Jump to content

SojiroChris

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I can confirm the PC is now clean. MBAM picked up no traces of Adware.Netfilter and Chrome is properly starting up where it should. Thank you so very much!
  2. I opened up Chrome and no 30tab.com redirect. Safe to assume the malware is removed? If so, I highly thank you so much for your time and help!
  3. Here's the Fixlog contents from the fix performed in the flash drive: Fix result of Farbar Recovery Scan Tool (x64) Version: 23-12-2017 01 Ran by SYSTEM (23-12-2017 15:32:59) Run:2 Running from e:\ Boot Mode: Recovery ============================================== fixlist content: ***************** Start DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet1\services\amdfx R1 amdfx; C:\Windows\system32\drivers\amdfx.sys [0 2017-12-23] () <==== ATTENTION (zero byte File/Folder) C:\Windows\system32\drivers\amdfx.sys End ***************** HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet1\services\amdfx => key not found. "HKLM\System\ControlSet001\Services\amdfx" => removed successfully amdfx => service removed successfully C:\Windows\system32\drivers\amdfx.sys => moved successfully ==== End of Fixlog 15:32:59 ====
  4. Hello. Apologies for the delay. Here's the contents of the RogueKiller report TXT and Fixlog.txt at the bottom of the reply: RogueKiller V12.11.29.0 (x64) [Dec 18 2017] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 8.1 (6.3.9600) 64 bits version Started in : Normal mode User : Souljiro62x [Administrator] Started from : C:\Users\Souljiro62x\Desktop\RogueKiller_portable64.exe Mode : Scan -- Date : 12/23/2017 12:57:01 (Duration : 00:28:12) ¤¤¤ Processes : 2 ¤¤¤ [Proc.Injected] svchost.exe(828) -- C:\Windows\System32\svchost.exe[7] -> Found [Proc.Injected] explorer.exe(3452) -- C:\Windows\explorer.exe[7] -> Found ¤¤¤ Registry : 4 ¤¤¤ [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3048815083-640257404-3178529390-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3048815083-640257404-3178529390-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Found [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3048815083-640257404-3178529390-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3048815083-640257404-3178529390-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 1 ¤¤¤ [PUM.HomePage][Firefox:Config] g4h4rxe6.default : user_pref("browser.startup.homepage", "www.youtube.com"); -> Found ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: HGST HTS721010A9E630 +++++ --- User --- [MBR] 39d42bc4702facf301f916f3603947d9 [BSP] 8562b6dda5866ea0b9d4e54ea1943c2a : Empty|VT.Unknown MBR Code Partition table: 0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB 1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB 3 - Basic data partition | Offset (sectors): 2312192 | Size: 381546 MB 4 - Basic data partition | Offset (sectors): 783718400 | Size: 550704 MB 5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911560192 | Size: 20490 MB User = LL1 ... OK User = LL2 ... OK Fixlog.txt
  5. Hello. I've hit a roadblock trying to get rid of the adware mentioned in the topic title. Every time MBAM picks it up and tries to delete it, it always comes back. It shows up as a registry key, that key being the following: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mrxsmb22 It seems nothing I do seems to get rid of it. I'm at a complete loss and I don't really want to have to format my PC just to get rid of it for good. I scanned my laptop with FRST. The logs are as follows. Please, any help will be greatly appreciated. I'm at my wits end. FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.