Search the Community
Showing results for tags 'rootkits'.
Found 3 results
Posted Yesterday, 01:59 PM I'm a completely novice computer user. Recently, I have been having some malware issues on my PC which is Windows 10. I already have an antivirus, Quick Heal Total Security, and recently, it detected a Coinhive mining malware on my computer, plus, it keeps showing pop up windows that it has blocked access to multiple harmful websites even when I'm accessing reliable websites like Amazon and others. I researched a bit on the Coinhive virus and found out some serious things, and so I'm currently scanning my computer for all kinds of malware, spyware, adware, rootkits using a variety of tools just to be safe. I know I'm being paranoid, but better be paranoid than have my personal data compromised. So far, I've used Malwarebytes to run a full system scan, TDSSKiller for rootkits, and a full system scan by my installed antivirus. All three of them came up clean after that one Coinhive virus was removed. I'm also planning to use more scanners like AdW, ESET, Rkill, as many as I have found to be on the safe side. Now, I started running a scan with GMER for rootkits today, in safe mode, however, the first time, mid-scan, the window just disappeared off the screen. I ran it a second time, and it only showed two entries in the log list before a message was displayed that my system had run into an error and needed to restart. I booted the computer into safe mode once again and started GMER for the third time, and same thing happened. Two logs, then mid-scan, same error message and restart. So, now I'm thinking I do have a rootkit that is stopping GMER from running a scan. I really don't know what to do right now. I also know that GMER is supposed to be for advanced users only, but my plan was to just get the results, save them and then show them to an expert, either here or if not possible, then to someone I know. However, given the fact that the scan won't even get halfway through, I don't know what to do. Would be grateful if someone could point me in the right direction. GMER not being able to complete the scan does mean that I have some kind of rootkit stopping it from working, right? Or could there be any other reasons for that? Thank you very much. P.S. I know I need to backup my data before I run any tools recommended by experts here, but I'm actually worried about infecting my backup as well. As I have already mentioned before, my computer was infected by a coinhive mining virus before, and even though it's removed now, I haven't deleted any old system restore points or registry files so it's possible the virus still persists. Plus, since my computer may have other kinds of malware right now including rootkits, if I try to back up my data now, isn't there a good possibility that I'm also infecting my back up? I back up all my data on an external hard drive, and they are even more susceptible to infection, just by plugging it in to my computer right now could transmit the malware. So, if in the end of the malware removal process, I lose some of my data and have to restore it from my backup, am I facing a chance of re-infection and also damage to my external hard drive? If so, then could you please suggest a safe way to backup all of my data? My data does not contain any applications or program files, it's only composed of documents, videos, music and images which are all stored in D and E drives, I'm not going to be backing up anything from C drive. Is there no way to safely backup, or backup in a way so that when I restore it back on the clean PC, it does not reinfect? Because I currently have some important files on my computer that I can't lose, I know there is no 100% guaranteed way that if I backup it won't be infected, but how should I reduce the risks? I don't want to lose any files by running scans with the anti-malware tools, so please point me in the right direction of backing up my files relatively safely before I can use the suggested tools and post the logs. Please suggest a safe backup method so I can proceed with the removal process.
3.2.2 beta? issues. Purchased Premium version. Updates not occurring. Stays in "checking" status. Also from time to time "ransomware protection" and "scan for rootkits" shuts off. Since updates are not available what is the fix for these failures. Please redirect. tks.
Hello malware bytes just detected a file known as: Unknown.rootkit.driver which seemed to have infected: C:\WINDOWS\System32\drivers\agilevpn.sys i am wondering if this is a false positive? These are the logs: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/20/17 Scan Time: 11:27 PM Logfile: Administrator: Yes -Software Information- Version: 22.214.171.1249 Components Version: 1.0.75 Update Package Version: 1.0.1549 License: Free -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: LAURIDS-PC\LauridsFrej -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 380961 Time Elapsed: 23 min, 53 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Unknown.Rootkit.Driver, C:\WINDOWS\System32\drivers\agilevpn.sys, Replace-on-Reboot, , ,0.0.0 Physical Sector: 0 (No malicious items detected) (end)