Jump to content

rootkit.agent not removed


Recommended Posts

Ok so I opened up a bad file like an idiot which immediately stating installing malware. I installed avast thinking it got rid of it but things were still weird. So after a couple of days I decided to try something else which led Me to MB. I initially tried to install but got error of administer has blocked so I searched and found a thread with someone with same problem. Deleted unauthorized certificates and it installed. Upon initial scanning MB returned 115 threats detected and only quarantined 107 after reboot.  This time i enabled rootkit scan (which why it's not enabled by default idk) 2nd scan revealed 18 threats and only 5 quarantined with apparently 2 rootkit.agent's at the source of my problem. I Need help sadly to say to remove these rootkits please as MB isn't doing it on its own.

Edited by h3xkkore
added MB log file
Link to post
Share on other sites

Hello h3xkkore and welcome to Malwarebytes,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Start FRST again, copy/paste the following inside the text area. Once done, click on the Fix button. A file called fixlog.txt should appear on your desktop. Attach it in your next reply.

CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes
CMD: fltmc instances
CMD: dir /a:-d /o:d C:\windows\system32\drivers

Let me see those logs in your reply... Also if needed do you have a USB flash drive 4gb or above, access to a spare PC..

Thank you,


Edited by kevinf80
typing error
Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.