Jump to content

zulkifli

Members
  • Posts

    15
  • Joined

  • Last visited

Everything posted by zulkifli

  1. sorry Aura, my PC have solve.. malwarebyte have no virus found after i follow your instruction,,, Thank You
  2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 10 Pro x64 Ran by LENOVO (Administrator) on 18-Aug-17 at 10:56:55.15 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 2 Successfully deleted: C:\Users\LENOVO\AppData\Roaming\1337 (Folder) Successfully deleted: C:\WINDOWS\system32\Tasks\e4b31a2c699c6c4074adb1d194d6366e (Task) Registry: 2 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6} (Registry Value) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 18-Aug-17 at 11:01:08.91 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  3. # AdwCleaner 7.0.1.0 - Logfile created on Fri Aug 18 02:51:46 2017 # Updated on 2017/05/08 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Windows\System32\\SSL Deleted: C:\Windows\SysWOW64\\SSL Deleted: C:\Users\All Users\Documents\Guid Deleted: C:\Users\Public\Documents\Guid Deleted: C:\Users\LENOVO\AppData\Local\Xpom Deleted: C:\Users\LENOVO\AppData\Local\Nichrome Deleted: C:\Users\LENOVO\AppData\Local\Tencent Deleted: C:\Program Files (x86)\WindowsTM Deleted: C:\Users\All Users\Documents\XMUpdate Deleted: C:\Users\Public\Documents\XMUpdate Deleted: C:\Program Files (x86)\DriverUpdaterPlus Deleted: C:\Users\LENOVO\AppData\Roaming\DRPSu ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted: Microsoft\Windows\Multimedia\Manager Deleted: Microsoft\Windows\Windows Error Reporting\ErrorReporting ***** [ Registry ] ***** Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.yeadesktop.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\yeadesktop.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.yeadesktop.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\yeadesktop.com Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cdncache-a.akamaihd.net Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cdncache-a.akamaihd.net Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\PopWnd Deleted: [Key] - HKCU\Software\PopWnd Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154} Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154} Deleted: [Key] - HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2} Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2} Deleted: [Key] - HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2} Deleted: [Key] - HKLM\SOFTWARE\WMPNetworkAcSvc Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\SysMon Deleted: [Key] - HKCU\Software\SysMon Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\VideoBox Deleted: [Key] - HKCU\Software\VideoBox Deleted: [Key] - HKLM\SOFTWARE\Speedownloader0099 Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\Speedownloader0099 Deleted: [Key] - HKCU\Software\Speedownloader0099 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49} Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|gplyra Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2} Deleted: [Value] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|msiql Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\yeadesktopbr.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\yeadesktopbr.com Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\msaver Deleted: [Key] - HKCU\Software\msaver Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\FastDataX Deleted: [Key] - HKCU\Software\FastDataX Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb} Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb} Deleted: [Key] - HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb} Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\Hotspot Deleted: [Key] - HKCU\Software\Hotspot Deleted: [Key] - HKLM\SOFTWARE\DtsEncodeTools Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\Amigo Deleted: [Key] - HKCU\Software\Amigo Deleted: [Key] - HKLM\SOFTWARE\drpsu Deleted: [Key] - HKU\S-1-5-21-1832733413-2322938502-4245380888-1001\Software\drpsu Deleted: [Key] - HKCU\Software\drpsu Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8D0406AC-32B6-4156-B7B0-6EF1DD7E3FD1} Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** Plugin deleted: Стартовая — Яндекс - Plugin deleted: Поиск Яндексa - Plugin deleted: Поиск и стартовая – Яндекс - ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [6975 B] - [2017/8/18 2:50:50] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
  4. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/18/17 Scan Time: 9:54 AM Log File: Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.160 Update Package Version: 1.0.2609 License: Trial -System Information- OS: Windows 10 (Build 15063.540) CPU: x64 File System: NTFS User: DESKTOP-205U9JE\LENOVO -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 379912 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 4 min, 0 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) that is the result..but i dont know after restart my PC.
  5. sorry i have misunderstanding.. i will follow this with mbar not mbam. thank you.. i will post later
  6. did you mean export summery to get that's file ? i have to scan my pc with malwarebyte but i cant found " mbar-log-TODAY'S-DATE.txt "
  7. what must i do now? this trojan always come back after i turn off my PC
  8. after i solve this prob. malwarebyte cant remove prxySrvRst trojan. cant u help me for this probem?
  9. cant instal malwarebyte by permision blocked
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.