Jump to content

Still problem with Malware


Recommended Posts

But I still have odd behaviour on my system, when I first boot, my computer starts up for 6 seconds then turns off, if I do it a second time, It starts up as normal. MalwareBytes ain't finding anything anymore and either is Windows Defender or Microsoft's free anti-malware. Also my browser keeps changing pages to adverts and other suspicious websites.

Link to post
Share on other sites

Hello and :welcome:

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button. button.

    x5o4gh.png

  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.

  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Link to post
Share on other sites

  • Root Admin

2016-06-11 21:56 - 2016-06-11 21:56 - 00150861 _____ C:\Users\Brian Kiggin\Downloads\[kat.cr]the.official.dsa.complete.learner.driver.pack.electronic.version.torrent
2016-06-11 21:56 - 2016-06-11 21:56 - 00028644 _____ C:\Users\Brian Kiggin\Downloads\[kat.cr]the.official.dvsa.complete.learner.driver.pack.2015.torrent
2016-06-11 21:59 - 2016-06-11 21:59 - 00150861 _____ C:\Users\Brian Kiggin\Downloads\[kat.cr]the.official.dsa.complete.learner.driver.pack.electronic.version (1).torrent
2016-06-11 21:59 - 2016-06-11 21:59 - 00003389 _____ C:\Users\Brian Kiggin\Downloads\[kat.cr]alcohol.120.2.0.3.build.7612.retail.2015.frank.torren
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com

Link to post
Share on other sites

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware
  • Click the Scan tab, choose Threat Scan is checked and click Start Scan.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.


Save the file to your desktop and upload your next reply.

Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked. option is checked.

    2873ryc.png

  • Press Scan button and wait.

  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.


Please attach report into your next reply.

Link to post
Share on other sites

2eyjdoj.pngSystem File Checker

  • Press WindowsKey.png + R on your keyboard at the same time. Type cmd and click OK.
  • Copy/Enter the command below and press Enter:
  • sfc /scannow
  • Windows will begin with system scan.
  • When done, please reboot your system.


System File Checker report:

  • Press WindowsKey.png + R on your keyboard at the same time. Type cmd and click OK.
  • Copy/Enter the command below and press Enter:
  • findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"
  • Attach sfcdetails.txt from your Desktop in your next reply.

Link to post
Share on other sites

Okay, let's try one more scan:

 

cmd_icon.png Check Disk

  • Press the WindowsKey.png + R on your keyboard at the same time. Type cmd and click OK.
  • Copy/Enter the command below and press Enter:
  • chkdsk C: /r
  • You should get a message to schedule Check Disk at next system restart. Please type Y and press Enter.
  • All you should do now is to restart your PC and let the Check Disk process finish uninterrupted.


Check Disk report:

  • Press the WindowsKey.png + R on your keyboard at the same time. Type eventvwr and click OK.
  • In the left panel, expand Windows Logs and then click on Application.
  • Now, on the right side, click on Filter Current Log.
  • Under Event Sources, check only Wininit and click OK.
  • Now you'll be presented with one or multiple Wininit logs.
  • Click on an entry corresponding to the date and time of the disk check.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

Link to post
Share on other sites

Log Name:      Application
Source:        Microsoft-Windows-Wininit
Date:          22/06/2016 23:03:05
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Brian
Description:


Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

Stage 1: Examining basic file system structure ...
  443136 file records processed.                                                        
File verification completed.
  13197 large file records processed.                                  
  0 bad file records processed.                                    

Stage 2: Examining file name linkage ...
  589178 index entries processed.                                                      
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered to lost and found.                    

Stage 3: Examining security descriptors ...
Cleaning up 4308 unused index entries from index $SII of file 0x9.
Cleaning up 4308 unused index entries from index $SDH of file 0x9.
Cleaning up 4308 unused security descriptors.
Security descriptor verification completed.
  73022 data files processed.                                          
CHKDSK is verifying Usn Journal...
  35333656 USN bytes processed.                                                          
Usn Journal verification completed.

Stage 4: Looking for bad clusters in user file data ...
  443120 files processed.                                                              
File data verification completed.

Stage 5: Looking for bad, free clusters ...
  4295131 free clusters processed.                                                      
Free space verification is complete.

Windows has scanned the file system and found no problems.
No further action is required.

 116757503 KB total disk space.
  98849440 KB in 209684 files.
    172760 KB in 73023 indexes.
         0 KB in bad sectors.
    554779 KB in use by the system.
     65536 KB occupied by the log file.
  17180524 KB available on disk.

      4096 bytes in each allocation unit.
  29189375 total allocation units on disk.
   4295131 allocation units available on disk.

Internal Info:
00 c3 06 00 09 50 04 00 a8 8e 07 00 00 00 00 00  .....P..........
ab 06 00 00 a3 5e 00 00 00 00 00 00 00 00 00 00  .....^..........

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-06-22T22:03:05.394574900Z" />
    <EventRecordID>10136</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>Brian</Computer>
    <Security />
  </System>
  <EventData>
    <Data>

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

Stage 1: Examining basic file system structure ...
  443136 file records processed.                                                        
File verification completed.
  13197 large file records processed.                                  
  0 bad file records processed.                                    

Stage 2: Examining file name linkage ...
  589178 index entries processed.                                                      
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered to lost and found.                    

Stage 3: Examining security descriptors ...
Cleaning up 4308 unused index entries from index $SII of file 0x9.
Cleaning up 4308 unused index entries from index $SDH of file 0x9.
Cleaning up 4308 unused security descriptors.
Security descriptor verification completed.
  73022 data files processed.                                          
CHKDSK is verifying Usn Journal...
  35333656 USN bytes processed.                                                          
Usn Journal verification completed.

Stage 4: Looking for bad clusters in user file data ...
  443120 files processed.                                                              
File data verification completed.

Stage 5: Looking for bad, free clusters ...
  4295131 free clusters processed.                                                      
Free space verification is complete.

Windows has scanned the file system and found no problems.
No further action is required.

 116757503 KB total disk space.
  98849440 KB in 209684 files.
    172760 KB in 73023 indexes.
         0 KB in bad sectors.
    554779 KB in use by the system.
     65536 KB occupied by the log file.
  17180524 KB available on disk.

      4096 bytes in each allocation unit.
  29189375 total allocation units on disk.
   4295131 allocation units available on disk.

Internal Info:
00 c3 06 00 09 50 04 00 a8 8e 07 00 00 00 00 00  .....P..........
ab 06 00 00 a3 5e 00 00 00 00 00 00 00 00 00 00  .....^..........

Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
  </EventData>
</Event>

Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked. option is checked.

    2873ryc.png

  • Press Scan button and wait.

  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.


Please attach report into your next reply.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.