Jump to content

Czepa

Members
  • Posts

    20
  • Joined

  • Last visited

Reputation

0 Neutral
  1. sorry, ive been experiencing domestic abuse. why the question about crypto app? i use a browser addon wallet, but dont use it much. crypto is gambling and a pyramid/ponzi scheme destined to fail, or succeed at devaluing all stores of value (great - reset). if i block cs9.wac.phicdn.net or all phicdn.net in my router will this cause problems? CLEANMGR.exe doesnt open, is there a way to navigate to it through menus?
  2. sorry for the late reply, ive been busy with work. and other issues SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21] WebSite: www.safezone.cc DateLog: 02.06.2022 14:29:38 Path starting: C:\Users\Ross\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Ross VersionXML: 9.81is-29.05.2022 ___________________________________________________________________________ Windows 10(6.3.19044) (x64) Professional Release: 2009 Lang: English(0409) Installation date OS: 27.02.2021 05:28:58 LicenseStatus: Windows(R), Professional edition Volume activation will expire : 229254 minutes Boot Mode: Normal Default Browser: C:\Program Files\Waterfox\waterfox.exe SystemDrive: C: FS: [NTFS] Capacity: [465.2 Gb] Used: [385.8 Gb] Free: [79.4 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.789.19041.0 User Account Control enabled (Level 2) Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Windows Defender (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Windows Defender Firewall (mpssvc) - The service is running ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Malwarebytes version 4.5.9.198 v.4.5.9.198 GlassWire 2.3 (remove only) v.2.3.397 -------------------------- [ SecurityUtilities ] -------------------------- RogueKiller version 15.5.1.0 v.15.5.1.0 GlassWire 2.3 (remove only) v.2.3.397 --------------------------- [ OtherUtilities ] ---------------------------- GPL Ghostscript v.9.53.3 Warning! Download Update Uninstall old version and install new one. Steam v.2.10.91.91 OpenOffice 4.1.11 v.4.111.9808 Warning! Download Update ------------------------------ [ ArchAndFM ] ------------------------------ WinRAR 6.00 (64-bit) v.6.00.0 Warning! Download Update -------------------------- [ IMAndCollaborate ] --------------------------- Discord v.0.0.309 Warning! Download Update --------------------------------- [ P2P ] --------------------------------- qBittorrent 4.3.3 v.4.3.3 Warning! Download Update -------------------------------- [ Media ] -------------------------------- VLC media player v.3.0.12 Warning! Download Update ------------------------------- [ Browser ] ------------------------------- Mozilla Firefox 86.0 (x64 en-US) v.86.0 Warning! Download Update Waterfox (x64 en-US) v.G4.1.2.1 Microsoft Edge v.88.0.705.81 Warning! Download Update ----------------------------- [ EmailClient ] ----------------------------- Mozilla Thunderbird (x86 en-US) v.91.9.1 ------------------ [ AntivirusFirewallProcessServices ] ------------------- C:\Program Files (x86)\GlassWire\GlassWire.exe v.2.3.397.0 C:\Program Files (x86)\GlassWire\GWIdlMon.exe v.2.3.397.0 GlassWire Control Service (GlassWire) - The service is running C:\Program Files (x86)\GlassWire\GWCtlSrv.exe v.2.3.397.0 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.1302 Malwarebytes Service (MBAMService) - The service is running C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1058 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe v.4.18.2203.5 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe v.4.18.2203.5 Microsoft Defender Antivirus Service (WinDefend) - The service is running Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service is running ---------------------------- [ UnwantedApps ] ----------------------------- CCleaner v.6.00 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program. ----------------------------- [ End of Log ] ------------------------------ OOPS, HERE IT IS RAN AS ADMINISTRATOR: SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21] WebSite: www.safezone.cc DateLog: 03.06.2022 01:59:30 Path starting: C:\Users\Ross\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Ross VersionXML: 9.81is-29.05.2022 ___________________________________________________________________________ Windows 10(6.3.19044) (x64) Professional Release: 2009 Lang: English(0409) Installation date OS: 27.02.2021 05:28:58 LicenseStatus: Windows(R), Professional edition Volume activation will expire : 228564 minutes Boot Mode: Normal Default Browser: C:\Program Files\Waterfox\waterfox.exe SystemDrive: C: FS: [NTFS] Capacity: [465.2 Gb] Used: [386.3 Gb] Free: [78.9 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.789.19041.0 User Account Control enabled (Level 2) Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Windows Defender (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Windows Defender Firewall (mpssvc) - The service is running ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Malwarebytes version 4.5.9.198 v.4.5.9.198 GlassWire 2.3 (remove only) v.2.3.397 -------------------------- [ SecurityUtilities ] -------------------------- RogueKiller version 15.5.1.0 v.15.5.1.0 GlassWire 2.3 (remove only) v.2.3.397 --------------------------- [ OtherUtilities ] ---------------------------- GPL Ghostscript v.9.53.3 Warning! Download Update Uninstall old version and install new one. Steam v.2.10.91.91 OpenOffice 4.1.11 v.4.111.9808 Warning! Download Update ------------------------------ [ ArchAndFM ] ------------------------------ WinRAR 6.00 (64-bit) v.6.00.0 Warning! Download Update -------------------------- [ IMAndCollaborate ] --------------------------- Discord v.0.0.309 Warning! Download Update --------------------------------- [ P2P ] --------------------------------- qBittorrent 4.3.3 v.4.3.3 Warning! Download Update -------------------------------- [ Media ] -------------------------------- VLC media player v.3.0.12 Warning! Download Update ------------------------------- [ Browser ] ------------------------------- Mozilla Firefox 86.0 (x64 en-US) v.86.0 Warning! Download Update Waterfox (x64 en-US) v.G4.1.2.1 Microsoft Edge v.88.0.705.81 Warning! Download Update ----------------------------- [ EmailClient ] ----------------------------- Mozilla Thunderbird (x86 en-US) v.91.9.1 ------------------ [ AntivirusFirewallProcessServices ] ------------------- C:\Program Files (x86)\GlassWire\GlassWire.exe v.2.3.397.0 C:\Program Files (x86)\GlassWire\GWIdlMon.exe v.2.3.397.0 GlassWire Control Service (GlassWire) - The service is running C:\Program Files (x86)\GlassWire\GWCtlSrv.exe v.2.3.397.0 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.1302 Malwarebytes Service (MBAMService) - The service is running C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1058 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe v.4.18.2203.5 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe v.4.18.2203.5 Microsoft Defender Antivirus Service (WinDefend) - The service is running Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service is running ---------------------------- [ UnwantedApps ] ----------------------------- CCleaner v.6.00 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program. ----------------------------- [ End of Log ] ------------------------------
  3. Thanks for the clarification ill run it tomorrow after work. goodnight, and cheers for all your help so far Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/31/22 Scan Time: 10:34 PM Log File: caf1c6fa-e0ee-11ec-87fc-b42e99ecce76.json -Software Information- Version: 4.5.9.198 Components Version: 1.0.1689 Update Package Version: 1.0.55626 License: Free -System Information- OS: Windows 10 (Build 19044.1706) CPU: x64 File System: NTFS User: Miranda\Ross -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 296531 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 2 min, 26 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  4. the reason i ask is because i talked with a developer friend and he said to be cautious of forks like this and mentioned that alot of github malware posting profiles have had provocative political statements. and although i agree with the statement it says on his the page linked: "Hi, I am Stanislav Polshyn - a lawyer, security observer and malware researcher from Ukraine (Chernobyl, Na'Vi, Щедрик, Colony of USA). Yankee go home!" ive downloaded it, but ill wait till later to run it.
  5. im not posting any information that could allow someone to hack me am i? lets say they already have my IP
  6. <Report> <Metadata Version="1" PCID="{BEF1DF85-CBE6-5C63-33F1-4F3CB0F0A9CC}" LastModification="2022.05.31 01:16:47.059" /> <EventBlocks> <Block0 Type="Scan" Processed="2854011" Found="0" Neutralized="0"> <Event0 Action="Scan" Time="132983998051681871" Object="" Info="Started" /> <Event1 Action="Scan" Time="132984046070572687" Object="" Info="Finished" /> </Block0> </EventBlocks> </Report> report_2022.05.30_23.56.03.txt
  7. version 2 1H2 build 19044.1706 but cause the file is missing too, does this mean that its a file that has been placed there potentially by someone who has gained access to my system? like this: "Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)" do you see the capitalization differences in the file name? maybe i can check the publisher somehow? the one actually present in the file system has the capitalizations. i checked alot of the things listed as file missing and i would like it if they actually were deleted altogether, so long as it doesnt destroy functionality. i do not like windows phoning home all the time just on principle, its like android phones and their base band modem
  8. it picked up nothing. 4 processing errors on some discord files, probably because they are in use.
  9. i cannot screenshot it..... where is the log file placed?
  10. but what does 'unknown owner' actually mean? does it mean that file is there but the ID is not what is expected? ok, doing the scan before bed, next reply after that may take a while.
  11. @Maurice Naggar before i do that, can you please let me know if the github HijackThis mentioned above is legit and not potentially dangerous? i originally came here for simple clarification about what 'unknown owner' means, specifically if this means that a file of the same/similar name exists (being spoofed by malware).
  12. no infections found. the log doesnt really say much about anything
  13. here it is. is it possible this could have restored some of the microsoft telemetry and remote access services? i may run sophia after this whole process to make sure. msert.log
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.