They directed me here, Antiviruses cannot access when the BIOS or boot part of Legacy systems is infected with a virus, so how can I detect the viruses infected here, I am not entirely sure because the virus was infected without my knowledge, but I want to be sure. How can i be sure?
How do I detect if my Legacy System is infected with a BIOS or Boot virus?
- Thread starter ciao
- Start date
- Status
- Nov 5, 2019
- 1,431
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
This technical question if hard to answer.
You can get some information of the issue by reading some of the information on this topic.
forums.tomshardware.com
You may not be using E-set.
Let's see what we will find for now..
Please download Malwarebytes Anti-Malware from Malwarebytes or
from BleepingComputer
Right-click on the MBAM icon and select Run as administrator to run the tool.
Click Yes to accept any security warnings that may appear.
Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
On the left menu pane click the Settings tab, and then select the Protection tab on the top.
Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
Note: The scan may take some time to finish, so please be patient.
If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.
While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.
Note: If asked to restart the computer, please do so immediately.
===
Please download AdwCleaner by Malwarebytes your Desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click the LogFile button and the report will open in Notepad.
IMPORTANT
If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Check off the element(s) you wish to keep.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleanerCx.txt (x is a number).
<<<>>>
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and Attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "Upload file" button.
Do this for both files. Then pres the "Post reply" button.
<<<>>>
Wait for further instructions
p.s.
The Farbar program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
You should restore the program from the Quarantine folder.
<<<>>>
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
This technical question if hard to answer.
You can get some information of the issue by reading some of the information on this topic.
Question - Can Advanced Threat Protection of Antiviruses Access BIOS?
Hello. 1. Can ESET Premium Security's Advanced Threat Protection find viruses in BIOS or boot partitions? 2. What is the difference between BIOS viruses and boot (UEFI-MBR-Bootkit) viruses? Note: I'm trying to get the most accurate information about this subject. Therefore, I would be...
forums.tomshardware.com
Let's see what we will find for now..
Please download Malwarebytes Anti-Malware from Malwarebytes or
from BleepingComputer
Right-click on the MBAM icon and select Run as administrator to run the tool.
Click Yes to accept any security warnings that may appear.
Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
On the left menu pane click the Settings tab, and then select the Protection tab on the top.
Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
Note: The scan may take some time to finish, so please be patient.
If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.
While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.
Note: If asked to restart the computer, please do so immediately.
===
Please download AdwCleaner by Malwarebytes your Desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click the LogFile button and the report will open in Notepad.
IMPORTANT
If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Check off the element(s) you wish to keep.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleanerCx.txt (x is a number).
<<<>>>
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and Attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "Upload file" button.
Do this for both files. Then pres the "Post reply" button.
<<<>>>
Wait for further instructions
p.s.
The Farbar program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
You should restore the program from the Quarantine folder.
<<<>>>
1. I scanned my device with Malwarebytes and adwcleaner but not as administrator and found nothing.Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
This technical question if hard to answer.
You can get some information of the issue by reading some of the information on this topic.
You may not be using E-set.Question - Can Advanced Threat Protection of Antiviruses Access BIOS?
Hello. 1. Can ESET Premium Security's Advanced Threat Protection find viruses in BIOS or boot partitions? 2. What is the difference between BIOS viruses and boot (UEFI-MBR-Bootkit) viruses? Note: I'm trying to get the most accurate information about this subject. Therefore, I would be...
Let's see what we will find for now..
Please download Malwarebytes Anti-Malware from Malwarebytes or
from BleepingComputer
Right-click on the MBAM icon and select Run as administrator to run the tool.
Click Yes to accept any security warnings that may appear.
Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
On the left menu pane click the Settings tab, and then select the Protection tab on the top.
Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
Note: The scan may take some time to finish, so please be patient.
If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.
While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.
Note: If asked to restart the computer, please do so immediately.
===
Please download AdwCleaner by Malwarebytes your Desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click the LogFile button and the report will open in Notepad.
IMPORTANT
If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Check off the element(s) you wish to keep.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleanerCx.txt (x is a number).
<<<>>>
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and Attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "Upload file" button.
Do this for both files. Then pres the "Post reply" button.
<<<>>>
Wait for further instructions
p.s.
The Farbar program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
You should restore the program from the Quarantine folder.
<<<>>>
2. I use Eset
3. Do I need to scan with Farbar?
4. However, I know that antiviruses cannot access Legacy systems. I just want to know how can I be sure this place is clean. @nasdaq
Ok I'll do it and throw it away, but I thought it wouldn't change anything since antiviruses can't access here anyway. @nasdaq
It didn't open because I'm not an administrator. how do i be on the admin account?
Note: I didn't need it, I did it by running as administrator
Note: I didn't need it, I did it by running as administrator
Last edited:
I asked several forums and was told no personal information other than the filename. I will remove it when you write me the answer about it anyway.
Since you left after 1 message and I can't change files, I will post at your average online time
@nasdaq
Last edited:
- Status
Similar threads
- Locked
