Jump to content

odd activity, resistance futile or


Recommended Posts

Hello, I 've had strange occurrences on my computer for a bit. inability to activate windows, windows logo flashing on boot when it didnt used to, lockscreen stuck on spotlight except one random time, random Cmd flashing quickly occasionally, settings changing or not sticking when applied, inability to change some settings or access folders no matter what, odd things in files like "hard disc volume 3" path to app id made of random numbers, I don't have a hd or 3 partitions. but all antivirus scans turned up clean. the biggest thing was my fans ramping up on idle state to a substantial amount every time (not normal of the first year of use) but if I tried to leave monitors open they would see nothing out of the ordinary. my computer temps seem to run higher even when I'm not idle in general and i dust my system as needed, but I can find no reason. I'm fairly certain I had a rootkit running incognito, so I sanitized my SSD (it went from 0% to completed in bios which I thought was odd so did clean all through cmd in the usb installer) and reinstalled from media made on a friends work computer that is heavily locked down on a usb fresh from the store. experience was the same. i didn't set my computer up to be safe very well I kind of just built it and ran with a "dont be dumb" mindset, which in hindsight was dumb and I'm now learning about common vulnerabilities and such.. I believe it may have persisted through the ram hibernation which I disabled after the first reinstall and tried again but with the same usb, My last thing I did was run Tron (found on reddit) which I'm sure you've come a crossed which does a automated batch of corrections for poorly functioning or infected computers. It did its thing and got me more paranoid for a minute cause it changed a bunch of settings like enabling background apps n such so my fans cranked up again and edited my host file so windows and Malwarebytes threw up warnings. im not having some of the issues but my fans still sound like they aren't working according to the load I'm inputting but for other things. if i look hard enough I can always find something that seems odd. Realistically I'm out of my depth and confusing myself and wasting time chasing random things I don't understand that aren't worrying about but I don't know,

some assistance would be much appreciated. 

FRST.txt Addition.txt MWBlog.txt

Link to post
Share on other sites

  • Root Admin

Hello @Borgdrone and :welcome:

The log indicates that you did not tell Malwarebytes to remove what it found. Please run the following in the order provided. Then make sure you have Malwarebytes remove anything found.

 

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process

Then follow each step in the order provided. Unless otherwise asked, please attach all logs

 

Please make the following system changes:

  • If you have not done so already - Enable System Protection and create a NEW System Restore Point
  • Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed
  • Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed
  • Disable-Fast-Startup
  • Show-Hidden-Folders-Files-Extensions

Please run the following scans:

  1. Click the following link and run a  Scan with AdwCleaner
  2. Click the following link and run a  Scan with Malwarebytes 
       RESTART the computer
  3. Click the following link and run a  Scan with Farbar Recovery Scan Tool 
     

Example image of where to click to attach files when posting your reply

image.thumb.png.e208c182ff570799c53bcf57

 

Thank you

 

Link to post
Share on other sites

  • Root Admin

We can try to clean it up some, but I think the best thing to do is backup your personal data to an external USB drive and then do a clean install of Windows.

The computer will be much cleaner, safer, and faster by doing a clean install of Windows.

 

Clean Install Windows 10 & 11 (2023)
https://answers.microsoft.com/en-us/windows/forum/all/clean-install-windows-10-11-2023/1c426bdf-79b1-4d42-be93-17378d93e587

Also, please review the following topic

Bypass Microsoft Online Account Creation during installation of Windows 11
https://forums.malwarebytes.com/topic/296613-bypass-microsoft-online-account-creation-during-installation-of-windows-11/

 

Link to post
Share on other sites

1 hour ago, Borgdrone said:

there is no data on the pc its just after a fresh install again basically besides some diagnostic attempts and such. the previous fresh installs were not solving the issue

The fact you used Tron on this install warrants another clean install and a warning to never use it again.

Quote

15-02-2024 00:11:46 TRON v12.0.6: Pre-run checkpoint

 

  • Like 1
Link to post
Share on other sites

What are the concerns that make you recommend a fresh does something stand out to you? Like I said this is fresh install as of a day ago and any downloads have been anally verified. My previous big tell the fans, only ramped up on idle once last night and for a legit windows update process as far as the computer was saying. process didn't stop soon as I touched the mouse and broke idle so that's my biggest tell it was legit. it was refreshing for sure so I'm curious what the hell lol 

Link to post
Share on other sites

15 hours ago, Porthos said:

he fact you used Tron on this install

Tron is not an accepted way to remove infections by most malware removal experts. It leaves a Windows install in a more vulnerable state due to the way it affects and changes many of the security permissions in Windows.

The best way to fix the damage/changes done by Tron is a clean install.

But in the end, it is your computer you are welcome to leave it in this state.

Edited by Porthos
Link to post
Share on other sites

So, no red flags for any remaining infections? I have  a pair of memory dumps from after the 1st reinstall that I couldn't read heads or tails of trying to check for rootkit if that's of interest. 

 

I am fine with doing another install if there's issues somewhere but everything I can find info on is positive changes Do you have a resources for modifications to the default settings that are recommended for added security/optimization/ reduce network traffic/background tasks. 

Link to post
Share on other sites

  • Root Admin

The computer is in a changed state that is not normal for Windows after using Tron to clean the computer. You can do as you wish as it's your computer but I'm sorry I''m not going to spend hours trying to clean up a computer that I personally would never run. Using a computer that has all the permissions modified is looking for potential trouble forever more. It does not mean it will cause an infection but it literally takes 15 minutes to reinstall Windows so why bother?
 

  • Like 2
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.