MalwareManiac

Fixlog.txt

As already indicated, he is my father and was helping with this problem. Please close it.

This is RevGAM. He's at school, so I'm helping him. When I run it, I immediately get an error: Here's the log. SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21] WebSite: www.safezone.cc DateLog: 03.01.2023 11:04:27 Path starting: C:\Users\reveu\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: reveu VersionXML: 10.35is-31.12.2022 ___________________________________________________________________________ Windows 11(6.3.22621) (x64) Professional Release: 22H2 Lang: English(0409) Installation date OS: 15.10.2022 23:46:53 LicenseStatus: Windows(R), Professional edition The machine is permanently activated. Boot Mode: Normal Default Browser: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe SystemDrive: C: FS: [NTFS] Capacity: [930.8 Gb] Used: [202.8 Gb] Free: [728 Gb] ------------------------------- [ Windows ] ------------------------------- User Account Control enabled (Level 3) Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Malwarebytes (enabled and up to date) Windows Defender (disabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Windows Defender Firewall (mpssvc) - The service is running ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Malwarebytes version 4.5.19.229 v.4.5.19.229 -------------------------- [ SecurityUtilities ] -------------------------- SpywareBlaster 6.0 v.6.0.0 --------------------------- [ OtherUtilities ] ---------------------------- Steam v.2.10.91.91 ------------------------------- [ Backup ] -------------------------------- Microsoft OneDrive v.22.238.1114.0002 ------------------------------- [ Browser ] ------------------------------- Microsoft Edge v.108.0.1462.54 ------------------ [ AntivirusFirewallProcessServices ] ------------------- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.1403 Malwarebytes Service (MBAMService) - The service is running C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1161 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe v.4.18.2211.5 Microsoft Defender Antivirus Service (WinDefend) - The service is running Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service has stopped ----------------------------- [ End of Log ] ------------------------------

Here's the Fixlog Fixlog.txt

I've found a suspicious hidden folder named "$WinREAgent" with another folder in it named "Scratch" which is empty. It's located in the root directory of (C:). This folder was created on 12/31/22, presumably the day of infection.

I didn't use admin mode because the instructions in the pinned "Infected" topic didn't say to. I have run it as you requested and attached the files. FRST.txt Addition.txt

Here's addition.txt from FRST. Addition.txt

The hourglass has disappeared and the fans in my computer have gotten quieter.

Windows did an update and it seemed to stun the virus so FRST was able to run. The text is attached below. FRST.txt

I used a flashdrive to transport my minecraft worlds from my old computer to my new one. My old computer is infected, which means that my old minecraft worlds got infected and the malware is now on my new computer

I also played Arsenal and Age of Heroes on Roblox.

I also followed the links from Minecraft onto Xbox and Minecraft.net

I have a new custom built computer with Windows 11. Do you need to know what hardware I have? I attached the MBAM scan log. The trojan malware won't let me run FarBar. Today, the mouse cursor started showing the hourglass blinking off-and-on rapidly. Yesterday this was not happening. Yesterday I visited account.xbox.com, xbox.com, Microsoftstore(Microsoft.com). I downloaded from the Microsoft store Minecraft launcher, Minecraft Java, and gaming services from Microsoft corp. I also played Roblox. D-Day and another game I can't quite remember. The malware is also blocking Roblox from being opened. MBAM scan log.txt