rayzuhh
rayzuhh
/ new addition
Created
October 6, 2019 22:51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019 | |
| Ran by ray (06-10-2019 14:21:28) | |
| Running from C:\Users\ray\Downloads | |
| Windows 10 Pro Version 1903 18362.356 (X64) (2019-10-06 18:13:26) | |
| Boot Mode: Safe Mode (with Networking) | |
| ========================================================== | |
| ==================== Accounts: ============================= |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2019-10-06 11:15:29, Info CBS TI: --- Initializing Trusted Installer --- | |
| 2019-10-06 11:15:29, Info CBS TI: Last boot time: 2019-10-06 11:06:14.800 | |
| 2019-10-06 11:15:29, Info CBS Starting TrustedInstaller initialization. | |
| 2019-10-06 11:15:29, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4 | |
| 2019-10-06 11:15:29, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5 | |
| 2019-10-06 11:15:29, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6 | |
| 2019-10-06 11:15:29, Info CBS Ending TrustedInstaller initialization. | |
| 2019-10-06 11:15:29, Info CBS Starting the TrustedInstaller main loop. | |
| 2019-10-06 11:15:29, Info CBS TrustedInstaller service starts successfully. | |
| 2019-10-06 11:15:29, Info CBS No startup processing required, TrustedInstaller |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ------------------------------- | |
| # Malwarebytes AdwCleaner 7.4.1.0 | |
| # ------------------------------- | |
| # Build: 09-04-2019 | |
| # Database: 2019-10-03.2 (Cloud) | |
| # Support: https://www.malwarebytes.com/support | |
| # | |
| # ------------------------------- | |
| # Mode: Clean | |
| # ------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Malwarebytes | |
| www.malwarebytes.com | |
| -Log Details- | |
| Scan Date: 10/6/19 | |
| Scan Time: 10:54 AM | |
| Log File: 3eb76794-e849-11e9-9159-6805ca3bc5c0.json | |
| -Software Information- | |
| Version: 3.8.3.2965 |
rayzuhh
/ dism error
Created
October 6, 2019 14:42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2019-10-06 03:46:32, Info DISM API: PID=3456 TID=692 DismApi.dll: - DismInitializeInternal | |
| 2019-10-06 03:46:32, Info DISM API: PID=3456 TID=692 DismApi.dll: <----- Starting DismApi.dll session -----> - DismInitializeInternal | |
| 2019-10-06 03:46:32, Info DISM API: PID=3456 TID=692 DismApi.dll: - DismInitializeInternal | |
| 2019-10-06 03:46:32, Info DISM API: PID=3456 TID=692 DismApi.dll: Host machine information: OS Version=10.0.18362, Running architecture=amd64, Number of processors=4 - DismInitializeInternal | |
| 2019-10-06 03:46:32, Info DISM API: PID=3456 TID=692 DismApi.dll: API Version 10.0.18362.1 - DismInitializeInternal | |
| 2019-10-06 03:46:32, Info DISM API: PID=3456 TID=692 DismApi.dll: Parent process command line: C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:udex6oDIJEW4GU/V.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019 | |
| Ran by frazh (06-10-2019 10:08:05) | |
| Running from C:\Users\frazh\Downloads | |
| Windows 10 Pro Version 1903 18362.388 (X64) (2019-10-05 21:38:12) | |
| Boot Mode: Normal | |
| ========================================================== | |
| ==================== Accounts: ============================= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019 | |
| Ran by frazh (administrator) on DESKTOP-JNMK5K7 (MSI MS-7971) (06-10-2019 10:02:07) | |
| Running from C:\Users\frazh\Downloads | |
| Loaded Profiles: frazh (Available Profiles: frazh) | |
| Platform: Windows 10 Pro Version 1903 18362.388 (X64) Language: English (United States) | |
| Default browser: FF | |
| Boot Mode: Normal | |
| Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ | |
| ==================== Processes (Whitelisted) ================= |
rayzuhh
/ hijack this
Created
October 6, 2019 14:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Logfile of Trend Micro HijackThis v2.0.5 | |
| Scan saved at 10:01:28 AM, on 10/6/2019 | |
| Platform: Unknown Windows (WinNT 6.02.1008) | |
| MSIE: Unable to get Internet Explorer version! | |
| Boot mode: Normal | |
| Running processes: | |
| C:\Users\frazh\Downloads\adaf.exe |