Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I think I could be infected help please!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: I think I could be infected help please!!!

Unread postby rmrrar » April 21st, 2016, 9:49 pm

Ok, Great. So the drive (z) that was listed in my frst scan log is nothing to be concerned of then, I was worried b/c it was visible on the list of drives when I opened my computer one day and now it isn't. Is that normal ? Thanks
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am
Advertisement
Register to Remove

Re: I think I could be infected help please!!!

Unread postby rmrrar » April 21st, 2016, 10:30 pm

Also I came across these events do they mean anything:

Description:
The description for Event ID 26 from source Application Popup cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.

Description:
Windows cannot store Bluetooth authentication codes (link keys) on the local adapter. Bluetooth keyboards might not work in the system BIOS during startup.

Description:
Process C:\Windows\System32\WinSAT.exe (process ID:2028) reset policy scheme from {8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c} to {a1841308-3541-4fab-bc81-f71556f20b4a}

Description:
Process C:\Windows\ImmersiveControlPanel\SystemSettings.exe (process ID:5992) reset policy scheme from {a1841308-3541-4fab-bc81-f71556f20b4a} to {a1841308-3541-4fab-bc81-f71556f20b4a}

Description:
The system time has changed to ‎2016‎-‎04‎-‎22T01:34:28.500000000Z from ‎2016‎-‎04‎-‎21T19:59:08.895502300Z.
Change Reason: System time synchronized with the hardware clock.

Description:
The system time has changed to ‎2016‎-‎04‎-‎17T21:37:14.500000000Z from ‎2016‎-‎04‎-‎17T19:01:53.612250000Z.
Change Reason: System time synchronized with the hardware clock.

Description:
The scripted diagnostic engine executed a diagnostic package located at C:\WINDOWS\diagnostics\system\networking with ID NetworkDiagnostics.

Description:
The description for Event ID 0 from source gupdate cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
Service stopped

Description:
Name resolution for the name _ldap._tcp.dc._msdcs.WORKGROUP timed out after none of the configured DNS servers responded.

Description:
An attempt was made to query the existence of a blank password for an account.

Description:
Special privileges assigned to new logon.
Subject:
Security ID: SYSTEM
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: I think I could be infected help please!!!

Unread postby Gary R » April 22nd, 2016, 12:44 am

I don't see anything there that would be indicative of a botnet, just a normal bunch of errors, which all computers produce in their normal day to day running.

FRST indicates that the only account on your machine is the Robert account, which is further evidence that there is no hidden intruder on your machine.

As I said in my last post, the only remaining security checks you need to do are to reset your router and change the password, that way if someone has been accessing it, they will no longer be able to do so.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: I think I could be infected help please!!!

Unread postby rmrrar » April 22nd, 2016, 2:33 pm

Ok Thanks Gary for all your help you guys are great!!!
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: I think I could be infected help please!!!

Unread postby Gary R » April 22nd, 2016, 5:25 pm

You're welcome. :)

If you want to remove the tools we've been using to check your machine now we've finished, please do the following ....

  • Please download delfix and save it to your desktop.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check the following boxes ...
    • Remove disinfection tools

    ... then click on Run.
  • Once it has finished, a notepad file named DelFix.txt will open to enable you to check that everything has been removed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: I think I could be infected help please!!!

Unread postby Gary R » April 23rd, 2016, 11:28 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 128 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware