Nicholas0009

mbst-grab-results.zip

report_2023.04.19_16.12.16.txt

So I did what you said then ran MSERT for 15+ hours and at a point it started scanning vmware-tray.exe and stayed there for 2 hours and some change so I ended the scan.

Here is what you asked for in terms of your last response I am a little confused as you said it was a false positive from Windows Defender, but Windows Defender didn't flag it, it was Malwarebytes that flagged it as a virus/malware. SecurityCheck.txt

mbst-grab-results.zip

Also here these are FRST.txt Addition.txt

Should I be worried about temp files that show up on Malwarebytes as malware they were banned QQEQUPYWOLZPXXGAPUIXCFNOJNZZIWY and the other one JMBPLJOOSJLOEYEEVDINROELCQXXTHE This is what I saved from the malwarebytes scan Malware.AI.4264842330, C:\USERS\blank\APPDATA\LOCAL\TEMP\JMBPLJOOSJLOEYEEVDINROELCQXXTHE, No Action By User, 1000000, -30124966, 1.0.68174, F8B2F67D0647E8D9FE34545A, dds, 02258250, B7B18C453EAA545E5A22D59DB8BEA06A, E754B78A0AA78CCE08B1B88DDA6C73A7324DE47020170D72113FC99F4C3CCD27 Generic.Malware/Suspicious, C:\USERS\blank\APPDATA\LOCAL\TEMP\QQEQUPYWOLZPXXGAPUIXCFNOJNZZIWY, No Action By User, 0, 392686, 1.0.68174, , shuriken, , 1A94CA857A4E6EE36137B6A1A26220FA, A4F05198D2EE505DE6BB24E008B28228320548AEB32BF8E534EC2409BD1422CF

Thank you for your help!

I did this do you want me to do anything else? Or should my machine be safe?

I restarted my pc thinking it would say my Windows Defender was enabled here is the log after and it claims both my antivirus's are off. But I am gonna provide screenshots of them being enabled. SecurityCheck.txt

I don't know why it says Windows Defender is disabled but I think it is because I ran FRST SecurityCheck.txt

Just an optional update

No, I am not experiencing any type of issue I mainly made this 1 to make sure that my pc is safe as after I fac reset after I got the infection from running the program it came back. Then I was told by a friend to format my drives and reset which I did so I just wanted to make sure it was gone. Also possibly a malware researcher to take that malware and expose what it does and how to get rid of it, or add it to Malwarebytes as a detection since I have seen posts about that same folder C:\ProgramData\MM(the rest of the letters).

Updated logs of FRST after that log from Acronis Addition.txt FRST.txt

Here is the log from Acronis Tool AcronisVSSDoctorReport_2021-07-01-19-14-04.txt

I actually ran the Macrium Reflect and not the Acronis VSS Doctor let me run the Acronis VSS Doctor

Can you send a link to the Macrium Reflect tool I need to run since it doesn't seem that the Acronis tool worked.

I ran the Acronis tool and it opened for a couple seconds said "Press 'OK' to re-register Microsoft VSS components and update the Microsoft Shadow Software Provider registry entry" so I clicked "OK" it says "Registering VSS" then closes. Here are my FRST logs after running that tool. Yes I did restart my pc before running the FRST program. FRST.txt Addition.txt

Alright here they are I was asleep so sorry for the late response. FRST.txt Addition.txt

I want to post this again because I redid it because I had smartscreen on when I did the fixlist.txt thing. Unlike the first time I did it for some reason when it restarted my pc it came up with like a security alert before creating the fixlog.txt onto my desktop. Fixlog.txt

eset.txt

Sorry the msert took a while and for some reason said Infections detected:2 but then when it actually finished and I went to the msert.log says "No infection found." but he is the log regardless. msert.log

I forgot to say about the driver thing, I am not having any issue I just like to keep them up to date just to keep them up to date. I additionally agree with you on the "Updating a driver just to update can potentially cause new issues or regression issues." as I sometimes update the AMD GPU driver and I have had so many issues with it.

Alright thank you for this and here is the file from doing the fix with the FRST64 Fixlog.txt