Mwrrn

Member
  • Content Count

    16
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Mwrrn

  • Rank
    Member
  1. So deleting those files did not harm my system, they were relics from when i had 1511 version? What about those latest logs, were they clean?
  2. Interesting thing in those newest logs is, that even after updating Windows the deleted files did not come back. Those updates that updater urged me to get with red text, were entirely different and meant for 1701 build which I have been using all this time. I updated Windows to 1701 on top of 1511 using Update assistant. Updates that I was asked to install were: KB4022725 KB4022730 KB4022405 KB4020821 KB890830
  3. The windows update said that there was critical updates needed and system was out of date and at risk etc, with red text. I updated the system, scanned with some scanners and didnt find anything. But I am still VERY worried something attacked my system after it was broken when I deleted those files earlier. Could you do throughout check for these three files to see if there are any indication of malicious actions? Addition.txt FRST.txt Shortcut.txt
  4. I am more interested what exactly those files did. If i was more vulnerable to attacks than normally, i will just erase the disk and start over Besides, i cant uninstall that update because its not on the list of the updates anymore. I have Creators update version, installed on top of 1511. Which begs question, why did those files still were present there?
  5. Here are new logs Addition.txt FRST.txt Shortcut.txt
  6. So this broke security of windows, so i am now more vulnerable?
  7. Okay, so when i deleted these, what did it do to my pc? Did it hurt my security?
  8. Are you entirely sure? Could you give in detail how you determined that?
  9. Actually there were leaks recently discovering all sorts of backdoors in windows 10. Also, i checked the addition.txt from the starting post in this thread, and i found those same files: Task: {A8FEABF5-4217-4159-96E0-8707A14F4B0A} - System32\Tasks\Microsoft\Windows\supdt\updtcln => C:\Program Files\supdt\updtcln.exe [2017-05-23] () Task: {AB168470-E72B-43CF-BCF9-406BEB8BDE2A} - System32\Tasks\Microsoft\Windows\supdt\updtdgn => C:\Program Files\supdt\updtdgn.exe [2017-05-23] () So if these are malicious, its very serious because they have survived SSD secure erase. No usb sticks or other external storages have been plugged to this pc, nothing was backupped from old OS install.
  10. The point is, that after drastic security measures, I still get these weird things going on, even after changing entire computers. I do take my security seriously, keep antiviruses updated and as I say, secure erase and change bios chips very often. Something really fishy is going on. What ever I can do to help you determine the threat that is going on, i am here to assist you. This very well could be one of those leaked CIA hacking tools in action. All antivirus and antimalware protections and scanners are futile in this, they dont ever find anything, not even in this case. You are part of antimalware corporation, this is your arena.
  11. Also I emphazise alot, that no virus scan ever finds anything, not even in this case when farbar found something that cannot be found in google at all. So in any case, we are dealing with a very high level security threat.
  12. Hello,i did a secure erase after that thread. Then i made new farbar logs which i posted to bleepingcomputers, and they found out something weird in them. I know this is not bleepingcomputer, but I would like to have second eye evaluating what these findings are, people in bleepingcomputer may not be able to determine what these files were. This thing needs to be investigated throughly, because I have been experiencing lots of weird stuff for months now. As I do secure erases and install new bios chips chips very often eliminating bios viruses, I still experience weird things happening to me. Is this NSA/CIA tools being used? Anyway, there might be some very high level malware going on. https://www.bleepingcomputer.com/forums/t/649128/i-saw-some-black-box-appearing-from-right-side-of-the-screen/ Start CreateRestorePoint: EmptyTemp: CloseProcesses: Task: {09E4FF00-2CA2-4AEA-A4DD-2BA948DD926C} - System32\Tasks\Microsoft\Windows\supdt\updtcln => C:\Program Files\supdt\updtcln.exe [2017-05-23] () Task: {E23B4FA1-408E-438C-B8B3-35F569D5134A} - System32\Tasks\Microsoft\Windows\supdt\updtdgn => C:\Program Files\supdt\updtdgn.exe [2017-05-23] () C:\Windows\System32\Tasks\Microsoft\Windows\supdt\updtcln C:\Program Files\supdt End The results were Fix result of Farbar Recovery Scan Tool (x64) Version: 12-06-2017 Ran by ODWDK (13-06-2017 22:06:43) Run:1 Running from C:\Users\ODWDK\Downloads Loaded Profiles: ODWDK (Available Profiles: ODWDK) Boot Mode: Normal ============================================== fixlist content: ***************** Start CreateRestorePoint: EmptyTemp: CloseProcesses: Task: {09E4FF00-2CA2-4AEA-A4DD-2BA948DD926C} - System32\Tasks\Microsoft\Windows\supdt\updtcln => C:\Program Files\supdt\updtcln.exe [2017-05-23] () Task: {E23B4FA1-408E-438C-B8B3-35F569D5134A} - System32\Tasks\Microsoft\Windows\supdt\updtdgn => C:\Program Files\supdt\updtdgn.exe [2017-05-23] () C:\Windows\System32\Tasks\Microsoft\Windows\supdt\updtcln C:\Program Files\supdt End ***************** Restore point was successfully created. Processes closed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09E4FF00-2CA2-4AEA-A4DD-2BA948DD926C} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09E4FF00-2CA2-4AEA-A4DD-2BA948DD926C} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\supdt\updtcln => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\supdt\updtcln => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E23B4FA1-408E-438C-B8B3-35F569D5134A} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E23B4FA1-408E-438C-B8B3-35F569D5134A} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\supdt\updtdgn => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\supdt\updtdgn => key removed successfully "C:\Windows\System32\Tasks\Microsoft\Windows\supdt\updtcln" => not found. C:\Program Files\supdt => moved successfully =========== EmptyTemp: ========== BITS transfer queue => 6053888 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9619862 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 812332 B Edge => 6819974 B Chrome => 0 B Firefox => 382010965 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 25300 B NetworkService => 5882 B ODWDK => 129485978 B RecycleBin => 70848934 B EmptyTemp: => 577.6 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 22:07:20 ====
  13. Yeah, i just wanted to know if reboot is needed for emsisoft start working 100%
  14. win10, the security Center did eventually go on checkmark mode
  15. I didnt reboot after installing, then just plugged pc to internet and updated the software. Did i do this wrong? I was thinking if i should reboot but the program didnt tell me to reboot so i didnt. Was i more vulnerable than normally? Windows security center also had red cross on tray icon but i couldnt find anything, at antivirus slot it said no actions needed. Though it didnt say im using other antivirus providers either.