Ran suspicous program and am not sure if I'm clean or not

Not open for further replies.


New Member
Jan 20, 2021
Hey all, so in a lapse of judgement I downloaded an .exe and ran it without really thinking of what I was doing. Unfortunately I didn't virustotal the exe before running it so I ended up installing some kind of virus or trojan on my computer (VirusTotal).

Anyways, after the program "failed" to run (missing some .dll file, probably a fake window), I ran the file through virustotal and checked what files it had added and modified, it looks like it followed the same behavior as reported, which is modifying some registry keys and dropping a bunch of files, one which contained my current ip address. In any case, I deleted some of those files and ran the following:

* Malwarebytes
* Hitman Pro
* EmsisoftEmergencyKit

I was wondering if there was way to determine if there's still traces left on my pc, or if any experts know if the program above had any behavior that would cause some sabotage later down the line.

  • Like
Reactions: upnorth


New Member
Jan 20, 2021
Here's FRST reports just in case


  • Addition.txt
    42.9 KB · Views: 9
  • FRST.txt
    54.3 KB · Views: 9


Staff member
Nov 5, 2019
Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.

Not malware was found in your logs.

Did you set and see that DisallowRun reported by Malwarebytes.
If you know what is disallowed fine, otherwise clean the item with Malwarebytes or run this fix.

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.



HKU\S-1-5-21-587742373-4164257733-1939967323-1001\...\Policies\Explorer: [DisallowRun] 1



Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

Windows Defender is presently Disabled.

It should be Enabled.
How To:


Hope all is well.
  • Like
Reactions: Gandalf_The_Grey


New Member
Jan 20, 2021
Hey, nasdaq.

Thanks for the response. Malwarebytes did not catch that registry key edit. I ran the fix and the log is attached. Looks like installing Malwarebytes turned off Windows Defender yesterday. I've re-enabled it.

Thanks for confirming that there's no other remnants. Hopefully whatever got sent when I opened that file isn't going to bite me later down the line.


  • Fixlog.txt
    1.4 KB · Views: 10
Not open for further replies.