Infection undetected by malware, anti-virus & rootkit software

A

Agate

New Member
Thread author
Jun 8, 2017
4
Cheers,

Any ideas or guidance will be much appreciated!

Am not opposed to a manual CMOS battery reset, but saving that as my last resort :)

Thank you kindly!
 

Attachments

  • Addition.txt
    12 KB · Views: 1
  • FRST.txt
    23.9 KB · Views: 2
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hello,


51a46ae42d560-malwarebytes_anti_malware.png
Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Start Scan.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the Reports tab.
  • Double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
 
A

Agate

New Member
Thread author
Jun 8, 2017
4
Cheers,

Thank you kindly for your prompt response!! I am running that scan currently, and also found an MBR check at gmer which returned rootkit activity 'TDL4@MBR code has been found'

Attaching screenshot. When malwarebytes scan wraps up, I'll send it over :)

Thank you much!
 

Attachments

  • gmer found root kit no one else could so far.PNG
    gmer found root kit no one else could so far.PNG
    209.6 KB · Views: 4
A

Agate

New Member
Thread author
Jun 8, 2017
4
Here is report from Malwarebytes, thank you!
 

Attachments

  • malwarebytes_scan.txt
    1.2 KB · Views: 7
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
TDSSKiller_Kaspersky.png
Scan with TDSSKiller

Please download TDSSKiller by Kaspersky and save it to your desktop.

  • Right-click on
    TDSSKiller_Kaspersky.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Click on Change parameters and put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
  • Your machine may appear very slow and unusable after that - it's normal.
  • TDSSKiller will run automaticaly. Click on Change parameters and click OK.
  • Click the Start Scan button and wait patiently.

If anything will be found follow this guidelines:
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    If Cure is not available, please choose Skip instead.
  • Do not choose Delete unless instructed!

A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.
 
A

Agate

New Member
Thread author
Jun 8, 2017
4
Great, thank you!
 

Attachments

  • TDSSKiller.3.1.0.15_09.06.2017_13.57.39_log.txt
    555.6 KB · Views: 3

Similar threads

tanner_doriano
  • Locked
No Reply PC Infected with Persistent Malware Downloading Files Hourly
Replies
7
Views
330
Windows Malware Removal Help & Support
icotonev
icotonev
mjfneto
  • Locked
Persisting Suspicious Activity
Replies
5
Views
416
Windows Malware Removal Help & Support
nasdaq
nasdaq
C
    • Like
  • Locked
Help - Google Chrome Extension Virus reinstalls itself every hour
Replies
3
Views
837
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top