Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: I need help, I do not know what to do about this possible malware/rookit

  1. #11
    Junior Member
    Join Date
    Dec 2017
    Posts
    8

    Default

    You didn't really answer my question on whether or not I can delete those items that are in the quarantined section. The HKLM registry keys or whatever. They've popped up in almost all the program scans so I don't know what they are or whether to just delete them all or not.

    Also from what you're saying, you don't think it's a malware or rootkit? The main reason why believe it is, is because when I was first trying to download and install any type of malware tool to get rid of it, it was blocking all installations. Even when I went to download Rkill, it didn't let me download it until I downloaded the file that used a different name to hide itself from detection of the possible malware.

    I would just like to get your opinion on these things before I go and do what you said.

  2. #12
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Quote Originally Posted by kenanmp7 View Post
    You didn't really answer my question on whether or not I can delete those items that are in the quarantined section. The HKLM registry keys or whatever. They've popped up in almost all the program scans so I don't know what they are or whether to just delete them all or not.

    Also from what you're saying, you don't think it's a malware or rootkit? The main reason why believe it is, is because when I was first trying to download and install any type of malware tool to get rid of it, it was blocking all installations. Even when I went to download Rkill, it didn't let me download it until I downloaded the file that used a different name to hide itself from detection of the possible malware.

    I would just like to get your opinion on these things before I go and do what you said.
    Yes, you can delete those items found by the scans.

    Here is some of your problem

    Error: (12/20/2017 05:03:57 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Explorer.EXE, version: 10.0.16299.15, time stamp: 0x66e02565
    Faulting module name: twinui.pcshell.dll, version: 10.0.16299.64, time stamp: 0xb927010b
    Exception code: 0x80270233
    Fault offset: 0x00000000001c4095
    Faulting process id: 0x84c
    Faulting application start time: 0x01d379de6e075207
    Faulting application path: C:\WINDOWS\Explorer.EXE
    Faulting module path: C:\WINDOWS\system32\twinui.pcshell.dll
    Report Id: f612f9da-ea22-4aeb-8ec8-bad38a30f9f3
    Faulting package full name:
    Faulting package-relative application ID:

    There is a bug in Windows 10 that shows for some users where they can’t change their system’s default programs in the Settings app. All their defaults have been reset to show “TWINUI”. This simply means that they have no default programs set, usually because of System Registry corruption, The problem can be resolved by restoring the registry from a backup before the corruption occurred.

    Please read over this article referring to other windows 10 users. There are 2 pages try to read all the way through.
    https://www.tenforums.com/software-a...at-twinui.html

    ~~~~~~~~~~~~~~~~~~~~~~~
    One of my first comments were
    Not really seeing much that would point to malware unless you have run tools and it was deleted before you posted here.
    As for malware and rootkits, from what we've done so far theres no evidence.

    Let's do this
    Follow the instructions in the thread below. Make sure to download the MBAR version linked in it. Let me know if you're not able to launch it and run a scan.

    https://forums.malwarebytes.com/topi...-malwarebytes/

    If you manage to run a scan, delete everything it finds, and then copy/paste the content of the mbar-log-DATE-(TIME).txt log that is located in the MBAR folder here after.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #13
    Junior Member
    Join Date
    Dec 2017
    Posts
    8

    Default

    I read the pages but it seems like they're talking about an issue with the browser/links and what not. I don't think that is my PC's issue.

    Also I downloaded MBAR and it installed fine, did the scan, but once it finished and went to the cleanup page it said:
    Congratulations, no cleanup is required!
    Scan Finished: No malware found!

    So I think I'm going to try what you said to do in your other reply because after all these different tools no malware has been discovered apparently. This is quite frustrating haha.

  4. #14
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Many days go by when working on computers that they are frustrating.

    Let me know how you make out.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #15
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Can you give me an update?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #16
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Glad we could help.
    Since this issue appears resolved ... this Topic is closed.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •