409269-352401216-1001\Software\VideoBox [-] Key deleted: HKU\S-1-5-21-2012374422-2313409269-352401216-1001\Software\isMiner [#] Key deleted on reboot: HKCU\Software\VideoBox [#] Key deleted on reboot: HKCU\Software\isMiner [-] Key deleted: HKLM\SOFTWARE\ScreenShot [#] Key deleted on reboot: [x64] HKCU\Software\VideoBox [#] Key deleted on reboot: [x64] HKCU\Software\isMiner [-] Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance [-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc] [-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [BIT] [-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [swpvr] ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1924 Bytes] - [31/05/2017 12:58:57] C:\AdwCleaner\AdwCleaner[S0].txt - [2072 Bytes] - [31/05/2017 12:54:06] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2070 Bytes] ##########
  3. Ran it again, just to be sure, don't know if helps (also after the "fix" finished a white message box with the title "T" appeared, while at this the OS was already getting ready to reboot) Fixlog.txt
  4. It generated two files, the other one is 31Mb which is above the attachment limit.... Copy and paste its content in your next reply I didn't get that...OS simply rebooted...or maybe I missed it 25.05.2017_00.23.59.zip
  5. strange, it still found two threats - sure not compared to the 200+ it had found on chameleon but still... Could be due to database version anyways, doing another scan just to be sure it's not something that keeps coming back (am tired of these) mbscan25052017.txt
  6. Will do (Running as a write, selected the recommended scan which scans "known places where malware usually hides")
  7. Before anything, I just wanna say I've managed to install Malwarebytes after running Chamaleon and rebooting (this time I could delete the certs) But, I noticed that while I was running Chamaleon my computer became rather slow, background disappeared, taskbar disappeared, could not access other programs besides Chamaelon which was really hard to control, mouse position for example was all weird, At the end, after it took care of the MANY INFECTIONS it found, a message box appeared but I couldnt read it because it almost immediately disappeared and the OS went back to normal, I'm sorry I couldnt get the log. I'm sending attached the mbar log either way I'm now going to run FRST mbar-log-2017-05-24 (14-39-09).txt system-log.txt
  8. I might do a deep scan on my computer tomorrow, googling not giving me answers about this either...
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.