MD_Man2021 Posted March 11, 2021 ID:1443980 Share Posted March 11, 2021 I have two external storage devices attached to my desktop running Windows 10. Malwarebytes is finding PUP and rootkit issues and says they are Quarantined, restarts and when I run the program again, finds more from these very same devices. This process of running is taking over 40 hours - I ran the program now 12 times and it is still not coming up with the all clear; why is it not able to seek and destroy them? Malwarebytes Scan report 02-20-2021.txt Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1443987 Share Posted March 11, 2021 Here are the files from all the other scans - It found PUPs in ALL of those scans!!!!!!! Report from 02-22-2021.txt Report from 02-24-2021.txt Report from 02-26-2021.txt Report from 02-28-2021.txt Report from 02-28a-2021.txt Report from 03-2-2021.txt Report from 03-3-2021.txt Report from 03-5-2021.txt Report from 03-7-2021.txt Report from 03-8-2021.txt Link to post Share on other sites More sharing options...
kevinf80 Posted March 11, 2021 ID:1444014 Share Posted March 11, 2021 Hiya MD_Man2021 and welcome to Malwarebytes, All of the found entries seem to be in the "Downloads" folder of the drives E:\ and F:\ what are those drives used for...? Thank you, Kevin.. Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444015 Share Posted March 11, 2021 These are backups from my other old computers and laptops that I no longer have or use; I backed up all the relevant folders on to these storage devices. Link to post Share on other sites More sharing options...
kevinf80 Posted March 11, 2021 ID:1444016 Share Posted March 11, 2021 Are the backups still needed... Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444017 Share Posted March 11, 2021 Thank you for looking in to this Kevin Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444018 Share Posted March 11, 2021 Yes I have files on these storage devices that I use on a regular basis. The desktop doesn't have that much space. Link to post Share on other sites More sharing options...
Solution kevinf80 Posted March 11, 2021 Solution ID:1444020 Share Posted March 11, 2021 (edited) Well the problems all seem to be in the same folders on each drive: F:\SEAGATE 1\DOCUMENTS\LAPTOP DOCS\DOWNLOADS E:\SEAGATE 4\FILEHISTORY\LOIS\LOIS-PC\DATA\C\USERS\LOIS\DOWNLOADS Are those two folders needed, could they be deleted... Edited March 11, 2021 by kevinf80 Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444021 Share Posted March 11, 2021 Yes Kevin, I can see that it is finding these issues in both the F and E drives which are the storage devices; my question is why are these issues not being resolved? Why is Malwarebytes not finding and deleting them? Unplugging the storage devices is counter productive as I use those drives all the time; this is like saying the baby is crying so why not throw the baby out??? no - I need to find out why the program is not deleting these PUPs and root kit issues. Link to post Share on other sites More sharing options...
kevinf80 Posted March 11, 2021 ID:1444024 Share Posted March 11, 2021 (edited) I`m not suggesting the drives are unplugged, I`m only suggest deleting the download folders. Malwarebytes does seem to identify and quarantine the threats, problem is they return... Do you have any kind of backup software running.. Edited March 11, 2021 by kevinf80 typo Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444027 Share Posted March 11, 2021 No I don't have any back up which is automated; I manually back up to these attached storage devices. When you say threat returns, shouldn't the program capture all of the threats and eliminate them? Is there another program other than malwarebytes that can do that? If I start deleting each affected folder, pretty soon I will have none left. If deleting the downloads folder is the only option I will consider it and run the program again. Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444030 Share Posted March 11, 2021 Kevin, I reviewed both the download folders and I need those files; I have pictures of my children and work related documents that I downloaded on there. I need to know HOW to delete these threats permanently without having to delete the folders. Link to post Share on other sites More sharing options...
kevinf80 Posted March 11, 2021 ID:1444034 Share Posted March 11, 2021 Yes I understand your concerns, obviously deleting the full folders is not an option when precious pictures are also present.. I`ll go over the logs again and see which entries always seem to return. Will take awhile.... Can you also run the following scan so we can see what else is happening with your system... Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.htmlNote: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status... Right click on FRST and rename FRSTEnglish if English is not your primary language Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Thank you, Kevin Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444036 Share Posted March 11, 2021 Will do Kevin and my sincere thanks for your assistance Link to post Share on other sites More sharing options...
kevinf80 Posted March 11, 2021 ID:1444038 Share Posted March 11, 2021 Thanks for the update... Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444039 Share Posted March 11, 2021 I downloaded the program and ran the scan; attached are the results Kevin. Addition.txt FRST.txt Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444041 Share Posted March 11, 2021 Kevin, I also downloaded RKill and ran it; but these programs are only looking at the C drive not the E or the F. Any suggestions? Rkill.txt Link to post Share on other sites More sharing options...
kevinf80 Posted March 11, 2021 ID:1444042 Share Posted March 11, 2021 Those two logs look good, nothing at all untoward... The following entries seem to be the ones that return, we can shift them with FRST... F:\SEAGATE 1\DOCUMENTS\LAPTOP DOCS\DOWNLOADS\SD_SERIES_DRIVER_PC_2.22 F:\SEAGATE 1\DOCUMENTS\LAPTOP DOCS\DOWNLOADS\CBSIDLM-CBSI188-DRAFTSIGHT_64BIT-SEO-75855080.EXE F:\SEAGATE 1\DOCUMENTS\LAPTOP DOCS\DOWNLOADS\INSTALLFREERAREXTRACTFROG.EXE E:\SEAGATE 4\FILEHISTORY\LOIS\LOIS-PC\DATA\C\USERS\LOIS\DOWNLOADS\WEATHERBUGSETUP Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 11, 2021 Author ID:1444045 Share Posted March 11, 2021 Kevin, I actually went one step further and deleted all EXE (executable files from the download) in addition to the four you mentioned above. I am now running Malwarebytes and it will take 40 hours or so to finish its scan; I will update you on here; again many thanks Kevin! Link to post Share on other sites More sharing options...
kevinf80 Posted March 11, 2021 ID:1444046 Share Posted March 11, 2021 Thanks for the update, yep that makes better sense what you`ve done... Catch up later.... Link to post Share on other sites More sharing options...
kevinf80 Posted March 14, 2021 ID:1444711 Share Posted March 14, 2021 Any progress...? Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 16, 2021 Author ID:1445002 Share Posted March 16, 2021 hi Kevin, Found more errors and I am re running the program again - have to wait for another 40 hours I would suppose. Thanks Link to post Share on other sites More sharing options...
kevinf80 Posted March 16, 2021 ID:1445045 Share Posted March 16, 2021 Hiya MD_Man2021, Thanks for the update, post log when ready... Thank you, Kevin.. Link to post Share on other sites More sharing options...
MD_Man2021 Posted March 16, 2021 Author ID:1445099 Share Posted March 16, 2021 still finding errors but in different folders. I am cleaning them one file at a time; running the program again now. Sreport 03-16-2021.txtee attached. Link to post Share on other sites More sharing options...
kevinf80 Posted March 16, 2021 ID:1445101 Share Posted March 16, 2021 (edited) Hiya MD_Man2021, Those flagged entries are from your Backup drives, what is happening with the drive where Windows is installed, is that OK... Cheers, Kevin... Edited March 16, 2021 by kevinf80 typo Link to post Share on other sites More sharing options...
Recommended Posts