Jump to content

Recommended Posts

earlier this month I updated my windows, but my antivirus picked up on a threat from one of the .dll files used to install the said update. I assumed not much of it and continued on with allowing it. Ever since then, when my computer goes to sleep when I am away and I wake it up my computer runs extremely slow with a black screen appearing in the middle of my two monitors. I do see a program running as it is on my taskbar. (I'm assuming its a crypto miner trojan So I installed Malwarebytes, BitDefender,  System mechanics, and ADWcleaner. I'm unsure of how to solve this and or what to do next. I would also like to mention that the software did detect the file from the windows update and it was removed, It was called W32/MebrootDll!

I am thankful for your help,

bloomer

possibletrojanIcon.jpg

ADW logs.jpg

Share this post


Link to post
Share on other sites

Still unsure if all the infected files are fixed, as those RootCA's are still a possibility and I'm stilling getting some freezing after waking up my computer from sleep.

Share this post


Link to post
Share on other sites

Still getting that same Icon appearing after I wake up my computer! I'm very lost on this.

Share this post


Link to post
Share on other sites

Hello @bloomer1338 and :welcome:

Sorry for the delay.

 

 

Please run the following steps and post back the logs as an attachment when ready.

STEP 01

  • If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes 3 installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know on your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan Now.
  • When finished, please click Clean & Repair.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Copy its content into your next reply.

 

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Share this post


Link to post
Share on other sites

All should be included in the 5th post friend! Hopefully, that will suffice! Also thank you for the response, it's great to see it!

Share this post


Link to post
Share on other sites

Actually, the scans and steps need to be followed in a specific method as shown. Please run the 2 scans, then reboot, then get new FRST/Addition logs.

Thanks

 

Share this post


Link to post
Share on other sites

Hi there

I don't see any signs of an obvious infection. You do appear to possibly be running too much security software which may be conflicting with each other possibly. I can make some recommendations for general fixes and removing or using some different software and/or make some changes to your computer sleeping

Let me know

Ron

 

Share this post


Link to post
Share on other sites

Of course friend I am all ears on this one! Current I have: Phoenix360 by Iolo, ADWcleaner, Malwarebytes(trial version just ended), and BitDefender! I am all ears when it comes to some aid in ways to better secure my PC. Also it's just weird how this program (icon in the photos above) is still running! 

Share this post


Link to post
Share on other sites

My advice would be to uninstall the following software at least as a trial to see how the computer runs. Then use the Windows Defender antivirus that is built-in to Windows 10, and is a very good antivirus product.

Bitdefender Internet Security
Malware Killer
Phoenix360
Privacy Guardian
RogueKiller
System Mechanic

 

Then reboot the computer and make sure that Windows Defender is updated and running.

Get me new FRST and Additions logs and we can discuss what issues you're still having if any.

 

 

 

Share this post


Link to post
Share on other sites

Sounds good I'll go ahead and do that right now and give you the FRST and additions logs!

Share this post


Link to post
Share on other sites

One should not run two different antivirus products at the same time. Choose one and uninstall the other one is the recommended advice.

How is the computer running now?
System resources should be much higher now with those items removed.
Is the icon or program you were concerned about still there?

Give me a few minutes to review the new logs

 

Share this post


Link to post
Share on other sites

I will check friend if it does remain as it only appears when the device is in sleep mode. Whence I wake up the computer lags and the icon quickly goes away. Last time I checked (earlier today) it was still there and I have no reason to why it would be gone as no antivirus has found anything as of late. 

Share this post


Link to post
Share on other sites

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

Thanks

Ron

 

Share this post


Link to post
Share on other sites

Great, looks good.

How is the computer running now?

Go ahead and sleep the computer and let me know if that icon/issue is still there or not and I'll check back on you again later tonight

Ron

 

Share this post


Link to post
Share on other sites

Sounds good I'll get back to you later on! Have a great rest of your day and I'll see ya later.

 

Thank you once again!

Share this post


Link to post
Share on other sites

Hello @bloomer1338

I'm hoping that all is still working well for you. Please post a status update when you get a moment. I will be closing the topic soon if we don't hear back.

Thank you again

Ron

 

Share this post


Link to post
Share on other sites

Hello friend, sorry as of now I cannot replicate this ! But am worried that it is still passive, but everything seems to be running smoothly ! So high hopes lol, thank you so much for the help Ron ! 

Share this post


Link to post
Share on other sites

Okay, sounds good, and you're quite welcome for the help.  I'll go ahead then and give you some advice to help keep the computer clean going forward.

 

Let's get real. If you're not backing up your data and you're still using Google Chrome then you're just not serious about Privacy, Safety, and protecting your data. Malwarebytes is a fantastic program but you still need to back up your data and you still need to block scripts and Ads in your browser. 
If you're still using Google Chrome I would highly suggest you consider using Firefox instead. For more advanced users you might consider installing NoScript as well (it does have a higher learning curve though)

Help Secure your browsers

Please install uBlock Origin for your browsers to better protect your system

FireFox, ChromeOpera , SafariMicrosoft Edge
AdBlock for Internet Explorer
How to use uBlock Origin to protect your online privacy and security | uBlock Origin tutorial 2018

This video tutorial above explains how to use uBlock Origin in advanced user mode and all the advanced settings to protect your online privacy and help prevent unwanted sites from changing your browser settings

Follow-up Reading

Everything you need to know about cybercrime
10 easy ways to prevent malware infection 
Keep your data backed up

Thank you for choosing Malwarebytes and tell your friends and family too. We're here to help.


Ron

 

 

Share this post


Link to post
Share on other sites

Thanks again, luckily I have been using Waterfox (a 64 bit version of Firefox ) and seems to be doing well! But I might change it to just Firefox, hahaha seems to be a more safer move, but unsure ! I will definitely look into the uBlock addon! One question is do you suggest backups to be done on a hard drive in the computer or externally?

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.