Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by Dwer23

  1. I saw something flashing over the google search bar in firefox while watching youtube, also checking routinely for viruses anyway. Ive done some virus scans which come out clean. Do these logs show anything out of order? FRST.txt Addition.txt scan_171024-064749.txt
  2. Question, if there was malware on system, how likely it is that it would not show up in farbar alongside roguekiller, hitman pro, emsisoft, f secure scanner and trend micro scanner? I know there are some pretty advanced CIA tools out there, but no one can really do anything about those since they are leaked only years after theyve been in use.
  3. Thank you for response, its glad to hear logs are normal. About the emails, it happened that i changed my password in my mobile phone in account settings, and if i press the "ok" button in password change screen twice during it loads up, it seems to send two emails about password change. The f secure online scanner started working again by itself.
  4. I also got another email about password CHANGE immediately after i changed my password, though the emails have same timestamp and I tried to see if my password had changed from what i set it to be, i could log into with what i was set it to be. So maybe technical error on emsisoft support site?
  5. Oh and heres also roguekiller log: Especially part [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4B626774-E071-43F3-A16A-11FA4AAF0ECD} : v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Users\Pws\AppData\Local\Temp\HouseCall\tmase\drs\DrScaner.exe|Name=rule4scaner|Desc=rule4scaner|EmbedCtxt=rule4scaner|Edge=TRUE|Defer=App| [7] -> Found rogkiller.txt
  6. Thanks for your answer. After that post, i actually just went and erased my ssd just to be sure. But now, in my clean system i have some issues. Hitman pro came up with log which is attached to this post, and F-secure online scanner doesnt start up, it tries to start to load up but comes up with error "Could not complete the operation", something fishy is going on which prevents this program running. Other virus scanners run normally. Also my internet has been behaving oddly recently, some downloads are really slow (like 50kbps.. when normally 2MBs, and others at max speed) Something is going on. I scanned pc earlier with Trend micro housecall, can you confirm if those hitman findings indeed are from Trend micro? Or did download some trendmicro software with malware? I did download it from https://www.trendmicro.com/en_us/forHome/products/housecall.html Here are also newest far bar logs: FRST.txt Addition.txt HitmanPro_20171005_0246.log
  7. Here is the forensics log from my emsisoft Forensics_170930-024402.txt Also i know i still have zemana, but i wasnt sure if you meant that Zemana only gives issues when used as real time protection on top of current programs, so i kept it for now. I use it on demand scanner only. Now that im looking at my emails, i may have gotten password reset email on my emsisoft support forum account that i didnt initialize. I did request password reset earlier though. Maybe someone else tried to change my password? Please be extra cautious for anything you might feel is suspicious when reviewing those farbar logs.
  8. Thank you for your response. But damn.. i know youve worked with my logs before but i would need your expertise for third time again, sorry! I installed a game from steam and during the installation of directx or something i got warnings of something which was approved by network later, but also got behavior warning about the game itself when i tried to run it, (it also had anti cheat system). Also earlier before this, i think my monitor flashed black when i was watching tv (now i know this might sound like eye glitch / paranoid..) So i wanna make sure those warnings were false alarms by confirming my pc is clean in these logs. Here are farbar logs FRST.txt Addition.txt
  9. i am looking at ntoskrnl.exe in windows/system32 folder and its creation date is 13 september but its creation date is 05 september. Thats weird. its creation date and access date are identical: 13 september 00:15:27
  10. Thanks for checking logs. Its little weird that happened because the videos were not on any playlist, i have autoplay on so it always goes to the next "related" video. About zemana, i only use it for scanning, Real time protection is off.
  11. I know you just checked my logs earlier, but i would greatly appreciate if you could check these new ones... I think theres something weird on my pc because i went to sleep while youtubevideos were playing on (on mode where next video up coming is automatically started always) and some video was stopped at the end without moving to next one when i returned to my computer, so maybe someone with remote access to my pc did that. Also earlier I got some errors windows regarding Sourcetree git files which i kinda gave a pass earlier. I ran my Emsisoft antimalware custom scan and it found nothing. Here are new logs: FRST.txt Addition.txt
  12. What you mean auto run section check? I downloaded zemana and just clicked scan button and it didnt find anything, should i have done something different?
  13. So i dont need to reupload new logs after allowing it in emsisoft? How confident you are that it didnt affect the reliability and thus some infection could have evaded analysis?
  14. I already had farbar logs analyzed on other section here and support person said they were clean. Though, when i ran farbar, emsisoft blocks something about it saying "firewall modification". Does this compromise the reliability of farbar logs?
  15. I have not reinstalled anything. If that one file went to quarantine, it definitely should be there. Does this indicate malware?
  16. Oddly its not in the quarantine, the whole quarantine section is empty and even quarantine log is empty. What could explain this?
  17. Are you completely sure? Those logs are pretty long, how did you analyze them so fast? Would you say that my pc is clean if multiple virus scanners come up with nothing? I have scanned with emsisoft antimalware, malwarebytes, rkill, roguekiller, sophos, hitman pro, f-secure online scanner. Can you say anything about that issue in the other thread?
  18. Also forgot to mention, that few days ago i saw mouse cursor moving by itself to the left for like 1-2 pixels, that also had me worried. But this was way before the events described in my other thread so they are not related.
  19. Here are farbar logs and eek report. Here was my original thread which raised some concerns: FRST.txt Addition.txt EEKreport.txt
  20. I totally agree, and I have been huge advocant of being cautioned rather than sorry, but ive obsessed and OCD´d so much about these issue very lately, (shredding multiple times a day) so it just feels so demoralizing to shred my pc once again for something that may well be false positive because pc isnt acting up at all even + no virus scanners find anything and ive have things to do. What I will absolutely do atleast, is that i will run farbar recovery tool and send the logs to be analyzed. Any infection should show up there right?
  21. You are right, I cant really know for sure. I am just trying to think on more positive note if you know what i mean, considering various virus scanners came up with nothing and all of this coincidented with this installation and it being compromised doesnt really seem highly likely. Ive had history of obsessing ALOT of viruses and shredded my pc multiple times a week for no reasons really, i am just so tired at this point.
  22. I understand. But as ive already said, i ran Emsisoft custom scan with direct disk access didnt find anything, nor malwarebytes, or roguekiller, or sophos scanner, or fsecure online scanner, nor hitman pro, nor rkill
  23. At the moment, i just assumed it was false positive because it came at the time of this installation and emsisoft earlier gave me some warning about firewall modification when running farbar recovery tool so I just assumed this was yet another false positive. Now i started to think it little bit more and hoped to see some guidance here regarding this issue. Also thoses being "MSI" files also kinda reinforces the idea of false positive, because its microsofts product, the visual studio. I didnt do anything else while installing this program, and ive disabled smb 1.0 since start of using this operating system.
  24. Actually now i found access to the installer folder with right clicking that tmp folder. Those tmp folders are there, but they dont contain any files either. They have same names as in the emsisoft logs, but with - symbol at the end and theyare just folders.
  25. The whole folder is missing, only trace of it can be found if i type that file in the search function and there it shows where it "resides" but cant navigate into that folder. I am using windows 10
  • Create New...