Jump to content

Lognf

Members
 View Profile  See their activity

  • Content Count

    15

  • Joined

  • Last visited

About Lognf

  • Rank
    New Member
  1. Lognf
    Oh, Thank you! Just solved my problem, very grateful for the assistence. Cheers!
  2. Lognf
    # ------------------------------- # Malwarebytes AdwCleaner 7.4.1.0 # ------------------------------- # Build: 09-04-2019 # Database: 2019-09-02.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 09-04-2019 # Duration: 00:00:04 # OS: Windows 10 Pro # Cleaned: 6 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1} Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted istartsurf ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1747 octets] - [01/09/2019 15:36:44] AdwCleaner[C00].txt - [1877 octets] - [01/09/2019 15:37:30] AdwCleaner_Debug.log - [11685 octets] - [04/09/2019 18:47:26] AdwCleaner[S01].txt - [2022 octets] - [04/09/2019 18:49:37] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
  3. Lognf
    Also ADWcleaner log
  4. Lognf
    Hello AdvancedSetup, did the tests and looks like nothing has really changed Malwarebytes.txt Addition.txt FRST.txt
  5. Lognf
    Okay I solved the win update and windows defender corrupted/missing files... but theses adwares still returning to my pc everytime I add they to quarentine, what should I do?
  6. Lognf
    Also SFC /scannow logCBS.log
  7. Lognf
    I forgot to upload the mbst-grab-results... here it go mbst-grab-results.zip
  8. Lognf
    Also I already tried ADWCleaner and Malwarebytes Anti-Rootkit.
  9. Lognf started following Malware causing a bunch of system issues
  10. Lognf
    A few days ago I restarted my computer before a long time without re-starting it (like 1 week with the pc on) and I noticed that "Explorer.exe" was requesting to initialize, but the real explorer.exe task was already running... I said no but then I checked the directory of the file and the system said that the file was on %windir%/resources/themes, well going into folder to check if the file exists I noticed that theres nothing more than aero themes in this folder. So did a scan in the folder using malwarebytes and it recognized svchost.exe malware and explorer.exe, before adding they do quarentine I wanted to check why the files didnt apeared, so I enabled "show hidden folders" in explorer (the real one, from microsoft) and it changed nothing, well, so I tried to open the archive by going with %windir%/resources/themes/explorer.exe in the explorer path, it worked, but I still uncapable of seeing this file... So I started CMD as admin and did " cd " to %windir%/resources/themes and did " dir " inside the folder, as I expected the dir shows the same as explorer, but appeared 2 new items that the was named as " . " and " .. " I deleted both sucessfully. Searching for this in internet I found that there's an other way to hide files in windows, that was adding them to" important system files or protected system files" list, and following the instructions to disable this privilege, I finally could see the archives, well, I added them to the quarentine list and continued using my computer since yesterday that I realized that everytime malwarebytes send two addwares to quarentine (I left the results of scan in the post as "Annoying addware.txt") they come back right after I finish the task... When trying to solve these issues I realized many things... 1- I cant use commands as DISM, sfc /scannow, windows update, windows defender( I will let write happens when i try to use them bellow this part) , net start/stop wuauserv (the wuauserv service doesnt even exists in registry, I didnt checked windows defender one...) 2- there was a folder called QEMU hidden with the "important system files" method, I deleted all content Inside and then deleted the folder after taking out the folder privilegies 3- Theres two "program" files in "Inicialize" section of task manager wich I cant go to proprieties ( I dropped the print down on anexed files named as "Program" unknow files) When I try to use with /checkhealth everything go fine, but when I try to use dism with /restorehealth it stops at 87,5% and gives an error 1060 messages saying " the specified service does not exist as an installed service " ( I left the DISM log file right bellow named as DISM.txt ) When I try to use sfc /scannow it says that cannot fix all issues When i try to use windows update it says that my organizations disable windows updates ( ? ) When I try windows defender it just goes black screen on the window Well, it would be great if someone could help me, I dont really want to re-install windows... I would take a month to setup my pc again Also, I run Windows 10 Pro 64bits, version 1809... dism.log Annoying Adware.txt Rkill.txt FRST.txt Addition.txt
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept