Jump to content

Recommended Posts

So with the suggestion of my friend, I have downloaded Malwarebytes to see check my PC. Upon downloading and using it; Malwarebytes has found mostly PUPs and I saw a glimpse of a rootkit somewhere in there. Due to my pc lagging ever since I installed Malwarebytes, I have uninstalled it and it has been fine ever since. But I am worried that I have left the rootkit there and I'm anxious about it. I have download MBAR, followed the steps both in the wizard and website; and I have found no malware.

A few questions I have is that is my pc clean now? And why can't I reinstall malwarebytes? 

Note:

It's ok if I can't install Malwarebytes again because my PC (i think) is lagging because of it, I just want to know if I've already cleaned my pc with my previous Malwarebytes and the MBAR that I now just used. Thank you

Link to post
Share on other sites

I have currently completed the scan and as said by the previous guy that lead me here (Thanks to him again) I need to provide the 2 logs that someone will need to help me identify if my computer is cleaned. I have the 2 logs ready and I will just drop them once someone comes to help me; thank you!

Link to post
Share on other sites

Hello , Yeshu...:welcome:

Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here each time
  • Please attach the Additions.txt log to your reply as well.
  • On your next reply, you should be attaching frst.txt and additions.txt to your post, every time.
Edited by icotonev
Link to post
Share on other sites

No signs of any Malware in your logs. There's a couple of files I'd like to run a scan on at VirusTotal just to make sure, but it is just a precaution, and I don't really expect either of them to test positive. There's also an ADS file running from a temp location that can be deleted. Files of this type are normally deleted by the program that created them, but in this case that doesn't appear to have happened, so we'll remove it with FRST.

So .....

Please download the attached ** fixlist.txt **  file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

  NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

 

NOTICE: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

 

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

Link to post
Share on other sites

Well, as I expected, the two files were clean, so unless you're experiencing any abnormal behaviour from your computer, I think it's reasonable to assume that you do not have an active infection on your machine.

We could run an online scan to double check if you wish, but I would be surprised if it found anything amiss. Please let me know if you want to do that.

 

If not ....

To uninstall FRST and remove all its files, please do the following ...
 

  • Rename FRST64.exe to Uninstall.exe
  • Double click on Uninstall.exe to launch it.
    • Your computer will reboot, and on reboot will remove FRST and all its files.

 

+

 

Scanning with SecurityCheck by glax24
 

  • Download SecurityCheck by glax24 from here and remember the tool on the desktop.
  • Run the program right-click the administrator name
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Copy the contents of this file to your next post
  • You can find this file in the root of the system disk in a folder called SecurityCheck, C: \\ SecurityCheck \\ SecurityCheck.txt

 

Link to post
Share on other sites

I'm gonna have to pass on the SecurityCheck, maybe next time! I have online classes tomorrow and I need to get my PC desktop clean again because of the arriving works and activities. Thank you for the help though; I really appreciate it, you're a lifesaver. Kudos man, thank you once again!

Link to post
Share on other sites

 

Finally ...:

 

KpRm

 

Download KpRm by kernel-panik and save it to your desktop.

  • Right-click kprm_(version).exe and select Run as Administrator.
  • When the tool opens, ensure all boxes are checked, and select Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.

 

4 minutes ago, Yeshu said:

Thank you for the help though; I really appreciate it, you're a lifesaver. Kudos man, thank you once again!

You're welcome..! Safe surfing ..!  :)

Link to post
Share on other sites
3 hours ago, icotonev said:

Scanning with SecurityCheck by glax24
 

  • Download SecurityCheck by glax24 from here and remember the tool on the desktop.
  • Run the program right-click the administrator name
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Copy the contents of this file to your next post
  • You can find this file in the root of the system disk in a folder called SecurityCheck, 😄 \\ SecurityCheck \\ SecurityCheck.txt

I didn't understand what was happening here ...?  Can I see the result..!?!

Link to post
Share on other sites

Oh, well I skipped that one because you said it's ok if I don't want to do that scan. So now my computer's fine thanks to your help; I don't have any results from the security scan cause I skipped it haha. Sorry! I thought you knew I decided to do that maybe next time

Link to post
Share on other sites
2 minutes ago, icotonev said:

OK, no problem ..! Once everything is fine .. we end the topic ..! Once again safe browsing and pleasant moments on the Malwarebytes forum..! :)

Thank you! I thought that was a crucial step and I've made a grave mistake; thank you once again, I can do online classes with no fear now and anxiety that my computer might be infected. You're a life saver, see you around!

Link to post
Share on other sites

Update: Everything was going fine until I streamed my BlueStacks with Discord and an hour later discord crashed and reconnected like nothing happened at all; I went to check the task manager and my disk was at 90% - 100% always. I uninstalled MalwareBytes cause I think I'm lagging again because of it haha, what do you think? My PC just lagged and we're fine now?

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.