kami7 0 Posted June 26, 2019 Report Share Posted June 26, 2019 Hello, I'm just after cleaning a system that's infected with backdoors. I don't see anything suspicious but I'll be calmer if a specialist takes a look at it. Addition.txtFRST.txtscan_190626-062141.txt Link to post Share on other sites
Kevin Zoll 309 Posted June 27, 2019 Report Share Posted June 27, 2019 Do the following: Copy the below code to Notepad; Save As fixlist.txt to your Desktop.2019-06-25 15:25 - 2019-06-25 15:25 - 000000000 _D C:\Users\klime\Desktop\umowy 2019-06-24 19:00 - 2019-06-24 19:27 - 000000000 __D C:\Users\klime\AppData\Roaming\vrguqgoqzs 2019-06-24 15:59 - 2019-06-24 15:59 - 000000000 ____D C:\WINDOWS\SysWOW64\tmumh 2019-06-24 15:59 - 2019-06-24 15:59 - 000000000 ____D C:\WINDOWS\system32\tmumh 2019-06-20 22:15 - 2019-06-20 22:15 - 000000048 ____H C:\Program Files (x86)\k5wlusm0mk.dat 2019-06-18 11:55 - 2019-06-18 11:55 - 000001024 C:\WINDOWS\SysWOW64\%TMP% ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak plikuClose Notepad.NOTE: It's important that both files, FRST64, and fixlist.txt are in the same location or the fix will not work.NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemRun FRST64 and press the Fix button just once and wait.If the tool needed a restart please make sure you let the system restart normally and let the tool complete its run after restart.The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply.NOTE: If the tool warns you about an outdated version please download and run the updated version. 1 Link to post Share on other sites
kami7 0 Posted June 27, 2019 Author Report Share Posted June 27, 2019 Thank you very much, sir. Link to post Share on other sites
Kevin Zoll 309 Posted June 27, 2019 Report Share Posted June 27, 2019 When you get the fixlog.txt from FRST, please send it to me. Link to post Share on other sites
kami7 0 Posted June 27, 2019 Author Report Share Posted June 27, 2019 OK send. Link to post Share on other sites
Kevin Zoll 309 Posted June 28, 2019 Report Share Posted June 28, 2019 The FRST fix appears to have ran correctly. That should take care of everything that I saw in your logs. How are things running? 1 Link to post Share on other sites
kami7 0 Posted June 29, 2019 Author Report Share Posted June 29, 2019 Everything seems to be working fine. Thank you again, sir. Link to post Share on other sites
Kevin Zoll 309 Posted June 29, 2019 Report Share Posted June 29, 2019 You are welcome. Thread ClosedReason: ResolvedPM either Kevin, Elise, or Arthur to have this thread reopened.The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on a system, other than the one they were written for, could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE if you don't we are just going to send you back to this thread Link to post Share on other sites
Recommended Posts