Jump to content

Ghost1977

Members
  • Posts

    16
  • Joined

  • Last visited

Everything posted by Ghost1977

  1. thank you so much i do all steps 🥰😊😚
  2. system look ok always i check hem my concerns is the hacker can back to my pc or damage my pc or he hidden hem self u now the Usual concerns and thank's for Your patience and help thank u
  3. nothing found in this new scan , before when i scan in safe mode withe gmer nothing found but in normal mode find now after the first scan with krd in safe mode nothing found in normal mode some time find some time not and some time not the same infect when i scan with gmer so i think i'm steal fared from the first time when i get hacked with rootkit and the Trojan kdr he find he infect C:\Windows\System32\drivers\etc\hosts hosts2.gen : hosts.xBAD-hosts.rollback file system : 9cd20c6a-ea30-5Fec-beb5-2ac1dec4c695 report_20201216_083544.logs.txt
  4. i get this like u see in the pic and in the files of reports-Quarantine-legal there is files with format i don't now what is it so what i should upload to u files in reports or Quarantine , and when i scan he get 2 Trojan i delete them
  5. Nothing found ... - The rootkit can infect system file or note , the first time i get hacked it infected my kernel of system i just want be sure not the kernel of my motherboard or bios the hack tel me it's put it in my hard disk (ssd) i remember first time it's infect the drivers - can be new rootkit !!!! the first time like this i scan with all soft nothing found only with gmer i which the erase it's do hes work for month nothing found and this days found this rootkit maybe gmer he not update yet for the last update of windows 10 20h2 i hope this , and i hope u Understand me and sorry for my bad English Thank you
  6. and all think u tell me to following i do in normal not safe mode and thanks
  7. i'm afraid the rootkit still exists in my pc or effected my bios or my motherboard and i use flash disk in infected pc and the same flash disk on other pc and afraid that rootkit moved to other pc with the flash disk , after i erase my hdd and ssd i'ts about one month now i use my computer and i don't open any think personal in the pc and i don't see any think strange only gmer is gone from my desktop after i do fix with frst , and after month in this day's only when i use gmer to check it my pc i found it this one so i'm concerns is stay existence in my pc or effect my network or my other device without i now the other pc i scanned with gmer nothing found so i use my pc but i don't put the trust in hem when i get hacked first time all file in hdd gone after restart pc i want to confirm my pc is clean and my network and this rootkit not moved with flash disk or in the network or stay in my network
  8. sorry i can't upload fixlog i get error code 200 so i put it her in rar i hope it's ok not a problem and i have some other question when u finish all this thanks Fixlog.rar
  9. AdwCleaner[C00].txt msert.log Text.txt
  10. when i scan with mbar he find no think i scan with hem 2 time and this is all file u asked Addition.txt FRST.txt mbar-log-2020-12-11 (12-04-31).txt system-log.txt
  11. sorry i want to say it's me not some one and sorry for my bad English
  12. for 1 month some one hack with rootkit i knew it by scanning with gmer and i format my ssd 128 gb with clean all in cmd + my hdd 500 gb and i tray dban for my hdd and erase+ in my motherboard for my ssd and i stay cheek my pc every time and i don't find any think and today i tray safe mode and i tray gmer nothing but always give me blue screen i trace I/O so i don't check the box every time when i scan i tray just the box of trace I/O but when i scan with gmer in normal mode of windows i find rootkit he is come back the old or is new rootkit and i tray all soft of rootkit no one of them can find only gmer and this is what i find with gmer when i scan with out check the box of trace I/O i hope find some one help me :( pleas ---- Services - GMER 2.2 ---- Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] AarSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] BcastDVRUserService_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] BluetoothUserService_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] CaptureService_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] cbdhsvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] CDPUserSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] ConsentUxUserSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\CredentialEnrollmentManager.exe (*** hidden *** ) [MANUAL] CredentialEnrollmentManagerUserSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DeviceAssociationBrokerSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DevicePickerUserSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DevicesFlowUserSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] MessagingService_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] OneSyncSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] PimIndexMaintenanceSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] PrintWorkflowUserSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] UdkUserSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\System32\svchost.exe (*** hidden *** ) [MANUAL] UnistoreSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] UserDataSvc_32faf <-- ROOTKIT !!! Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] WpnUserService_32faf <-- ROOTKIT !!!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.