Jump to content

I have deleted all of this files in am i safe now?(sry im bad in grammar)


Go to solution Solved by AdvancedSetup,

Recommended Posts

 

-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 284659

Threats Detected: 3

Threats Quarantined: 3

Time Elapsed: 16 min, 22 sec

 

-Scan Options-

Memory: Enabled

Startup: Enabled

File system: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

 

-Scan Details-

Process: 0

(No malicious items detected)

 

Module: 0

(No malicious items detected)

 

Registry Key: 1

PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mccleanupsvc, Quarantined, 2851, 257696, 1.0.89061, , ame, , , 

 

Registry Value: 1

PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mccleanupsvc|IMAGEPATH, Quarantined, 2851, 257696, 1.0.89061, , ame, , , 

 

Registry Data: 0

(No malicious items detected)

 

Data Stream: 0

(No malicious items detected)

 

Folder: 0

(No malicious items detected)

 

File: 1

Malware.AI.3287410741, C:\USERS\USER\APPDATA\ROAMING\MINNQ COM\RAIRAPP\VSTDLIB_S64.DLL, Quarantined, 1000000, -1007556555, 1.0.89061, 195D223368FB42F6C3F1E835, dds, 02995504, D6797C4641203BCD5630560F6321A42D, 2A091BE3C42D78595C38859776793DBE8074783B7171C9E4256AB2B78B5E71A7

 

Physical Sector: 0

(No malicious items detected)

 

WMI: 0

(No malicious items detected)

  • Thanks 1
Link to post
Share on other sites

Hello  @GustPie  and  :welcome:

 

My name is MKDB and I will assist you.

 

 

Let's keep these principles as we proceed. Make sure to read the entire post below first.

  • Please follow the steps in the given order and post back the log files.
  • Please attach all log files into your post.
  • Before we start, please make sure that you have an external backup, not connected to this system, of all private data.
  • Only run the tools I guide you to. Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • As English is not my native language, please do not use slang or idioms. It may be hard for me to understand.
  • If you do not respond within 4 days, your topic will be closed.
  • Cracked or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also a big source of current trojan infections. If you are running any kin of illegal software on your system, please uninstall them now, before we start the cleaning procedure.

 

 

Please run a scan with Farbar Recovery Scan Tool (FRST) by following the instrctions below:

 

Thank you!

Link to post
Share on other sites

@GustPie

Usually, private information don't get lost during malware removal process, but in a few cases the removal process can get tricky.... it's just a safety reason.

I would backup all important private data, but in the end it's up to you.

Link to post
Share on other sites

Just now, MKDB said:

@GustPie

Usually, private information don't get lost during malware removal process, but in a few cases the removal process can get tricky.... it's just a safety reason.

I would backup all important private data, but in the end it's up to you.

ok wait for me

Link to post
Share on other sites

@GustPie

Thanks for the logfiles.

Unfortunately, the file FRST.txt is incomplete.

 

Reboot your system, then run another scan with FRST and attach both logfiles again.

Edited by MKDB
Link to post
Share on other sites

@GustPie

Thanks for the updated logfiles. Enjoy your vacation!

Indeed, your logfiles still show some malware leftovers. Once you are back, I suggest to remove them with the following FRST fix.

 

 

  • Please download the attached fixlist.txt file and save it to the location where you ran FRST from ( C:\Users\User\Downloads\ ).

Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

  • Close all open programs and save your work.
  • Run FRST again.
  • Press the FIX button only once and wait.
  • Please be patient and do not interfere, even if FRST does not respond for some time. That's nothing to worry about.
  • Please note: This Fix will remove all temporary files, empty recycle bin and will remove cookies and may result in some websites indicating they do not recognize your computer. It may be necessary to receive and apply a verification code.
  • Please note: This step resets your Firewall settings and you may be asked later to grant permission for legitimate programs to pass through the Firewall. If you recognize the program, agree to the request.
  • If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart.
  • FRST will create one log now (Fixlog.txt) in the same directory the tool is run. Please attach this logfile to your next reply.

 

 

fixlist.txt

Edited by MKDB
Link to post
Share on other sites

4 hours ago, MKDB said:

@GustPie

Thanks for the updated logfiles. Enjoy your vacation!

Indeed, your logfiles still show some malware leftovers. Once you are back, I suggest to remove them with the following FRST fix.

 

 

  • Please download the attached fixlist.txt file and save it to the location where you ran FRST from ( C:\Users\User\Downloads\ ).

Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

  • Close all open programs and save your work.
  • Run FRST again.
  • Press the FIX button only once and wait.
  • Please be patient and do not interfere, even if FRST does not respond for some time. That's nothing to worry about.
  • Please note: This Fix will remove all temporary files, empty recycle bin and will remove cookies and may result in some websites indicating they do not recognize your computer. It may be necessary to receive and apply a verification code.
  • Please note: This step resets your Firewall settings and you may be asked later to grant permission for legitimate programs to pass through the Firewall. If you recognize the program, agree to the request.
  • If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart.
  • FRST will create one log now (Fixlog.txt) in the same directory the tool is run. Please attach this logfile to your next reply.

 

 

fixlist.txt 1.35 kB · 1 download

Open FRST and click fix? or scan again then fix

Link to post
Share on other sites

1 hour ago, AdvancedSetup said:

Save the FIXLIST.TXT to the same location as the Farbar program. Then open Farbar with Admin rights and click the FIX button.

Once the fix has completed and the computer restarted, please post back the FIXLOG.TXT file.

Thank you @GustPie

i have to go on vacation now i hope everything gonna be alright thank you

Fixlog.txt

Link to post
Share on other sites

  • Root Admin

Well I'm sure there is a bit more clean up before completing, but if you have to go, please have a great vacation and when you return let us know and we can continue on.

I'll go ahead and close your topic for now. When you get back, let us know when you're ready to finish up.

Cheers

 

Link to post
Share on other sites

10 minutes ago, AdvancedSetup said:

Well I'm sure there is a bit more clean up before completing, but if you have to go, please have a great vacation and when you return let us know and we can continue on.

I'll go ahead and close your topic for now. When you get back, let us know when you're ready to finish up.

Cheers

 

thank you sir am i pretty safe now?

Link to post
Share on other sites

  • Root Admin

I don't not know. Again, it will take some more scans to determine, but you said you have to leave now.

If you want us to continue and check further, please run the following and post back the logs

 

Scan with Malwarebytes
https://forums.malwarebytes.com/topic/304827-scan-with-malwarebytes/


Scan with AdwCleaner
https://forums.malwarebytes.com/topic/304822-scan-with-adwcleaner/

 

 

Scan with Farbar Recovery Scan Tool
https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/


Scan with FSS Farbar Service Scanner
https://forums.malwarebytes.com/topic/306736-scan-with-fss-farbar-service-scanner/


Scan with SecurityCheck by glax24
https://forums.malwarebytes.com/topic/307301-scan-with-securitycheck-by-glax24/

 

Thank you @GustPie

 

 

Link to post
Share on other sites

12 hours ago, AdvancedSetup said:

I don't not know. Again, it will take some more scans to determine, but you said you have to leave now.

If you want us to continue and check further, please run the following and post back the logs

 

Scan with Malwarebytes
https://forums.malwarebytes.com/topic/304827-scan-with-malwarebytes/


Scan with AdwCleaner
https://forums.malwarebytes.com/topic/304822-scan-with-adwcleaner/

 

 

Scan with Farbar Recovery Scan Tool
https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/


Scan with FSS Farbar Service Scanner
https://forums.malwarebytes.com/topic/306736-scan-with-fss-farbar-service-scanner/


Scan with SecurityCheck by glax24
https://forums.malwarebytes.com/topic/307301-scan-with-securitycheck-by-glax24/

 

Thank you @GustPie

 

 

Here you go 

Malwarebytes Scan Report 2024-09-13 124920.txt FSS.txt FRST.txt Addition.txt AdwCleaner[C00].txt SecurityCheck.txt

Link to post
Share on other sites

  • Root Admin

Thank you for the logs

 

Please make the following change in Malwarebytes if you're using the Premium or Trial version

  • Please open Malwarebytes. Click on the small gear icon to open the Settings and go to the General tab.
  • Then turn off "Always register Malwarebytes in the Windows Security Center"
  • Restart the computer

 

 

You also need to probably download the Chipset drivers for your system and install to see if you can fix these missing drivers.

 

==================== Faulty Device Manager Devices ============

Name: PCI Memory Controller
Description: PCI Memory Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Data Acquisition and Signal Processing Controller
Description: PCI Data Acquisition and Signal Processing Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

Not sure why, but Farbar triggered on this Chrome profile. I would check this out and make sure it's all valid or consider deleting it and making a new one if wanted.

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default.old2 [2024-09-13] <==== ATTENTION

 

 

Next, please do the following

 

Please Uninstall, Update, or otherwise address the following as appropriate for your computer

 

  1. 7-Zip 19.00 (x64 edition) v.19.00.00.0 Warning! Download Update | Uninstall old version and install new one.
  2. 7-Zip 24.01 (x64) v.24.01 Warning! Download Update | Uninstall old version and install new one.
  3. AnyDesk v.ad 7.0.15 Warning! Download Update
  4. iTunes v.12.10.11.2 Warning! Download Update | ^Please use Apple Software Update tool.^
  5. Microsoft Office Standard 2019 - en-us v.16.0.10361.20002 Warning! Download Update | How Install Office updates?
  6. Microsoft Office Standard 2019 - th-th v.16.0.10361.20002 Warning! Download Update | How Install Office updates?
  7. Microsoft Office Standard 2019 - th-th.proof v.16.0.10361.20002 Warning! Download Update | How Install Office updates?
  8. Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 v.14.36.32532.0 Warning! Download Update
  9. Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 v.14.34.31931.0 Warning! Download Update
  10. Microsoft Visual Studio Code (User) v.1.78.2 Warning! Download Update
  11. Python 3.8.2 (64-bit) v.3.8.2150.0 Warning! Download Update
  12. WinRAR 7.00 (64-bit) v.7.00.0 Warning! Download Update
  13. Zoom v.5.15.7 (20303) Warning! Download Update


Please Uninstall the following

---------------------------- [ UnwantedApps ] -----------------------------
Bonjour v.3.1.0.1 (This program is rarely needed on Windows, but often causes networking issues, please uninstall)


Then RESTART the computer and check for Windows Updates and install any found

 

 

 

 

Link to post
Share on other sites

  • Root Admin

You can probably copy and paste the following to see the profiles, into the address bar on Google

chrome://profile-internals/

Here is an article on more advanced cleaning of Google Chrome

 

 

Please follow the directions from the following topic for a more extensive article on cleaning Google Chrome

Resetting Google Chrome to clear unexpected issues
 

Thank you

 

  • Thanks 1
Link to post
Share on other sites

  • Root Admin

Did you get this taken care of?

 

==================== Faulty Device Manager Devices ============

Name: PCI Memory Controller
Description: PCI Memory Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Data Acquisition and Signal Processing Controller
Description: PCI Data Acquisition and Signal Processing Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Do you need any further assistance?

 

 

 

Link to post
Share on other sites

3 minutes ago, AdvancedSetup said:

Did you get this taken care of?

 

==================== Faulty Device Manager Devices ============

Name: PCI Memory Controller
Description: PCI Memory Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Data Acquisition and Signal Processing Controller
Description: PCI Data Acquisition and Signal Processing Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Do you need any further assistance?

 

 

 

i will have do it tommorrow sir

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.