Jump to content


  • Content Count

  • Joined

  • Last visited

About Erik95

  • Rank
    New Member
  1. Is it not showing the correct value or is it showing it? if yes then okay thank you for your help
  2. Farbar Recovery Scan Tool (x64) Version: 23.09.2018 Ran by Tarzan (24-09-2018 13:24:46) Running from C:\Users\Tarzan\Downloads Boot Mode: Normal ================== Search Registry: "OfflineScanRun" =========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Scan] "OfflineScanRun"="1" ====== End of Search ======
  3. Farbar Recovery Scan Tool (x64) Version: 23.09.2018 Ran by Tarzan (23-09-2018 14:53:22) Running from C:\Users\Tarzan\Downloads Boot Mode: Normal ================== Search Files: "OfflineScanRun" ============= ====== End of Search ======
  4. Okay thankyou I've just done a windows defender offline scan and the log says this Windows Defender Antivirus Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware. Old value: N/A\Scan\OfflineScanRun = New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\OfflineScanRun = 0x0 Is that something to worry about?
  5. Only one Suspicious path on this scan... roguefinder.txt
  6. EDIT: the Rogue finder log I posted doesn't seem to show it's findings. I'm running the tool now, it's found 2 Suspicious paths and 2 Pum.DNS will update with the log
  7. Well I was worried I may have something serious and I wanted to be sure it wouldn't avoid detection. A quick google search told me the best tool is GMER so I used it. Thank you I will remove the files and follow the steps in the tutorial.
  8. I've recently tried running a file from a friends hard drive and got a trojan warning so I used a factory restore to remove the infection. I now used Gmer to make sure I don't have any rootkits an it'll cause a BSOD with the report being fwddifog.sys and ntoskrnl.exe marked in red 092018-26359-01.dmp 20/09/2018 09:27:33 DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 ffffa601`11d11010 00000000`000000ff 00000000`000000d5 fffff800`ea298bc8 fwddifog.sys fwddifog.sys+8bc8 x64 ntoskrnl.exe+1a9380 C:\Windows\Minidump\092018-26359-01.dmp 4 15 17134 1,211,316 20/09/2018 09:29:46 Rogue killer gives me 4 possible positives ive attached all the requested logs FRST.txt Addition.txt changelog.txt
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.