Jump to content

Pablo

Members
  • Posts

    16
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. PC is running like it used to. Boots up pretty fast and Im playing league of legends without any lag like the good old times. Im assuming its safe to use without any risks? My cpu usage also shot up crazily during the peak of the virus before we removed majority of it and now its back to how it used to be at low numbers so thats probably a good thing i hope. Thanks for your help so far!
  2. I get why they call it "smart" service infection blitzblank.log
  3. Farbar Recovery Scan Tool (x64) Version: 02.01.2018 Ran by Ahmed (12-01-2018 12:12:48) Running from C:\Users\Ahmed\Desktop Boot Mode: Normal ================== Search Registry: "aswbdisk" =========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\aswbdisk] ====== End of Search ======
  4. Everything is running much faster and pc boots up faster aswell so i am assuming everything is almost back to normal. I am slightly concerned about this unremovable key that is showing up in the fixlogs (not sure if it means anything) . I have attached it below. Thanks for everything so far! Fixlog.txt
  5. SophosVirusRemovalTool.log SophosVirusRemovalTool_cloud4.log
  6. # AdwCleaner 7.0.6.0 - Logfile created on Wed Jan 10 23:02:28 2018 # Updated on 2017/21/12 by Malwarebytes # Running on Windows 7 Ultimate (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: vToolbarUpdater18.7.0 ***** [ Folders ] ***** Deleted: C:\ProgramData\IObit\Advanced SystemCare Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Users\Ahmed\AppData\LocalLow\IObit\Advanced SystemCare Deleted: C:\Users\Ahmed\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Users\All Users\IObit\Advanced SystemCare Deleted: C:\ProgramData\IObit\Advanced SystemCare Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Users\Ahmed\AppData\LocalLow\IObit\Advanced SystemCare Deleted: C:\Users\Ahmed\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Users\All Users\IObit\Advanced SystemCare Deleted: C:\Users\Ahmed\AppData\Roaming\\browsers Deleted: C:\Windows\System32\\SSL Deleted: C:\Windows\SysWOW64\\SSL Deleted: C:\Program Files (x86)\Common Files\AVG Secure Search Deleted: C:\ProgramData\AVG Security Toolbar Deleted: C:\ProgramData\Application Data\AVG Security Toolbar Deleted: C:\Users\All Users\AVG Security Toolbar Deleted: C:\ProgramData\IObit\ASCDownloader Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader Deleted: C:\Users\All Users\IObit\ASCDownloader Deleted: C:\Program Files (x86)\TotalAV Deleted: C:\Users\Ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppTrailers Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft Deleted: C:\ProgramData\Solvusoft Deleted: C:\ProgramData\Application Data\Solvusoft Deleted: C:\Program Files\Solvusoft Deleted: C:\Program Files (x86)\Solvusoft Deleted: C:\Users\Ahmed\AppData\Roaming\Solvusoft Deleted: C:\Users\All Users\Solvusoft Deleted: C:\Users\Ahmed\AppData\Roaming\\SPI ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted: Driver Booster Scheduler ***** [ Registry ] ***** Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC Deleted: [Key] - HKLM\SOFTWARE\IObit\Advanced SystemCare Deleted: [Key] - HKU\S-1-5-21-242380504-2691889551-1728626859-1000\Software\IObit\Advanced SystemCare Deleted: [Key] - HKCU\Software\IObit\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\IObit\RealTimeProtector Deleted: [Key] - HKLM\SOFTWARE\IObit\ASC Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect Deleted: [Key] - HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Advanced SystemCare Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E4937E7F-6692-41D8-BB27-155A9409016B} Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{080B86C1-95F2-48C9-8BA8-C5FE2A10F95C} Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{04785F5E-8DEE-432C-A35A-C73C28318DE3} Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1FC704A9-9042-4A6C-B804-9DD8E3909E63} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted: [Key] - HKLM\SOFTWARE\Solvusoft Deleted: [Key] - HKU\S-1-5-21-242380504-2691889551-1728626859-1000\Software\Solvusoft Deleted: [Key] - HKCU\Software\Solvusoft Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPLICATIONS\SolvusoftTray.exe ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [7173 B] - [2018/1/10 23:1:46] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## Fixlog.txt
  7. I I ran mbytes again and this time did a custom scan for my C drive, came up with 4 threats. Meanwhile I was also running Superantispyware and it showed different threats that werent on mbytes report. I forced shutdown my pc as I was very frusturated at how advanced this infection is. Is there anyway to remove it and save my pc data?
  8. I am unable to use the cmd method, when i enter the line it outputs "the boot configuration data store could not be opened. Access is denied." Also i dont have a disk drive on my pc so I will try to use a usb for recovery. Thanks for your patience and assistance so far, and any further tips are appreciated.
  9. My advanced boot options don't have the options you listed. Also I have a windows installation disc but it's for windows 10 and my current pc is windows 7 so how should I proceed?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.