Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Log


  • This topic is locked This topic is locked
6 replies to this topic

#1 TiberiumSeeker

TiberiumSeeker

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 26 August 2016 - 07:48 PM

I scanned my pc and didn't get any hidden ones, but I am sure I have malware and its probably new beacuse a guy on torrent uploaded about 40 games in the past 24 hours, and they were all top seeding ones.
Kickass.cd was recovering so there were no comments to read, I downloaded chicken invader haloween 2016 and clicked exe, before installing it wanted a code, so I had to click a button in the installer to get to a web page called humantest.bid, the only thing there were words saying that I should download something from the site to unlock the code.
I tried to delete the installer.exe but it said it was running in the process, so I downloaded fileASSASSIN and deleted the file.
Then I downloaded your program to check for rootkits but didn't find anything that is hidden.
Also I unplugged my internet after 40 minutes of downloading it.
I would be very grateful if you could check the log because I have very important things on my computer that took me 4 months to do and I can't afford them to be deleted.
Thank you so much!
 
Edit:Here is another Log after whole day of purging my pc with various programs.

Found 2 weird ones in GMER.

Reg     HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime                                                                                                       ?Sat?, ?Aug ?27 ?16, 10:49:22 PM???????????????????????????????

Reg     HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter                                                                                                        3

 

Also I found a strange chinese symbol in the process.

Uploaded an image.

Attached Files


Edited by TiberiumSeeker, 27 August 2016 - 06:22 PM.


BC AdBot (Login to Remove)

 


#2 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,632 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:08:07 AM

Posted 31 August 2016 - 01:54 AM

I'm going to need more information.

First up is a look at your computer itself:

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
And a closer look at the state of your Operating System:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
To err is Human. To blame it on someone else is even more Human.

#3 TiberiumSeeker

TiberiumSeeker
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 31 August 2016 - 06:52 AM

Thank you for helping me out Bezukhov.  :)

Here are the files.

Attached Files



#4 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,632 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:08:07 AM

Posted 01 September 2016 - 08:46 AM

Unfortunately there is evidence of illegal software on your computer. I am going to request you completely uninstall Adobe Audition CC 2015, Microsoft Word 2010 and all other products for which you do not have a valid Product Key. If you are willing to do that please rerun a FRST scan with Addition.txt checked and post both logs. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

A few more notes:

  • Please do not run any tools on your own while we solve this. Some are rather powerful, and using one at the wrong moment can have catastrophic effects. Also please refrain from seeking help for this problem elsewhere. Too many cooks spoils the broth.
  • Next, it is important that the instructions given be performed in the order given. We may need one tool to finish its job before another one starts.
  • If at any time my instructions are not clear stop and ask for clarification.
  • Rather than attach any logs to your post it is better that you copy and paste them instead, except if instructed otherwise.
  • Any program that I ask you run should only be run once.
  • As soon as your computer is clean I will let you know.
  • Please try to complete any tasks and reply in 24 to 48 hours. I will try to do likewise.
  • Lastly, do not make any changes to your computer from here on out until you get an "All Clear" from me.

-----------------------

If you decide to remove the program(s) please do this.

CKScanner

  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply

So for your next reply please post the new FRST and Addition logs, and the results from CKScanner. 


To err is Human. To blame it on someone else is even more Human.

#5 TiberiumSeeker

TiberiumSeeker
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 02 September 2016 - 06:52 AM

Those programs are very important to me so I can't remove them.

I'm very sorry for wasting your time, and thank you for your offer to help.  :)



#6 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,632 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:08:07 AM

Posted 02 September 2016 - 02:20 PM

Well, that's your choice. It's your computer. Good luck.
To err is Human. To blame it on someone else is even more Human.

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,798 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:07 AM

Posted 02 September 2016 - 08:38 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users