yamaci17

Thank you very much kprm-20230709040304.txt

thank you for ur efforts SecurityCheck.txt

here u go mbar-log-2023-07-08 (04-10-29).txt system-log.txt

Here you go. As you've informed, it found 3 detections while scanning but in the end it said no viruses were found msert.log

Thanks I'm providing the report. By the way, I'm also seeing a file called "exportBCDfile" in C:\ folder. Is this a byproduct of one the programs we've used? report_2023.07.07_08.11.46.klr.txt exportBCDfile.zip

I made a "Full scan" with C and D selected and all options selected. Results came clean, ADWCleaner also came clean. I'm sharing scan log + mbst log (I restarted pc as you instructed before doing this step) Do you believe my system is clean? Or could there be something else? fullscan.txt mbst-grab-results.zip I think Fcon file is not signed by Microsoft. That is most likely it is throwing errors. But I wonder if it is not signed for others too or specific to me.

I ran the fixlist, here's fix log Fixlog.txt

I wanted to add, I forgot to update "database" in Mbar. Once I did, it did not detect any of the "trojans" listed above. Can I say they were false positives due to old database?= Once I clicked update database, it updated to something from 2023 and results came clean. Just wanted to confirm. Then I re installed old MBAR with old database, and once again it found those exact 6 trojans. And once database updated , it came off clean again What tipped me off was a file called "fcon.dll" appeared in "failed Audiot" in event viewer; https://i.imgur.com/u3v3D5j.png https://www.virustotal.com/gui/file/263c192c3ccbee1973395d0f43632050dbb4231845d8d16b321923ac4f859f5f Virustotal File itself I provided. This exact same error survivos full reinstals which is the reason I'm angered and tipped off. "Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error. File Name: \Device\HarddiskVolume3\Windows\System32\fcon.dll " fcon.zip

Thanks for your quick response and attention sir, here are MBST results mbst-grab-results.zip

Hello, I've been seeing some weird behaviour on my PC, slowdowns and sluggishness and random restarts of Windows defender and TPM info being laggy or not there and suddenly be there after checking it etc. I clean installed Windows and decided to run some scans, and Malwarebyte's Anti Rootkit beta tool found some. I'd like some assistance regarding this. Thanks.

You're absolutely correct; but I'm glad Mbytes is aware of situation and doing stuff to get it working. Sooner or later, this tech will be incorporated into more and more nextgen games. I don't know how many gamers use MBytes though; probably not so much.

I did,

Have you unzipped the file? Interesting. I can't even download the zip file I have uploaded here. Defender immedaitly stops it and detects it Is my Defender compromised? how can I be sure?

My the witcher 3 crashed for some reason and sudenly Defender picked up some steam and blocked it as a threat. Mbytes is saying it is clean https://www.virustotal.com/gui/file/ad30328a3746d77eb24ef4dd447b4818e224ec3a96e71413d09c64efd5e3fea8/detection It is a legit copy of the game. I deleted he file and validated the game files and redownloaded file returns the exact same detection https://www.virustotal.com/gui/file/ad30328a3746d77eb24ef4dd447b4818e224ec3a96e71413d09c64efd5e3fea8 CrashReporter.zip

Thanks, when I was researching about the IP, I found something like this; https://otx.alienvault.com/pulse/61ec9e7a54c7b88a86345dce Could it be revelant? (Is this website itself is safe or not?) It says it targets Turkey and I'm indeed from Turkey so I got a bit suspicious.