Nicholas0009

I will do this right now, but about my drivers what should I use as an alternative to download my drivers.

I would rather listen to you, so I will look into Kneepass, but what should I do for updating my drivers instead of using driver booster? Also I will re-enable my windows defender and do the exclusion thing. I didn't mean that Kneepass was a RAT what I was meaning is that incase in the future for whatever reason I somehow managed to get a RAT on my pc which some RATs contain a keylogger feature so I was worried about like it keylogging my master password. As I said I am very careful normally, just a lapse of judgement. Just wondering as well before I ran the FRST64.exe I made sure to run it through hybrid-analysis and it came back for having a connected host to the program. I normally don't like running programs that have a connected host but I am not at an advanced level of computers to understand weather a connected host is bad or is normal for programs. Also I really appreciate your help with everything, but you can assure me for the most part other than IObit my pc is pretty safe in terms of any malware, RATs, etc. Also I quarantined this HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EF8554D-043C-454D-9433-957612845F9A} could this have been anything unsafe?

Do you have any advice for storing passwords more safely? I know that using a USB isn't the safest way but I don't know any really like super safe way.

Also if this is important I used a program called "Defender Control" to disable my windows.

Also one of the detections with the AwdCleaner showed this and I don't know what this is HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EF8554D-043C-454D-9433-957612845F9A}

I have Windows Defender disabled mainly because it flags obfuscated files that are clean but obviously are obfuscated which causes some false positives. "You posted the Scan log from AdwCleaner. Did the actual Clean log remove those 4 entries?" I didn't want it to quarantine the Driver Booster. "The use of an external password manager is highly recommended instead of using your browser to store passwords." I also don't store my passwords in chrome I use a USB with notepads on the USB to store the notepads because I don't want to use a password manager like lastpass incase of a rat or something.

Here is what you asked for, btw I use Driver Booster to update drivers obviously. I get that it is a PUP but I don't know of any program that makes it as easy as Driver Booster so I always use it. AdvancedSetup.txt AdwCleaner[S00].txt Addition.txt FRST.txt

AdvancedSetup I would say Yes because I am unaware if I still have it. As I did reset with formatting my drives but as I said before it did come back when I simply reset without formatting. MalwareBytes also doesn't flag anything is wrong even when you're infected.

Dear MalwareBytes Forums, I am normally extremely careful with what I download but I ignored a friend who needed help with something for a couple of hours so I didn't take the time to look at it carefully before running it (obviously a big mistake). I don't know if I am allowed to post this but here is what I ran it is an HWID grabber with obviously more, a definite ethereum miner. When I was infected by this virus/malware I fac reset but I didn't format my drives and it came back. Then I formatted my drives and I am unsure if it will come back but hopefully it won't. It creates jar files I forgot the names of them but it makes a folder in ProgramData this is the directory C:\ProgramData\MMAHhpWyFn which contains 3 files. This I am pretty sure refers to the ethereum miner as it has a .cfg file in it. It also makes a fake Com Surrogate process and a Notepad that in task manager is "suspended" but will make your system components spike in value at random times. When I ran Malwarebytes after already being infected it came back as nothing but here is the Mediafire link to the malware. Thank you, Nicholas THIS LINK BELOW DOES CONTAIN MALWARE https://www.mediafire.com/file/tme4inciie00xap/Hwid_Shits.jar/file