Jump to content

azrai

Members
  • Posts

    14
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thank you very much(even though I am one of your hundreds of helped-person), I trully mean it. If I ever have any problems regarding my system, or if I have my old Windows XP fixed and I have problems with it, I will try to seek for help here. Good day, cheers.
  2. I want to thank you in advance, Mrs Yoan for your help. When I was a kid, I had the time to explore and find the tools to recover my PC. But as I grow, it is so hard to find the time to do such things, perhaps its is because I am busy with my job, ironically I am using my laptop every day. I typed these letters without reading your recommendations yet. They are too long, lol. I will read it soon, surely will. p/s is everything here available to public? hah
  3. Here's the requested log content: # DelFix v1.013 - Logfile created 26/07/2017 at 21:43:25 # Updated 17/04/2016 by Xplode # Username : Azrai - AZRAI # Operating System : Windows 10 Home Single Language (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\asus\Downloads\Fixlog.txt Deleted : C:\Users\asus\Downloads\FRST64.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #30 [Restore Point Created by FRST | 07/26/2017 03:38:49] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  4. Alright, no problem so far. I can't address any other issues since I don't have any at the moment.
  5. Sorry for the late reply, I forgot my password, locked out of my own account, lol. Fix result of Farbar Recovery Scan Tool (x64) Version: 23-07-2017 Ran by Azrai (26-07-2017 11:38:41) Run:1 Running from C:\Users\asus\Downloads Loaded Profiles: Azrai (Available Profiles: Azrai) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: CreateRestorePoint: R1 WiserIso; C:\WINDOWS\System32\Drivers\vcdrom.sys [25432 2016-12-27] () <==== ATTENTION Task: {5EAAF3C7-4774-49E8-ABBE-B8C1FF647422} - System32\Tasks\Dream Ages => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Dream Ages\Dream Ages.dll",NGePVK <==== ATTENTION AlternateDataStreams: C:\WINDOWS\system32\Drivers\fcatisdc.sys:changelist [1126] C:\Program Files\Dream Ages C:\WINDOWS\System32\Drivers\vcdrom.sys EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. WiserIso => Unable to stop service. HKLM\System\CurrentControlSet\Services\WiserIso => key removed successfully WiserIso => service removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5EAAF3C7-4774-49E8-ABBE-B8C1FF647422} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EAAF3C7-4774-49E8-ABBE-B8C1FF647422} => key removed successfully C:\WINDOWS\System32\Tasks\Dream Ages => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dream Ages => key removed successfully C:\WINDOWS\system32\Drivers\fcatisdc.sys => ":changelist" ADS removed successfully. C:\Program Files\Dream Ages => moved successfully C:\WINDOWS\System32\Drivers\vcdrom.sys => moved successfully =========== EmptyTemp: ========== BITS transfer queue => 6053888 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29040146 B Java, Flash, Steam htmlcache => 7402 B Windows/system/drivers => 39314 B Edge => 203891451 B Chrome => 98780010 B Firefox => 374505810 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 99980 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 41810540 B asus => 38748504 B RecycleBin => 30276373 B EmptyTemp: => 785.1 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 11:45:27 ====
  6. FRST.txt and Addition.txt are provided here: Addition.txt FRST.txt
  7. I used to activate my Malwarebytes with a code. However it has expired. It's in free version now. I'll provide you with those logs ASAP.
  8. My Malwarebytes is working fine so far.. I never know when this issue would happen again, would you mind telling me the chances of happening again? What are the preventive measures I should take so it would work smoothly in the future? Thank you for your concern, Mrs Yoan. Lots of love <3, Azrai
  9. Thanks for the speedy reply. Is it automated? ahah It is impressive how adwcleaner now collaborates with Malwarebytes. I have used it back then on my Windows XP laptop. Done as instructed. Here's adwcleaner log: # AdwCleaner 7.0.0.0 - Logfile created on Mon Jul 24 02:35:21 2017 # Updated on 2017/17/07 by Malwarebytes # Running on Windows 10 Home Single Language (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Users\All Users\Documents\XMUpdate Deleted: C:\Users\Public\Documents\XMUpdate Deleted: C:\Users\asus\AppData\Roaming\UCChannel ***** [ Files ] ***** Deleted: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\boe5n2bh.default\invalidprefs.js ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted: Driver Booster Scheduler ***** [ Registry ] ***** Deleted: [Key] - HKLM\SOFTWARE\JszipService Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E64D8009-B587-4450-87FA-87C035BC66F1} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{CFCF57BA-365E-4EF7-A6E2-2883F23CB557} Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.com Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.com Deleted: [Key] - HKU\S-1-5-21-3917691398-3200304460-3508980452-1001\Software\PopWnd Deleted: [Key] - HKCU\Software\PopWnd Deleted: [Key] - HKLM\SOFTWARE\JiSuZip Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{C83C8499-99FF-4276-8CFD-6467362F6A1E} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B1A5B927-E0F9-47FC-ADD0-F012B8CEECCB} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5C551008-A347-4DB3-AF48-014076FD2B46} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0EC85481-BDF8-46F0-B3CD-242CEC5AECE9} Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\jZipShell.DLL Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\JzShlobj Deleted: [Key] - HKLM\SOFTWARE\Installer Deleted: [Key] - HKU\S-1-5-21-3917691398-3200304460-3508980452-1001\Software\Installer Deleted: [Key] - HKCU\Software\Installer ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [3305 B] - [2017/7/24 2:13:33] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Here's JRT log: Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 10 Home Single Language x64 Ran by Azrai (Administrator) on Mon 24/07/2017 at 10:47:45.32 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 3 Successfully deleted: C:\ProgramData\productdata (Folder) Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Azrai) (Task) Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Azrai (Task) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Mon 24/07/2017 at 11:48:12.88 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  10. Here's the export contect: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/24/17 Scan Time: 9:50 AM Log File: scan result.txt Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.141 Update Package Version: 1.0.2423 License: Free -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: AZRAI\Azrai -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 407140 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 6 min, 12 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)
  11. Alright, I have done removing rootkits with MBAR, here's the log. mbar-log-2017-07-24 (08-28-29).txt
  12. Problem solved. Thanks Mrs Yoan. mbar-log-2017-07-07 (10-10-43).txt
  13. How did you encountered the issue and any steps to reproduce it -> It happens whenever I start up my laptop Do you get the same result more than once if you follow the same steps? Y/N ->yes If the system crashed (aka blue screen of death or BSOD), please include the error message ->error message is included in the attachment mb-check-results.zip Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.