Jump to content

Possible infection

Octavius

By Octavius
in Resolved Malware Removal Logs

 Share

Recommended Posts

Octavius

Octavius

Posted
Posted

Hi, i've had a feeling recently that i've been infected. Not the usual kind but a silent infection that is difficult to spot and doesn't make the user aware of its existence. Anyhow i've followed the usual guidelines and uploaded recent scans for Farbar, ADWcleaner and Mbam. I do want to mention that before i did this, i ran roguekiller and it came up showing that svchost.exe was infected twice alongside some other things. I'll include the log file for that at the start. I'd appreciate any support, thank you.

 rk_C306.tmp.txt

FRST_22-11-2018 06.06.09.txt

Addition_22-11-2018 06.06.09.txt

malwarebyteslogfile.txt

Link to post
Share on other sites
nasdaq

nasdaq

Posted
Posted

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove this program in bold via the Control Panel > Programs > Programs and Features.
Ace Stream Media 3.1.28 (HKU\S-1-5-21-778160660-3696815180-3389144642-1000\...\AceStream) (Version: 3.1.28 - Ace Stream Media) <==== ATTENTION
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Link to post
Share on other sites
Octavius

Octavius

Posted
  • Author
Posted
5 hours ago, nasdaq said:

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove this program in bold via the Control Panel > Programs > Programs and Features.
Ace Stream Media 3.1.28 (HKU\S-1-5-21-778160660-3696815180-3389144642-1000\...\AceStream) (Version: 3.1.28 - Ace Stream Media) <==== ATTENTION
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Fixlog.txt

Link to post
Share on other sites
Octavius

Octavius

Posted
  • Author
Posted
5 hours ago, nasdaq said:

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove this program in bold via the Control Panel > Programs > Programs and Features.
Ace Stream Media 3.1.28 (HKU\S-1-5-21-778160660-3696815180-3389144642-1000\...\AceStream) (Version: 3.1.28 - Ace Stream Media) <==== ATTENTION
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

I believe ace was deleted by roguekiller and so were a few other things as i ran this first before farbar/mbam etc. I'm also wanting to know why roguekiller picked up 2 of Proc SVCHost.exe as malware? it's in the rkill log i posted in my original post, i'd appreciate feedback on it.

Link to post
Share on other sites
Octavius

Octavius

Posted
  • Author
Posted
Just now, nasdaq said:

Hi,

Nothing malicious on your RogueKiller log.

Is everything running well?

Seems to be running fine. Although the fixlog shows that certain things weren't deleted. Also in the roguekiller log it shows this > 

¤¤¤ Processes : 2 ¤¤¤
[Proc.Svchost] svchost.exe(4024) -- C:\Windows\System32\svchost.exe[7] -> Found
[Proc.Svchost] svchost.exe(8020) -- C:\Windows\System32\svchost.exe[7] -> Found

I deleted them now but this is what i was referring to in my previous post, thanks!

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.