Jeffriel37
-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by Jeffriel37
-
computer crashing and strange running services
Jeffriel37 replied to Jeffriel37's topic in Resolved Malware Removal Logs
and i did like you said and switch off controlled folder access but things didnt get better -
computer crashing and strange running services
Jeffriel37 replied to Jeffriel37's topic in Resolved Malware Removal Logs
yes that hard drive wont recognize the network adapter anymore so I bought another drive(500gb ssd) and switch out the crashed one, got a thumb drive with a new windows 10 on it so i could troubleshoot and hopefully get my old one with all my files on it running again. -
computer crashing and strange running services
Jeffriel37 replied to Jeffriel37's topic in Resolved Malware Removal Logs
I did run malwarebytes and it found nothing as well as adware cleaner and it found nothing so there are no reports from those two to post and the scan reports from farbar are in my first post above. -
my computer has crashed several times recently and had trouble logging on after it restrarts. also noticed some strange running services in process explorer with some weird strings and threads. one dll titled "Multi User Windows USER API Client DLL" had a string that said "WTSStartRemoteSessionA" , and another dll titled "Windows Remote Desktop Session Host Server SDK APIs with some really strange strings. something is causing my system to malfunction and my suspicion is hacking of some sort but I am not an expert? please help? Thank you. attached is the farbar scan. Note: about some of the scan results (I never use microsoft edge , I dont even have internet explorer installed, no one has logged onto that p_t__ account in over a year not even me , not sure what "vwifimp.sys[50176 2019-03-18]" is or "p9rdr.sys[88888 2019-10-06]" , just thought these might be note worthy) and what is that RuntimeBroker.exe.txt file i found in the same file as the scan results ? Addition.txt FRST.txt Shortcut.txt RuntimeBroker.exe.txt
-
oh 1 important bit of info you may find useful for statistics or whatever, I did put that hard drive in an old cheap rig of mine that will run the fixmestik gizmo and after 4 and a half hours it came up with 4 instances of what it called a trojan by the name of "zero......." something or other, I did not have time to write down the exact names or versions it was displaying, but that seems to be what this whole thing must have been caused by,sneaky damn virus bastards lol, thought you would like to know? Thanks again Ron !! We fought the good fight. Jeffriel37 over and out
-
hey man, that hard drive still wont boot up past the sign in screen. I replaced the other two operating systems in the other two pc's here on the home network as well as installed a non-wifi router, convinced that is how we got hacked. they, centurylink, sent me what looked like just another wifi router, for$100.oo and so I pulled the thing apart and sure enough, none of the wifi components were on the board, so I hooked her up and we are secure now, cat5 run to everything including the printer. I know it sounds paranoid, but just cuz i am paranoid does not mean they are not out to get me lol, so I got a new 2Tb harddrive at amazon and loaded an oem ver of windows7 on it and will use that in my desktop for now , I just got thebuild finished and havent got a chance to game on it or nothing, amd fx9590 4.7ghz cpu , bios on the asrock mb say the cpu will max out at 6.7ghz!! with 28gb of 2400mhz ram and my old turd nvidia gtx960 with 2gb dedicated , it should be more fun than a hacked hard drive haha !! wouldnt that be something if I got all the way through this only to F myself shutting down the pc while windows was updating, kinda sounds that way, well thanks for your assistance through this ordeal, I learned a great deal of valuable info and it was a vital asset knowing you there right thru it to advise and help and write that code and script , thank you good sir, Ron, very much. when I have problems in the future I will hit you up specifically, sir. God Bless !! I'll be around....... o/
-
windows updated and restarted without me and now I am in re- reb-reboot -re -reboot-re-reboot hell where it wont quite boot up, sometimes I actually get the password typed in and it starts over, other times it freezes right before the password screen half in half out of the page. at this point, however, I have not yet had the chance to effect the most recent fixlist.txt you posted for me so please dont close the topic yet, on my laptop currently trying to get the desktop to boot ???? thanks for your patience , brother Ron !!
-
Thank you, sir. Several new things in windows to get used to I guess, thanks for explaining alot of that, it is greatly appreciated . And did I read that correct, you write these fix codes yourself ? that is impressive, man and as well even greater appreciated now !! I did not realize that in the earlier assistance you provided but looking back now I see it. I will affect this fix and see where that leads us, hopefully to safer surfing and a secure network, the new none-wireless router comes tomorrow ? Thank you , good sir , Ron !! Jeffriel37 o/
-
Ok my friend, I downloaded and ran the rootkit scan and it took like 4 hours and came up with nothing, said all clear. So I ran another Frst64 scan and attached are those results. There are a couple things that I dont think should be on my pc in these logs , such as: 1) the PCPitstopSVC acct. which created it self and I can not get ride of 2) the registry entry "MountPoints2 \D:\SetUp" 3) the registry entry " Install\ LastPass IE RunOnce.lnk 4) 5 diffrent Tcpip entries of DHCPNameServers 5) what's with all the hxxp: instead of http: 6) any and all of the IE or Edge references, both are disabled I thought, I use FireFox only 7) what is "ArdDRV.sys (RW-Everythinng) 8) Windows\system32\Chakra.dll 9) MSVPXENC.dll , there are several more that have me concerned but you let me know what you think, maybe I am being paranoid but the fact that I am paranoid does NOT mean they are not out to get me. Also , why do I only of late have so many instances of Firefox running(8 to 10 at once) for a single web page open and what is with all the svchost or dashost or sihost or csrss, literally hundreds at a time? When the pc is idle there are well over 265 processes running at any given time while the only app I have open is Taskmanager or process manager which I am only using to view all these damn apps and processes which have 4Gb of Ram used up and 20% to 30% cpu running on a new 4.7Ghz 8 core amd fx9590 ???? let me know where I am missing the simple obvious, cuz I know on some of this , I am being butt stupid , but how will I know , if I dont ask, right? thank you for your help, Ron !! Jeffriel37 FRST.txt Addition.txt DriverInfected.csv Fixlog.txt
-
ok running the mbar scan now but wont be able to post the results till I get home from work tonight. glad to have you still on the case , Ron , good sir. Thanks !! Jeffriel37 P.S. also I have bigger problems, all 3 pc's on my home network got infected and crapped out , think I figured out my network was hacked , so I will have 2 more pc's I will need help with, all have malwarebytes premium but the other 2 are still windows7 as I have not been able to upgrade to 10 due to these current issues. Thanks for your patience and assistance, truly !!
-
also, that PCPitstopSVC account that is enabled is not something I created and can not seem to get rid of it. It can access more of my own files than I can.
-
https://forums.malwarebytes.com/topic/232683-need-help/ that is the link to the original topic and attached are the logs you will be asking me for, I believe. things seemed to be getting better until I ran the fix file from the original topic post , after doing so , I was unable to get the system to even boot up. now that I am able to , it is dodgy at best and prone to random unannounced shut downs and sometimes reboots. programs are jittery as is the mouse and a dos or power shell window often flashes on screen for a second when opening a new web page or any of my games or programs. And it is super slow doing ANYTHING and everything. Please help ? Thank you. AdwCleaner[C01].txt AdwCleaner[S01].txt FRST.txt Addition.txt mbst-stub-results.txt Fixlog.txt DriverInfected.csv
-
here you go , sir , after avg uninstall and reboot, thanks !! That avg really is a useless turd, isn't it . Addition.txt FRST.txt
-
Not sure if I am getting these posted or not or if I am posting the correct files but here is what I believe you asked me for and maybe some stuff you didnt ask me for, sorry. Let me know what else you need from me or what i should do next. I wont do anything until you give me the word to. Thanks again for your help and for your patience , I know my ignorance can be frustrating. Jeffriel37. mbst-stub-results.txt first malwarebytes scan.txt Setup Log 2018-02-17 #001.txt mbst-stub-results.txt mbst-check-results.txt mb-support-log.txt Addition.txt FRST.txt AdwCleaner[C00].txt
-
Thank you for your prompt response, I am proceeding with your instructions as quickly as I can so please be patient with me as I am dealing with a dyfunct system that is unpredictable ? Your help is greatly appreciated, AdvancedSetup.
-
Here are these as well...... mb-check-results.txt mbst-grab-results.zip mb-check-results.zip mbst-stub-results.txt
-
Computer is running slow, something is posting desktop shortcuts to my desktop to the point it is over filled and the icons are just stacking on top of each other, weird ? missing files and can not access my downloads or my documents. Cant seem to locate music I recorded in my D.A.W. program Studio one 2 and that is most grim. Addition.txt FRST.txt mb-grab-errors.txt malwarebytes 3.txt
-
Desktop is acting weird , files are systematically disappearing , can't access My documents or My downloads among many other things and for being a brand new build (AMD FX9590 4.7Ghz with 16Gbs 2400Mhz DDR3 & NVIDIA GTX 960) it is slower than watching paint dry ?? Please advise !! Thanks. FRST.txt mb-grab-errors.txt