Jump to content

archana

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

289 profile views
  1. ya completed with uninstalling FRST64.exe and also done with the other three links.. thank you so much!!!
  2. so it means that my pc is safe right? and one more thing is can i use online banking it will be safe right? i know its stupid to ask this question !! but do reply. and thank you so much for taking your time in replying these questions !!
  3. my web history got deleted after using the fixlist.txt with frst.exe is it okay?
  4. its fine but I'm still concern about the torjan glupteba removal failed did it got removed or quarantined ? the location in the Detection History of Malwarebytes is under the Registry Key points to a Firewall rule . HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DD0786B-1276-4F95-8FB1-A16CF7C18592}
  5. done with Microsoft's Safety Scanner and this is the log: --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.76, October 2019 (build 5.76.16439.1) Started On Fri Oct 11 17:12:52 2019 Engine: 1.1.16300.1 Signatures: 1.301.2099.0 MpGear: 1.1.16330.1 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 11 17:16:22 2019 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.77, November 2019 (build 5.77.16547.2) Started On Fri Nov 15 08:42:26 2019 Engine: 1.1.16500.1 Signatures: 1.305.993.0 MpGear: 1.1.16330.1 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 15 08:46:12 2019 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.78, December 2019 (build 5.78.16632.1) Started On Sat Dec 14 05:16:16 2019 Engine: 1.1.16500.1 Signatures: 1.305.2804.0 MpGear: 1.1.16330.1 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Sat Dec 14 05:21:03 2019 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.79, January 2020 (build 5.79.16654.1) Started On Sun Jan 19 18:15:37 2020 Engine: 1.1.16600.7 Signatures: 1.307.832.0 MpGear: 1.1.16330.1 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Sun Jan 19 18:20:18 2020 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.80, February 2020 (build 5.80.16723.5) Started On Thu Feb 13 20:01:08 2020 Engine: 1.1.16600.7 Signatures: 1.307.2526.0 MpGear: 1.1.16330.1 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 13 20:05:42 2020 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.81, (build 5.81.16832.1) Started On Mon Mar 30 09:09:17 2020 Engine: 1.1.16800.2 Signatures: 1.311.96.0 MpGear: 1.1.16330.1 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Mon Mar 30 09:14:05 2020 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.82, (build 5.82.17046.2) Started On Wed May 13 18:35:08 2020 Engine: 1.1.16900.4 Signatures: 1.313.2734.0 MpGear: 1.1.16330.1 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 18:38:14 2020 Return code: 0 (0x0)
  6. i downloaded fixlist.txt and saved it in the same folder of frst.exe and Opened FRST and pressed the Fix button but it asked to restart is that okay? Fixlog.txt
  7. ya i did it malwarecheck.txt Addition.txt FRST.txt
  8. thank you so much for replying !!! log from Malwarebytes: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/13/20 Scan Time: 11:55 AM Log File: 7c911218-94e2-11ea-8972-507b9d892153.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.896 Update Package Version: 1.0.23742 License: Trial -System Information- OS: Windows 10 (Build 18362.778) CPU: x64 File System: NTFS User: DESKTOP-NKMGN8V\IGML-Admin -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 307706 Threats Detected: 19 Threats Quarantined: 18 Time Elapsed: 4 min, 55 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 7 Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, Quarantined, 520, 584322, 1.0.23742, , ame, Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, Quarantined, 520, 518478, 1.0.23742, , ame, Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, Quarantined, 520, 518476, 1.0.23742, , ame, Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\Speedycar, Quarantined, 520, 518473, 1.0.23742, , ame, Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\TechnologyDesktopnew, Quarantined, 520, 518479, 1.0.23742, , ame, Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{57AA95DA-C291-4C1E-ACAC-DFC37E9D1B4E}, Quarantined, 493, 781231, 1.0.23742, , ame, PUP.Optional.GarbageCleaner, HKU\S-1-5-21-1375186200-1658034882-4267554585-1001\SOFTWARE\GCleaner, Quarantined, 1205, 676886, 1.0.23742, , ame, Registry Value: 2 Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{57AA95DA-C291-4C1E-ACAC-DFC37E9D1B4E}|PATH, Quarantined, 493, 781231, 1.0.23742, , ame, Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DD0786B3-1276-4F95-8FB1-A16CF7C18592}, Removal Failed, 493, 795081, 1.0.23742, , ame, Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 1 PUP.Optional.GarbageCleaner, C:\PROGRAMDATA\GARBAGE CLEANER, Quarantined, 1205, 676884, 1.0.23742, , ame, File: 9 PUP.Optional.GarbageCleaner, C:\ProgramData\Garbage Cleaner\Bunifu_UI_v1.5.3.dll, Quarantined, 1205, 676884, , , , Adware.Linkury, C:\USERS\IGML-ADMIN\APPDATA\LOCAL\installer.dat, Quarantined, 423, 715618, 1.0.23742, , ame, Adware.Linkury.TskLnk, C:\USERS\IGML-ADMIN\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Quarantined, 15073, 444923, 1.0.23742, , ame, Rootkit.Agent, C:\WINDOWS\SYSTEM32\DRIVERS\WDF23630.SYS, Quarantined, 489, 816419, 1.0.23742, 8983890321123109FCA4357F, dds, 00717372 Generic.Malware/Suspicious, C:\USERS\IGML-ADMIN\APPDATA\LOCAL\TEMP\IQ4H42JLQJN\53QMYCRXDT3.EXE, Quarantined, 0, 392686, 1.0.23742, , shuriken, Adware.Csdimonetize, C:\USERS\IGML-ADMIN\APPDATA\LOCAL\TEMP\IS-C9HK7.TMP\MONTENEGRO.EXE, Quarantined, 2943, 820910, 1.0.23742, E5F2CE9B20920ACAB39DF2E9, dds, 00717372 PUP.Optional.DiskFixer, C:\USERS\IGML-ADMIN\APPDATA\LOCAL\TEMP\G05R2TZXZGW.EXE, Quarantined, 2966, 758704, 1.0.23742, , ame, Trojan.Ranumbot, C:\USERS\IGML-ADMIN\APPDATA\LOCAL\TEMP\CSRSS\W20200508.EXE, Quarantined, 14854, 819921, 1.0.23742, E2E5978B7717AD25FF042E32, dds, 00717372 Trojan.Downloader.PWS, C:\USERS\IGML-ADMIN\APPDATA\LOCAL\TEMP\U4A3HW44BAL\WYFDGGFF.EXE, Quarantined, 13215, 807693, 1.0.23742, 5C2C5B225C465B74EC2EC84F, dds, 00717372 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) Adw Cleaner log: # ------------------------------- # Malwarebytes AdwCleaner 8.0.4.0 # ------------------------------- # Build: 04-03-2020 # Database: 2020-05-13.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-16-2020 # Duration: 00:00:08 # OS: Windows 10 Enterprise # Cleaned: 1 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Windows\rss ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1560 octets] - [16/05/2020 15:01:20] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## malware.txt
  9. i downloaded a book file 2 days before and it got saved in DVD drive E when i opened it, it asked to run it to view files and i did it, after few hours window security was popping up saying threat detected and i ejected the file, but still the window security is popping up and its saying its Trojan virus so my friend suggested to use Malwarebytes and I installed it did a full scan it detected the Trojan virus and quarantined it and I got it deleted and ran a full system scan with windows security and now its showing no threat. but I'm still confused that it removed the virus or not because in the history of malwarebyte it says that the Trojan.glupteba.e - removal failed. what to do? is it still in my pc? and one more thing is can i use online banking ?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.