Jump to content

potential malware issue


Recommended Posts

Basically my wifi sometimes works at full speeds, other times it will be extremely slow. I thought maybe the area is just busy and ISP is limiting my wifi...nope. All other devices test correctly. (I should get between 500-800 mbps) My network drivers are all up to date, so its not that either...I know Windows 10 has network issues, so I upgraded to Windows 11...still having the same issues. I tried installing Malwarebytes, it got stuck at 19% and after a while the installation failed...I've unfortunately had to do this with you guys before so I already ran MBST and got a grab results zip file for you guys. Thanks for the help in advance. 

Also may be worth noting, sometimes the wifi works perfectly fine on this device as well, its quite strange.

mbst-grab-results.zip

Link to post
Share on other sites

2 hours ago, randomuserguy said:

but do you have any idea what the wifi thing could be about?

I can't assist with identifying or removing malware "If" present on the computer. I just wanted you to get Malwarebytes installed.

Be patient for the next expert to take your case.

Link to post
Share on other sites

  • Root Admin

Good day @randomuserguy

It's almost 2 AM for me so I'm heading out but will check back with you tomorrow.

Please run the following

 

 

Please download and run the following Kaspersky Virus Removal Tool 2020 and save it to your Desktop.

(Kaspersky Virus Removal Tool version 20.0.10.0 was released on November 9, 2021)

Download: Kaspersky Virus Removal Tool

https://devbuilds.s.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe

How to run a scan with Kaspersky Virus Removal Tool 2020
https://support.kaspersky.com/15674

How to run Kaspersky Virus Removal Tool 2020 in the advanced mode
https://support.kaspersky.com/15680

How to restore a file removed during Kaspersky Virus Removal Tool 2020 scan
https://support.kaspersky.com/15681

 


Select the  image.png  Windows Key and R Key together, the "Run" box should open.

user posted image

Drag and Drop KVRT.exe into the Run Box.

user posted image

C:\Users\{your user name}\DESKTOP\KVRT.exe will now show in the run box.

image.png

add -dontencrypt   Note the space between KVRT.exe and -dontencrypt

C:\Users\{your user name}\DESKTOP\KVRT.exe -dontencrypt should now show in the Run box.
 
image.png


That addendum to the run command is very important, when the scan does eventually complete the resultant report is normally encrypted, with the extra command it is saved as a readable file.

Reports are saved here C:\KVRT2020_Data\Reports and look similar to this report_20210123_113021.klr
Right-click direct onto that report, select > open with > Notepad. Save that file and attach it to your reply.

To start the scan select OK in the "Run" box.

A EULA window will open, tick all confirmation boxes then select "Accept"

image.png

In the new window select "Change Parameters"

image.png

In the new window ensure all selection boxes are ticked, then select "OK" The scan should now start...

user posted image

When complete if entries are found there will be options, if "Cure" is offered leave as is. For any other options change to "Delete" then select "Continue"

user posted image

When complete, or if nothing was found select "Close"

image.png

Attach the report information as previously instructed...
 
Thank you
 
 

 

 

Link to post
Share on other sites

This person has a similar issue as me, and in the post the person who was helping him mentioned CCleaners "dangerous registry cleaner". I did use that in the past, but have since reset my PC, so that couldn't be the issue right? Heres a link to the post. To clarify I'm not actually doing anything until instructed, I'm just researching for potential answers to my issue. 

https://answers.microsoft.com/en-us/windows/forum/all/slow-wifi-only-on-this-computer-fixes-temporarily/2bff61f2-e7ca-4b30-b12c-37db5f38d09c

Link to post
Share on other sites

  • Root Admin

No, should have no connection to your issue.

 

If you own your own router and are not renting it from your Internet Service Provider

Please ensure that you have the user manual for your router. Then perform a factory reset.

How To Reset Your Router
https://setuprouter.com/networking/how-to-reset-your-router/

Depending on one's preferences and the Router's capabilities please consider the following.

  • Disable acceptance of ICMP Pings
  • Change the Default Router password using a Strong Password
  • Use a Strong WiFi password on WPA2 using AES encryption or Enable WPA3 if it is an option.
  • Disable Remote Management
  • Create separate WiFi networks for groups of devices with similar purposes to prevent an entire network of devices from being compromised if a malicious actor is able to gain unauthorized access to one device or network.
    Example: Keep IoT devices on one network and mobile devices on another.
  • Change the network name (SSID).  Do not use your; Name, Postal address or other personal information.  Make it unique or whimsical and known to your family/group.
  • Is the Router Firmware up-to-date ?  Updating the firmware mitigates exploitable vulnerabilities.
  • Specifically set Firewall rules to BLOCK;   TCP and UDP ports 135 ~ 139, 445, 1234, 3389, 5555 and 9034
  • Many Routers support Saving and Restoring settings from a file.  It is suggested to make a backup by saving your Router's settings once it has been configured.
  • Document passwords created and store them in a safe but accessible location.

 

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.