Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by SCOP-Victim

  1. I will be sure to check all of those out! Thank you! What is delfix and why do I need to clear tools? Will it delete farbar or something? Are there some settings that are still configured or?
  2. I think I have a few more questions but I may have to send them a couple days later. Is that okay or should I just send a pm?
  3. I do not believe so. But I do have a few questions. If I were going to back up my computer, what is the best option you recommend? I was thinking of just using four DVDs or so, but they only hold a couple gigs each, and i dont know if that would be efficient. I don't really know much about backing up, or system images, etc. Basically, what is the best way for me to fully back up my computer, yet have the physical backup file (compressed or not compressed) take up as little space as possible? Lastly, I have been studying technology and viruses for over three months now, and I was wondering, how safe is it to virtually text viruses in a VM? Would it be generally ok If I have a backup ready, in case it escapes the vm? Also, if it's okay, is there any way I can contact you about general PC issues? (Seeing as this forum is for specific criteria) I really meant what I said. Microsoft's support group is just awful, they use auto responses 24/7, and they never fit the issues at hand
  4. The log from the completed fix is attached. Could you briefly educate me on what "GroupPolicy" is? It said "attention" in the log and I have gotten errors revolving around that title so I was curious Fixlog.txt
  5. Here they are! ____________________________________ Rogue log RogueKiller V12.12.12.0 (x64) [Apr 9 2018] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dylan [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Mode : Scan -- Date : 04/15/2018 14:44:04 (Duration : 02:02:45) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 4 ¤¤¤ [PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Found [PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Found [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2855338564-2088156886-2635140612-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://www.bing.com -> Found [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2855338564-2088156886-2635140612-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://www.bing.com -> Found ¤¤¤ Tasks : 4 ¤¤¤ [Suspicious.Path] \amputation_lambeth -- C:\Users\Dylan\AppData\Local\nouveaux.exe (rg) -> Found [Suspicious.Path] \baamputation_lambethamputation_lambeth -- C:\Users\Dylan\AppData\Local\nouveaux.exe (rg) -> Found [Suspicious.Path] \bamedlar samaritan ddmedlar samaritan dd -- C:\Users\Dylan\AppData\Local\Scop.exe (rg) -> Found [Suspicious.Path] \medlar samaritan dd -- C:\Users\Dylan\AppData\Local\Scop.exe (rg) -> Found ¤¤¤ Files : 4 ¤¤¤ [PShell.Gen][File] C:\WINDOWS\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\SwReporter\20.117.1\software_reporter_tool.exe -> Found [PShell.Gen][File] C:\WINDOWS\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\SwReporter\21.119.1\software_reporter_tool.exe -> Found [PUP.uTorrentAds][File] C:\Users\Dylan\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe -> Found [Adw.WifiHotSpot][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot -> Found ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 3 ¤¤¤ [PUM.HomePage][Firefox:Config] dvtdzn7k.default-1423874950531 : user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/yhp-ff|http://scratch.mit.edu/"); -> Found [PUM.SearchEngine][Firefox:Config] dvtdzn7k.default-1423874950531 : user_pref("browser.search.selectedEngine", "Yahoo!"); -> Found [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://www.tumblr.com/] -> Found ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ST31000524AS +++++ --- User --- [MBR] c70c954b0540f5567080c8cf851136b8 [BSP] 40f91546457164a68c2896337f9c5904 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 81920 | Size: 12544 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 25772032 | Size: 941284 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: SanDisk Ultra USB Device +++++ --- User --- [MBR] 55d7d0ca529be5e38fddd4f418650f36 [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 58655 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive2: Generic- SD/MMC USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive5: Generic- MS/MS-Pro USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) ____________________________________ Adwcleaner log # ------------------------------- # Malwarebytes AdwCleaner # ------------------------------- # Build: 04-12-2018 # Database: 2018-04-15.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 04-15-2018 # Duration: 00:07:55 # OS: Windows 7 Home Premium # Scanned: 40650 # Detected: 3 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.InfoG HKLM\Software\Classes\INETCTLS.INET ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** PUP.Optional.Legacy Ask PUP.Optional.Legacy AOL ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
  6. Here it is! Sorry for the delayed response. This is all I can find about the viruses.
  7. Okay, that seems fair, haha. I just wonder how businesses scan as a whole during a security breech. That must take forever. Do you know what the requirements are? anyways heres the log below the line. -------------------------------------- Malwarebytes Anti-Malware www.malwarebytes.org Scan, 4/13/2018 3:37 AM, SYSTEM, [myuser]-PC, Manual, Start:4/12/2018 3:22 PM, Duration:9 hr 18 min 23 sec, Custom Scan, Completed, 4 Malware Detections, 0 Non-Malware Detections, (end)
  8. Malwarebytes has scanned 700k files in 5 hours. That's incredibly abnormal. Should I reinstall because it's taking forever
  9. Also the forums wont let me alter my profile in any way shape or form. Why is this?
  10. File wise, nothing too important. Some python coding. Who knows, I could have deleted it myself. I was wondering if there is any file recovery software you recommend. I will be sure to send that exportation once the scan completes.
  11. Hello, again!! My computer looks like it's all polished up! All of those random garble processes are gone! <3 I have the log attached to this message. Can you tell me if it is safe to use chrome or firefox? I'm a bit hesitant because of their previous reinstallation of the virus. Who knew that internet explorer would actually help me for once? For being such an outdated browser that SmartService didn't think to alter it. Can you tell me how I can recover deleted data? I seem to be missing some files. FRST.txt
  12. It is complete and it gave me the log. Will I need to use farbar again? Will the virus alter it if the flash drive is present or just if it's running? I can go back into safemode to share it with you but I don't have access to the clean PC right now
  13. Hi! I did everything you asked with a flash drive but ran into this when opening farbar64.exe i used the command prompt with the windows re disk Should I click continue and continue the steps?
  14. Yes! I have two big school projects! Sorry!! I am available after tomorrow, but may be able to do some work after 12. Is this okay with you? I apologize for bumping the thread so much, I just cannot afford for this to be closed, you're a great help to me and basically my only hope.
  15. Hi, I am rather terrified. I was an idiot and installed malware on my computer. It is called scop.exe, and it will not let me close it down or delete it. Since it has shown up, I've been noticing clicking sounds every second. As if it is doing background stuff. in just fifteen minutes while I was scanning, it has imported 92 viruses. Various riskware, Trojans, and adware. Upon restarting to quorentine my computer no longer starts up properly. I have repaired startup through the repair disk and that worked, but only temporarily. If I restart, the same thing occurs again. No hardware is damaged. It doesn't show up as a virus by makwarebytes. And malwarebytes is the best, so I resorted to this. Attached are the processes. One is under wininit.exe the other is scop.exe, which relaunches every time I open a browser. firefox and chrome have been renamed to chrome334.exe and firefox334.exe these are running in safe mode and are just as bad i know I am not including a lot of data so please give me a list of what you need to know.
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.