FNKLM
Honorary Members-
Posts
32 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
It seems to be doing good, no more crashes or weird behaviour has happened. Thank you so much for the help and expertise. From your point of view everything seems fine with the computer right? -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Now it worked, no crash. Log attached. Fixlog.txt -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Hello again, here is the log. Fixlog.txt -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Done, attached the log Fixlog.txt -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Hello, no I did not search with all the options. But I corrected it now. Here it is Farbar Service Scanner Version: 30-04-2023 Ran by Windows (administrator) on 05-03-2024 at 19:13:55 Running from "C:\Users\Windows\Downloads" Microsoft Windows 11 Home (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Policy: ======================== Security Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\Drivers\netbt.sys => File is digitally signed C:\Windows\System32\Drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\afd.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Windows\System32\usosvc.dll => File is digitally signed C:\Windows\System32\WaaSMedicSvc.dll => File is digitally signed C:\Windows\System32\dosvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\Windows\System32\ipnathlp.dll => File is digitally signed C:\Windows\System32\iphlpsvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log **** -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Farbar Service Scanner Version: 30-04-2023 Ran by Windows (administrator) on 05-03-2024 at 17:58:13 Running from "C:\Users\Windows\Downloads" Microsoft Windows 11 Home (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\Drivers\netbt.sys => File is digitally signed C:\Windows\System32\Drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\afd.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log **** FSS.txt -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Did not work, the computer crashed again. The screen turned black with only the mouse pointer visible and not respondent at all. Fixlog.txt -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Hello, here is the fixlog Fixlog.txt -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
I tried three times, everytime a bluescreen crashed happened directly after I pressed the fix button. -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Hi, I tried to run the fix me files and it resulted in blue screen crashes. It outputed some kind of fixlog Fixlog.txt -
Might be infected, need help to verify
FNKLM replied to FNKLM's topic in Resolved Malware Removal Logs
Thank you, Here are the requested logs. Addition.txt FRST.txt -
FNKLM started following Might be infected, need help to verify
-
Hello, I recently looked at my desktop and noticed that two folders had been copied to it. I keep my desktop empty and I have no memory of copying those folders there so its strange. In one of the folders was a copy of a third folder that is stored in a different place. So I think it is very unlikely that it was a accident. Have downloaded malwarebytes and am doing I fullscan with it. Would ask for your help do identify and remove the malware.
-
Thank you for the guide, I will try to make a clean boot between semesters. Thanks for the help!
-
Hello again, thank you for the help! The behavior is unfortunately still present. Do you know what the next step might be?
-
Hello again, here are the requested files. ADWCleaner might have found a false positive, it flagged a registry key for a software named Claro. Have visited here once before and then they connected that key to the Claro software. Since I need that software to work I have not deleted that key, other than that followed the instructions to the letter. Fixlog.txt AdwCleaner[C01].txt