Zeon
Members-
Posts
15 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
here is the log # DelFix v1.013 - Logfile created 05/07/2018 at 19:59:11 # Updated 17/04/2016 by Xplode # Username : Zeon - ZEON # Operating System : Windows 10 Enterprise (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\Utilizador\Desktop\AdwCleaner.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #16 [Scheduled Checkpoint | 07/02/2018 12:44:37] Deleted : RP #17 [Removed Google Chrome | 07/04/2018 12:20:13] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ########## and no got everything solved! Thank you very much once again! ?
-
alright it worked now Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018 Ran by Zeon (05-07-2018 16:43:11) Run:4 Running from C:\Users\Utilizador\Documents\Stuff\Scan Loaded Profiles: Zeon (Available Profiles: Zeon) Boot Mode: Normal ============================================== fixlist content: ***************** Zip: C:\Users\Utilizador\AppData\Local\Windows Media Player 11\epools.txt;C:\Users\Utilizador\AppData\Local\Windows Media Player 11\config.txt ***************** ================== Zip: =================== C:\Users\Utilizador\AppData\Local\Windows Media Player 11\epools.txt -> copied successfully to C:\Users\Utilizador\Desktop\05.07.2018_16.43.11.zip C:\Users\Utilizador\AppData\Local\Windows Media Player 11\config.txt -> copied successfully to C:\Users\Utilizador\Desktop\05.07.2018_16.43.11.zip =========== Zip: End =========== ==== End of Fixlog 16:43:12 ==== 05.07.2018_16.43.11.zip
-
ok here Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018 Ran by Zeon (05-07-2018 13:33:43) Run:3 Running from C:\Users\Utilizador\Documents\Stuff\Scan Loaded Profiles: Zeon (Available Profiles: Zeon) Boot Mode: Normal ============================================== fixlist content: ***************** CMD: dir /a "C:\Users\Utilizador\AppData\Local\Windows Media Player 11" ***************** ========= dir /a "C:\Users\Utilizador\AppData\Local\Windows Media Player 11" ========= Volume in drive C has no label. Volume Serial Number is 58BE-3AB1 Directory of C:\Users\Utilizador\AppData\Local\Windows Media Player 11 2018-07-04 05:48 PM <DIR> . 2018-07-04 05:48 PM <DIR> .. 2018-07-04 01:33 PM 27,359 1530707143_log.txt 2018-07-04 05:44 PM 573,042 1530711769_log.txt 2018-03-01 12:20 AM 117 config.txt 2017-03-18 05:40 PM 458,259 Data.bin 2017-03-18 05:15 PM 14,815 Data1a1.bin 2017-03-18 05:13 PM 15,404 Data1b1.bin 2017-03-18 05:37 PM 14,897 Data1c1.bin 2017-03-18 06:18 PM 14,896 Data1d1.bin 2017-03-18 06:06 PM 15,517 Data1e1.bin 2017-03-18 02:18 PM 19,018 Data1g1.bin 2017-08-08 10:22 AM 16,861 Data1h1.bin 2017-08-07 04:58 PM 16,875 Data1i1.bin 2017-03-18 02:21 PM 460,592 Data2.bin 2018-03-01 12:21 AM 350 epools.txt 2018-05-19 12:36 AM 1,443 license.txt 2012-11-05 10:26 PM 849,360 msvcr110.dll 16 File(s) 2,498,805 bytes 2 Dir(s) 483,336,466,432 bytes free ========= End of CMD: ========= ==== End of Fixlog 13:33:43 ====
-
ok here are the logs AdwCleaner # ------------------------------- # Malwarebytes AdwCleaner 7.2.1.0 # ------------------------------- # Build: 06-26-2018 # Database: 2018-07-04.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 07-04-2018 # Duration: 00:00:10 # OS: Windows 10 Pro # Scanned: 41371 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. AdwCleaner[S00].txt - [2002 octets] - [04/07/2018 14:38:01] AdwCleaner[C00].txt - [2022 octets] - [04/07/2018 14:38:39] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ########## RougueKiller RogueKiller V12.12.25.0 (x64) [Jul 2 2018] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.17134) 64 bits version Started in : Normal mode User : Zeon [Administrator] Started from : C:\Users\Utilizador\Desktop\RogueKiller_portable64.exe Mode : Delete -- Date : 07/04/2018 20:39:59 (Duration : 00:35:08) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 5 ¤¤¤ [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1C92C3E2-CAF1-4638-B1FD-A14511E92B63} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Deleted [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DC409E59-5815-4158-93C9-03A1E008C5C9} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Deleted [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2322D618-0100-48C4-851D-EFE9F0ED95AA} : v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Utilizador\AppData\Local\Windows Media Player 11\msiexec64.exe|Name=msiexec64.exe|Desc=msiexec64.exe| [x] -> Deleted [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1628437743-2166663506-2963096659-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Replaced (1) [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1628437743-2166663506-2963096659-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Replaced (1) ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 3 ¤¤¤ [PUP.uTorrentAds][File] C:\Users\Utilizador\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe -> Deleted [PUP.uTorrentAds][File] C:\Users\Utilizador\AppData\Roaming\uTorrent\updates\3.5.3_44494\utorrentie.exe -> Deleted [Test.EICAR][File] C:\Program Files\Common Files\INCA Shared\OnlineEngine\tyav32.dll -> Deleted ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD10EZEX-19M2NA0 +++++ --- User --- [MBR] 9df4041efe71bbc55778f93763c67c44 [BSP] de7901dbb9e8cb668954e04d9b87ac0f : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 953067 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952600064 | Size: 450 MB User = LL1 ... OK User = LL2 ... OK
-
So since some hours ago this started happening and I couldn't even access malwarebytes so I ran the pc on safe mode and installed it and this was the result. Just want to make sure this is everything I needed to do. I also ran FRST and the logs are also attached malwarebyte report.txt Addition.txt FRST.txt