Jump to content

Nicodom

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hey thank you so much Kevin. You've been a great help! Truly appreciate it!
  2. Yes that's true. That was something that just wouldn't stay away, I'l get started on this
  3. Thank you very much for your time and effort in helping me!!
  4. Here goes Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 12/18/17 Scan Time: 12:28 AM Log File: 396c42be-e3b4-11e7-b038-e8039ab735b7.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3510 License: Trial -System Information- OS: Windows 10 (Build 15063.786) CPU: x64 File System: NTFS User: OBTCSERV\OBTCServices -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 353673 Threats Detected: 10 Threats Quarantined: 10 Time Elapsed: 32 min, 18 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 10 HackTool.Windows, C:\USERS\OBTCSERVICES\DESKTOP\SYSTEMSOFTWARE\SHORTCUTS\WIN7 V2.2.2 + FIX.RAR, Quarantined, [9457], [153298],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3463], [455070],1.0.3510 PUP.Optional.ASK, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [485], [454824],1.0.3510 PUP.Optional.ASK, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [485], [454824],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [3463], [455070],1.0.3510 Physical Sector: 0 (No malicious items detected) (end) Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 12/18/17 Scan Time: 12:28 AM Log File: 396c42be-e3b4-11e7-b038-e8039ab735b7.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3510 License: Trial -System Information- OS: Windows 10 (Build 15063.786) CPU: x64 File System: NTFS User: OBTCSERV\OBTCServices -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 353673 Threats Detected: 10 Threats Quarantined: 10 Time Elapsed: 32 min, 18 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 10 HackTool.Windows, C:\USERS\OBTCSERVICES\DESKTOP\SYSTEMSOFTWARE\SHORTCUTS\WIN7 V2.2.2 + FIX.RAR, Quarantined, [9457], [153298],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3463], [455070],1.0.3510 PUP.Optional.ASK, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [485], [454824],1.0.3510 PUP.Optional.ASK, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [485], [454824],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [3463], [455070],1.0.3510 PUP.Optional.Delta, C:\USERS\OBTCSERVICES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [3463], [455070],1.0.3510 Physical Sector: 0 (No malicious items detected) (end) # AdwCleaner 7.0.5.0 - Logfile created on Mon Dec 18 06:20:09 2017 # Updated on 2017/29/11 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** SearchProvider deleted: AOL Search - slirsredirect.search.aol.com SearchProvider deleted: Ask.com - search.ask.com ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1373 B] - [2017/12/14 20:25:35] C:/AdwCleaner/AdwCleaner[C1].txt - [1599 B] - [2017/12/14 20:59:7] C:/AdwCleaner/AdwCleaner[C2].txt - [1735 B] - [2017/12/16 5:57:51] C:/AdwCleaner/AdwCleaner[S0].txt - [1424 B] - [2017/12/14 20:24:57] C:/AdwCleaner/AdwCleaner[S1].txt - [1344 B] - [2017/12/14 20:53:30] C:/AdwCleaner/AdwCleaner[S2].txt - [1481 B] - [2017/12/16 5:47:47] C:/AdwCleaner/AdwCleaner[S3].txt - [1617 B] - [2017/12/18 6:18:47] ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ########## --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.55, December 2017 (build 5.55.14421.1) Started On Mon Dec 18 01:30:56 2017 Engine: 1.1.14405.2 Signatures: 1.257.1160.0 Run Mode: Interactive Graphical Mode --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.55, December 2017 (build 5.55.14421.1) Started On Mon Dec 18 01:48:55 2017 Engine: 1.1.14405.2 Signatures: 1.257.1160.0 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 18 01:58:45 2017 Return code: 0 (0x0) . Everything seems to be in order as of now. Fixlog.txt
  5. Hi, so pretty much like what I said I did in reply#4. Somehow what I did seemed to take back control from the malware which was stopping me from doing anything on the computer. Malwarebytes was able to run and I guess it actually removed them this time. So I'm guessing either between switching the system file from Windows\system32\config\system with the backup one from Windows\system32\config\system\regbak. Either that or the resetting the file policies on the C:\ drive somehow gave me back control.,
  6. Sorry for the long wait. Yes I do have a USB and another PC. I may have to re-run the first one because that's how FRST.txt log came out. I'll run it again. Everythings attached! thank you! Addition.txt FRST.txt Fixlog.txt
  7. ok back up and running. I had to replace my system file to get Windows to boot it was corrupt. I used the system file from the regback folder. Oddly enough when it rebooted I was able to delete the folders and run malwarebytes. There still seems to be some infections though. Just wanted to point that out. Also I booted into a minixp boot environment and reset the policies and permissions for the C:/ drive, maybe that had something to do with it as well. Here are the files. Addition.txt FRST.txt
  8. Working on it. Computer won't boot at the moment so trying to fix that first.
  9. I'm having trouble removing these malware from my PC. I was able to delete them in recovery mode. But they just returned on reboot. I also believe I might have a bootkit and rootkit prob. It seemed to have deleted my recovery partition so I'm no longer able to factory reset the PC.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.