Jump to content

brunobyof

Members
 View Profile  See their activity

  • Posts

    18

  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. brunobyof
    Hello, as i said on my prior post, i already did the change on msconfig so that i tested one by one of the programs and then disabled those non-important after checking that none of them was causing the problem to arise. So now i've been using the normal startup, and the problem vanished apparently.
  2. brunobyof
    Hi, i'm still here yes, but apparently my system is working fine since the changes in the startup and msconfig. No more strange behaviors on my browser even though i can't say i cleaned any specific malware/adware. I hope this remains the same. If you have any other instruction to make sure the system is really ok, just say it, otherwise, i think this thread won't go anywhere else.
  3. brunobyof
    Hello, since yesterday my system is working fine. I kept the clean boot for most of the time but today i decided to try something: -I turned on the startup programs in the msconfig/taskmngr panel, one by one, and restarted my system after turning them on to see if activating one of them would cause the system to present that strange behavior. To my surprise, nothing happened. -After i tested with each of the programs individually, i cleaned some of them from the startup menu, lefting only the basic stuff to startup: Avast, áudio driver and Windows defender. -then i selected "normal startup" in the msconfig panel and restarted the system to see if something would happen. So far so good. The only thing is that when i cheched this option of normal boot, it suddenly changed my boot options to load 2 versions of Windows even though i had deleted the other one and all of my other partitions/HD's are clean and formatted already, so i don't know why it happened, but then i went again to Msconfig and deleted it again and restarted the system again but this time no more alternative Windows option. It booted safe and sound.But for whatever reason when i go to msconfig, the "normal boot" option is not selected anymore, it changed automatically to selective boot with "load system services" and "load startup items" both checked. I scanned the system with ZHP again and Malwarebytes free, both returned a clean system. I'm not sure if the system is really clean, because it looked like this before but it came back again later. What should i do now? Is there any other scanning system to use in order to double check it?
  4. brunobyof
    Okay, it still didn't show up, i'm guessing that's the case. ANyway, till tomorrow then.
  5. brunobyof
    I did the clean boot, it booted to the old version of Windows because i could'nt remember the right volume (i think the sfc restored the boot option in the startup, which i had excluded before), so i restarted again into the right one, formated the old HD with the older version of Windows (now i have only the current one) and excluded the old boot option. The normal boot programs are not started, and the problem didn't show up for now.
  6. brunobyof
    I didn't reset it. the problem started a loong time ago, even before i formatted the partition and reinstalled Windows. For some time, the problem was apparently gone, but now it's back. I just checked my apps to see if there's anything weird and it shows discord as if it was installed in 11/24/2017, a future date...that's weird, but it has been installed for some time now, it's not somthing new. Also, some of those programs weren't installed today as it shows as well. i don't know why that is
  7. brunobyof
    here DESKTOP-75435FS.rar
  8. brunobyof
    No, they started to pop up as soon as i turned my pc on, before i even open the first edge session. But they also pop suddenly in other times as well, it's not restricted to the startup and i can't make any standard of this behavior
  9. brunobyof
    you're right, i did use powershell (admin) because when i right click Windows symbom it dowsn't show comand prompt, even thoug i know i can simply run it from cortana.
  10. brunobyof
    here it is the link to cbs log https://drive.google.com/open?id=0B9H2VcLw8dBwU1RHeGxER25TZG8 Your command line didn't work , it said: copy : Não é possível localizar o caminho 'C:\Windows\system32\%windir%\logs\cbs\cbs.log' No linha:1 caractere:1 + copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt" + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (C:\Windows\syst...ogs\cbs\cbs.log:String) [ ption + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.CopyItemCommand But i found the file in the cbs folder and uploaded it. Also, the sfc didn't find anything wrong.
  11. brunobyof
    The Windows which are opening are EDGE's Windows. As if i clicked the browser's shortcut, it opens the starter page asking where to go, but it does it several times, take a look for yourself: http://imgur.com/OJtISV6 http://imgur.com/a/vpDtu VirusTotal reports -dnsapi.dll (sys32): https://www.virustotal.com/pt/file/13c497c4db9e5a7438e676f48a01f9684dba8d36ccd0ee28a70449db6a39b90c/analysis/1502129101/ -dnsapi.dll (syswow): https://www.virustotal.com/pt/file/f46a9b2d4d1d0b8e370436264e0444169b695e09f539a607db569254f6d4b0d8/analysis/1502129242/ Both are seemingly fine. However, i've heard once that shopperz can change dnsapi.dll's lines so that it reroutes the path to the hosts file to another one, to a false hosts or something, but without changing the number of characters in the line, making it impossible for the antivírus to catch it as na infected file. Don't know if it is true but whatever...it just made sense to me. The files/entries mentioned before were excluded by ZHP already. i'm going to scan the system again to keep looking for something. Or should i make something else? Again, thanks for helping!
  12. brunobyof
    Here, zhp just found something, it did before, but apparently everytime i use it and it says it's clean, the next time the infection appears with another name/place: I'm including some pics of the results for better visualization: http://imgur.com/7j3sklL https://imgur.com/wSA2rQU https://imgur.com/WmJHdHD
  13. brunobyof
    Hi Aura, sorry for the delay. Here is the DNSRepair log (i tried to put "English" on it too, but apparently it doesn't work as with FRST for some reason, so the log is in portuguese, but the contente is easy to read because is mainly data language): I have been experiencing problems since today with my PC, the same problem as before, but now with EDGE. As i'm wrinting this, it keeps poping many new Windows of it, not tabs, so it's dificult even to write this since it keeps putting the new Windows on the first plane all over again! It happened with chrome as well. I also tried the cleanup on the account before as it says, but apparently it's not the problem because i'm not even using chrome on this system anymore. I'm sure i have na infection here, i'm trying to scan it right now hoping any other program can catch something... Also, when i turned my pc on, suddenly it started to make some sounds just as when taking pictures, some program popped up on the UAC panel asking for permission and i immediately clicked no, without keeping record of the name of the program...
  14. brunobyof
    FRST Addition Done.
  15. brunobyof
    My system is in portuguese, so i hope you don't have problems Reading the reports because of it. Here: FRST.txt: Addition.txt:
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.