Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help getting started checking laptop for malware [Solved]

help malware spyware

  • This topic is locked This topic is locked

#16
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,095 posts

Yes, I know that KpRm is detected by some security programs, but it's absolutely clean. The detection is a false-positive detection.
 
=======================================

 

So, now everything is clean! Congratulations! :thumbsup:
 
Thus, it's time for my favorite "last lecture", with some final tips about your computer's security from now on:

Some of the following, are from Klein's (2005) article, So how did I get infected in the first place. Since then, the article has been reproduced or linked to in dozens of locations. As a result, many malware experts have continued updating it, to include current operating systems and software program information. My source is Security Garden, and I marked for you the following:

1. Keep your Windows updated!
It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

2. Update 3rd Party Software Programs
Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware.'' It's important to keep everything updated.

3. Update the browsers you use
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. So... Keep them updated.

4. Be careful about what you download and what you open!

  • Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.
  • Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others, allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner. BUT even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected.
  • Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Have this in mind.
  • Do not open any files without being certain of what they are!

5. Avoid questionable web sites!
Visit web sites that are trustworthy and reputable. Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders. Also, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is.

6. Registry cleaners/driver boosters/system optimizers
I do not recommend registry cleaners, system optimizers, driver boosters and the like. It is your computer and certainly your choice. However, please consider that modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. With registry cleaner and system optimization software programs, the potential is ever present to cause more problems than they claim to fix. Do note, however, that Microsoft does not support the use of registry cleaners. See Microsoft support policy for the use of registry cleaning utilities.

7. PC means personal computer!
Don't give access to your computer to friends or family who appear to be clueless about what they are doing.

8. Back-up your work!
Make back-ups of your personal files frequently. You never know when you'll have to reformat and start from scratch. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.

9. Must-Have Software
An anti-virus and an anti-spyware program is a necessity for the security of your computer. Be sure that you keep them updated, and that real time protection is enabled. You have now Norton Antivirus. Together with Malwarebytes, if you run it occasionally, depending on how often you use your computer, can keep you safe.

Happy safe computing. ZZZQehw.gif


I'm glad I was able to help you.


  • 0

Advertisements


#17
triedeverything

triedeverything

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Norton scan showed threats this morning after everything we did above??

 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/16/23
Scan Time: 5:37 AM
Log File: 54fcf9fe-dc3a-11ed-8c04-bce92fcbf508.json

-Software Information-
Version: 4.5.26.259
Components Version: 1.0.1976
Update Package Version: 1.0.68087
License: Trial

-System Information-
OS: Windows 11 (Build 22621.1555)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 278647
Threats Detected: 5
Threats Quarantined: 5
Time Elapsed: 5 min, 23 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 5
PUP.Optional.BundleInstaller, C:\USERS\KEURE\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46590.EXE, Quarantined, 118, 1116198, 1.0.68087, , ame, , 4B4149C544EA79ACCC7CB55015FCC0FA, 761BE1C00F156CAA8D04DB5BD0E2F7B3F12FD0B4B9F29BD4E0AF13125F2E4646
PUP.Optional.BundleInstaller, C:\USERS\KEURE\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46672.EXE, Quarantined, 118, 1121241, 1.0.68087, , ame, , 437ED8763AE1A4D9FA62F3643927CCC6, 94D24CAD6B8E158DF73247376A420291E2D954CE387E4A6665670A4E8E586EE3
PUP.Optional.ChinAd, C:\USERS\KEURE\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46674.EXE, Quarantined, 384, 1123315, 1.0.68087, , ame, , 6AB2DCB825A2EEF0023C2B606DA11E2E, 346B206A7FCB7F1E7D04E57DE8F5214218E04BC800A1114071619B508811BC7F
PUP.Optional.BundleInstaller, C:\USERS\KEURE\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46682.EXE, Quarantined, 118, 1124933, 1.0.68087, , ame, , 21EA44D3A8D7CBCC07477A5C0D8795C8, 0CCF662DB06716FD3BA76CCC9178AB9AA613F41426EC69D69DDFCECC761E1A7E
PUP.Optional.BundleInstaller, C:\USERS\KEURE\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46738.EXE, Quarantined, 118, 1131981, 1.0.68087, , ame, , FD42379761A5DDA477083EBFB172286B, 9A27F17D859D7F60A26030C7A0EF3698FFA0FF5FF4230963E52AB79A6A4DACDF

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)


  • 0

#18
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,095 posts

Hi.

 

The above is Malwarebytes report, not Norton. As I can see, the items detected and got in quarantine are related with the items detected before, when we ran Malwarebytes in scan mode. Actually 7 items were detected then, and when we ran the tool in clean mode only 2 were removed. These are the rest 5. I don't know why they were not detected before.

 

Restart the computer and perform another Malwarebytes scan, with the same settings I recommended here.

 

Attach the result here.


  • 0

#19
triedeverything

triedeverything

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Hi.

 

The above is Malwarebytes report, not Norton. As I can see, the items detected and got in quarantine are related with the items detected before, when we ran Malwarebytes in scan mode. Actually 7 items were detected then, and when we ran the tool in clean mode only 2 were removed. These are the rest 5. I don't know why they were not detected before.

 

Restart the computer and perform another Malwarebytes scan, with the same settings I recommended here.

 

Attach the result here.

 

OK ran Malware again, nothing detected, log below.....

 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/16/23
Scan Time: 6:41 AM
Log File: 312d8058-dc43-11ed-9506-bce92fcbf508.json

-Software Information-
Version: 4.5.26.259
Components Version: 1.0.1976
Update Package Version: 1.0.68089
License: Trial

-System Information-
OS: Windows 11 (Build 22621.1555)
CPU: x64
File System: NTFS
User: LAPTOP-EUSAIEC4\keure

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 278891
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 15 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 


  • 0

#20
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,095 posts

So all good now. :)


  • 0






Similar Topics


Also tagged with one or more of these keywords: help, malware, spyware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP