Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Recommended Posts

earlier this month I updated my windows, but my antivirus picked up on a threat from one of the .dll files used to install the said update. I assumed not much of it and continued on with allowing it. Ever since then, when my computer goes to sleep when I am away and I wake it up my computer runs extremely slow with a black screen appearing in the middle of my two monitors. I do see a program running as it is on my taskbar. (I'm assuming its a crypto miner trojan So I installed Malwarebytes, BitDefender,  System mechanics, and ADWcleaner. I'm unsure of how to solve this and or what to do next. I would also like to mention that the software did detect the file from the windows update and it was removed, It was called W32/MebrootDll!

I am thankful for your help,

bloomer

possibletrojanIcon.jpg

ADW logs.jpg

Link to post
Share on other sites

  • Root Admin

Hello @bloomer1338 and :welcome:

Sorry for the delay.

 

 

Please run the following steps and post back the logs as an attachment when ready.

STEP 01

  • If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes 3 installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know on your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan Now.
  • When finished, please click Clean & Repair.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Copy its content into your next reply.

 

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Link to post
Share on other sites

  • Root Admin

Hi there

I don't see any signs of an obvious infection. You do appear to possibly be running too much security software which may be conflicting with each other possibly. I can make some recommendations for general fixes and removing or using some different software and/or make some changes to your computer sleeping

Let me know

Ron

 

Link to post
Share on other sites

Of course friend I am all ears on this one! Current I have: Phoenix360 by Iolo, ADWcleaner, Malwarebytes(trial version just ended), and BitDefender! I am all ears when it comes to some aid in ways to better secure my PC. Also it's just weird how this program (icon in the photos above) is still running! 

Link to post
Share on other sites

  • Root Admin

My advice would be to uninstall the following software at least as a trial to see how the computer runs. Then use the Windows Defender antivirus that is built-in to Windows 10, and is a very good antivirus product.

Bitdefender Internet Security
Malware Killer
Phoenix360
Privacy Guardian
RogueKiller
System Mechanic

 

Then reboot the computer and make sure that Windows Defender is updated and running.

Get me new FRST and Additions logs and we can discuss what issues you're still having if any.

 

 

 

Link to post
Share on other sites

  • Root Admin

One should not run two different antivirus products at the same time. Choose one and uninstall the other one is the recommended advice.

How is the computer running now?
System resources should be much higher now with those items removed.
Is the icon or program you were concerned about still there?

Give me a few minutes to review the new logs

 

Link to post
Share on other sites

I will check friend if it does remain as it only appears when the device is in sleep mode. Whence I wake up the computer lags and the icon quickly goes away. Last time I checked (earlier today) it was still there and I have no reason to why it would be gone as no antivirus has found anything as of late. 

Link to post
Share on other sites

  • Root Admin

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

Thanks

Ron

 

Link to post
Share on other sites

  • Root Admin

Okay, sounds good, and you're quite welcome for the help.  I'll go ahead then and give you some advice to help keep the computer clean going forward.

 

Let's get real. If you're not backing up your data and you're still using Google Chrome then you're just not serious about Privacy, Safety, and protecting your data. Malwarebytes is a fantastic program but you still need to back up your data and you still need to block scripts and Ads in your browser. 
If you're still using Google Chrome I would highly suggest you consider using Firefox instead. For more advanced users you might consider installing NoScript as well (it does have a higher learning curve though)

Help Secure your browsers

Please install uBlock Origin for your browsers to better protect your system

FireFox, ChromeOpera , SafariMicrosoft Edge
AdBlock for Internet Explorer
How to use uBlock Origin to protect your online privacy and security | uBlock Origin tutorial 2018

This video tutorial above explains how to use uBlock Origin in advanced user mode and all the advanced settings to protect your online privacy and help prevent unwanted sites from changing your browser settings

Follow-up Reading

Everything you need to know about cybercrime
10 easy ways to prevent malware infection 
Keep your data backed up

Thank you for choosing Malwarebytes and tell your friends and family too. We're here to help.


Ron

 

 

Link to post
Share on other sites

Thanks again, luckily I have been using Waterfox (a 64 bit version of Firefox ) and seems to be doing well! But I might change it to just Firefox, hahaha seems to be a more safer move, but unsure ! I will definitely look into the uBlock addon! One question is do you suggest backups to be done on a hard drive in the computer or externally?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.