Jump to content

Trojan dropper win32/small.pv on old hard drive?


Recommended Posts

I was looking for a file on an old hard drive, taken out of a laptop that died 5 years ago and put in an external drive case. I thought I had better scan it before I opened or moved anything. While Malwarebytes was scanning, Windows defender started finding adware, and then this nasty thing (all on the old drive). I stopped the scan, let defender remove what it had found, unplugged the drive. Ran full scans with both programs, nothing on my internal drive.

Two questions. One, does that mean my current computer is likely clean? Anything else i should do to be sure? Two, how can I safely get things off the old drive? Are these things old enough that I can just plug it in and let defender and malwarebytes clean it off?

I appreciate any help offered.

Link to post
Share on other sites

  • Root Admin

There is no way to determine without scanning and reviewing logs.


Hello and :welcome:

If you've not already done so please start here and post back the 2 log files DDS.txt and Attach.txt

P2P/Piracy Warning:

If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on

Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)

RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


Link to post
Share on other sites

  • Root Admin

The hard drive as a slave drive is not going to infect the live drive.  As a further precaution make sure you have a good antivirus that is up to date and running such as avast, noron, kaspersky, etc.


Then plug the drive in, boot up, then do a Full Scan with your Antivirus and we'll look with some other tools but in general an external drive is what I term flat file scanning in that with no registry load points unless you actively run something to cause it to launch then its reasonably safe.

Link to post
Share on other sites

To be clear, if I plug in a USB external drive, then that is a slave drive? Will it make a difference that it has a full copy of windows XP, and I think is bootable? It was previously the internal drive in the laptop.

I'm just puzzled, since I had Symantec corporate edition on the old computer, up to date as far as I remember, and also scanned it occasionally with malwarebytes.

The new computer is windows 8, defender is the only live antivirus on there. It's supposed to replace essentials from earlier versions. Is that sufficient? Like I say, it caught the Trojan dropper, and a bunch of adware malwarebytes was still scanning.

Sorry for all the extra questions, I just gotta be sure. Thanks for the help.

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16660

Run by Rose at 23:56:35 on 2013-09-10

Microsoft Windows 8 Single Language  6.2.9200.0.1252.1.1033.18.16382.14135 [GMT -4:00]


AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


============== Running Processes ===============


C:\Windows\system32\svchost.exe -k DcomLaunch


C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k NetworkService


C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Windows Defender\MsMpEng.exe


C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet


C:\Program Files\Windows Media Player\wmpnetwk.exe


C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe




C:\Program Files\NVIDIA Corporation\Display\nvtray.exe






============== Pseudo HJT Report ===============


mWinlogon: Userinit = userinit.exe

BHO: Dragon NaturallySpeaking Rich Internet Application Support - Extension: {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll

uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

mRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler

mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"

StartupFolder: C:\Users\Rose\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Rose\AppData\Roaming\Dropbox\bin\Dropbox.exe

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer =

TCP: Interfaces\{897AFDE6-7A57-430C-AAAE-AA29FA93663A} : DHCPNameServer =

AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-SSODL: WebCheck - <orphaned>


============= SERVICES / DRIVERS ===============


R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2013-2-11 311184]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]

R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-2-13 683664]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\Drivers\ssadadb.sys [2011-5-13 36328]

S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-12-19 25640]

S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-12-19 30528]

S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-12-19 160256]

S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\Drivers\nvstusb.sys [2013-2-13 446312]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\Drivers\ssadbus.sys [2011-5-13 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\Drivers\ssadmdfl.sys [2011-5-13 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\Drivers\ssadmdm.sys [2011-5-13 177640]


=============== File Associations ===============


FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [userChoice]


=============== Created Last 30 ================


2013-09-10 15:52:34 -------- d-----r- C:\Users\Rose\AppData\Roaming\Brother

2013-09-10 14:22:22 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{997C217A-9C73-4D5E-B36F-2225EC6D00D1}\mpengine.dll

2013-09-09 16:26:01 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2013-08-26 03:30:08 941720 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5DFEAD8F-4578-4FD7-A36F-EE4E3F23F26F}\gapaengine.dll

2013-08-17 18:59:34 -------- d-----w- C:\Windows\System32\MRT

2013-08-17 18:53:59 866304 ----a-w- C:\Windows\System32\WinTypes.dll

2013-08-17 18:43:41 3236864 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll

2013-08-17 18:09:48 11459584 ----a-w- C:\Windows\System32\glcndFilter.dll

2013-08-17 18:03:25 915968 ----a-w- C:\Windows\System32\uxtheme.dll

2013-08-17 18:02:56 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-08-17 18:02:56 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll

2013-08-17 17:38:07 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL

2013-08-17 17:38:07 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL

2013-08-17 17:38:07 1184256 ----a-w- C:\Windows\System32\Display.dll

2013-08-17 17:38:07 1164800 ----a-w- C:\Windows\SysWow64\Display.dll

2013-08-17 17:33:54 19187712 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-08-17 17:33:53 18523648 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-08-17 17:33:26 76288 ----a-w- C:\Windows\System32\newdev.exe

2013-08-17 17:33:26 75264 ----a-w- C:\Windows\System32\ndadmin.exe

2013-08-17 17:33:26 74240 ----a-w- C:\Windows\SysWow64\newdev.exe

2013-08-17 17:33:26 73728 ----a-w- C:\Windows\SysWow64\ndadmin.exe

2013-08-17 17:33:26 301568 ----a-w- C:\Windows\System32\newdev.dll

2013-08-17 17:33:26 275968 ----a-w- C:\Windows\SysWow64\newdev.dll

2013-08-17 17:31:20 109568 ----a-w- C:\Windows\System32\dskquota.dll

2013-08-17 17:31:19 82944 ----a-w- C:\Windows\SysWow64\dskquota.dll

2013-08-17 17:22:54 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll

2013-08-17 17:20:56 4036096 ----a-w- C:\Windows\System32\win32k.sys

2013-08-17 17:20:32 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-08-17 17:20:03 368640 ----a-w- C:\Windows\System32\sppwinob.dll

2013-08-17 17:19:37 694272 ----a-w- C:\Windows\SysWow64\rpcrt4.dll

2013-08-17 17:19:37 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll

2013-08-17 17:19:08 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys

2013-08-17 17:16:43 641536 ----a-w- C:\Windows\System32\WSShared.dll

2013-08-17 17:16:43 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll

2013-08-17 17:16:43 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll

2013-08-17 17:16:43 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-08-17 17:16:43 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll

2013-08-17 17:16:43 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-08-17 17:16:03 595968 ----a-w- C:\Windows\System32\qedit.dll

2013-08-17 17:16:03 496640 ----a-w- C:\Windows\SysWow64\qedit.dll


==================== Find3M  ====================


2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-26 05:13:28 53760 ----a-w- C:\Windows\System32\UXInit.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-26 03:13:15 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll

2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-26 00:54:34 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll

2013-07-13 06:18:21 337408 ----a-w- C:\Windows\System32\wintrust.dll

2013-07-13 06:16:06 68096 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-07-13 06:16:06 1889280 ----a-w- C:\Windows\System32\crypt32.dll

2013-07-13 06:15:53 98304 ----a-w- C:\Windows\System32\apprepsync.dll

2013-07-13 06:15:53 124416 ----a-w- C:\Windows\System32\apprepapi.dll

2013-07-13 04:24:58 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll

2013-07-13 04:23:11 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-07-13 04:23:03 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll

2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys

2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys

2013-06-27 22:04:51 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-27 22:04:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe


============= FINISH: 23:56:46.26 ===============






DDS (Ver_2012-11-20.01)


Microsoft Windows 8 Single Language

Boot Device: \Device\HarddiskVolume1

Install Date: 6/11/2013 8:10:36 PM

System Uptime: 8/17/2013 10:12:57 PM (577 hours ago)


Motherboard: Gigabyte Technology Co., Ltd. |  | GA-78LMT-S2

Processor: AMD FX-6100 Six-Core Processor              | Socket M2 | 2400/200mhz


==== Disk Partitions =========================


C: is FIXED (NTFS) - 926 GiB total, 831.107 GiB free.

D: is CDROM ()

E: is Removable


==== Disabled Device Manager Items =============


==== System Restore Points ===================


RP11: 8/26/2013 1:56:33 PM - Scheduled Checkpoint

RP12: 9/4/2013 11:07:48 AM - Scheduled Checkpoint


==== Installed Programs ======================



7-Zip 9.20 (x64 edition)

ACDSee Free

Dragon NaturallySpeaking 12


Easy Tune 6 B12.1112.1

Google Chrome

Google Update Helper

Malwarebytes Anti-Malware version

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MSXML 4.0 SP2 Parser and SDK


NVIDIA 3D Vision Controller Driver 310.70

NVIDIA 3D Vision Driver 311.06

NVIDIA Control Panel 311.06

NVIDIA Graphics Driver 311.06

NVIDIA HD Audio Driver

NVIDIA Install Application


NVIDIA PhysX System Software 9.12.1031

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 1.11.3

NVIDIA Update Components

R for Windows 3.0.1

Realtek Ethernet Controller Driver

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 



Unreal Tournament 3

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Zotero Standalone 4.0.8 (x86 en-US)


==== Event Viewer Messages From Past Week ========


9/10/2013 3:17:53 PM, Error: Microsoft-Windows-Kernel-Power [137]  - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.


==== End Of File ===========================


Link to post
Share on other sites

  • Root Admin

Well DDS is only good for your current operating system.  You will need to tell Windows Defender to do a FULL scan and include that other drive.


Then once that is done you can tell MBAM to run a Full Scan as well and scan that drive.


Let me know if either finds anything or not.

Link to post
Share on other sites

  • Root Admin

As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers

How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.

Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.


If you're not currently using Malwarebytes PRO then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.



Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.