Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

PROPABLY A MALEWARE PLEASE HELP!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 22nd, 2023, 10:55 am

so recently i started getting these huge lag spikes whenever i use my pc , thanks in advance for help! :flower:
Addition.txt
FRST.txt
You do not have the required permissions to view the files attached to this post.
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am
Advertisement
Register to Remove

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby pgmigg » January 22nd, 2023, 1:36 pm

Hello nianiaxd,

Welcome to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby pgmigg » January 22nd, 2023, 8:33 pm

Hello nianiaxd,

Step 1.
Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Step 2.
TSG - SysInfo utility
  1. Please download SysInfo utility and save it to your Desktop.
  2. Right click on SysInfo.exe, select "Run As Administrator..." to run it... if UAC prompts, please allow it.
  3. Right click, select copy and then paste in your next post.

Step 3.
Run CodeCheck Scan
  1. Please download codecheck from here to your Desktop.
  2. Make sure that codecheck.exe is on the your Desktop before running the application!
  3. Right-click on codecheck.exe and select "Run as administrator..." to run it.
  4. After a very short time a codecheck.txt icon will appear on your Desktop
  5. Double-click on the codecheck.txt icon on your Desktop and copy/paste the contents in your next reply.

Then:
Please tell me is this computer used for business or educational purposes and/or connected to a business or educational network?
I need to know it - so I can provide the proper instructions.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

Don't post anything as attachments unless I will ask you about it specifically!

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of CKFiles.txt log file
  3. Contents of SysInfo scan
  4. Contents of a log created by codecheck.txt
  5. Answer to my question related to type of using of your computer

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 23rd, 2023, 11:53 am

ckscanner.txt :
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\windows\servicing\lcu\package_for_rollupfix~31bf3856ad364e35~amd64~~19041.2364.1.4\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\f\ssh-keygen.exe
c:\windows\servicing\lcu\package_for_rollupfix~31bf3856ad364e35~amd64~~19041.2364.1.4\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\r\ssh-keygen.exe
c:\windows\servicing\lcu\package_for_rollupfix~31bf3856ad364e35~amd64~~19041.2486.1.5\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\f\ssh-keygen.exe
c:\windows\servicing\lcu\package_for_rollupfix~31bf3856ad364e35~amd64~~19041.2486.1.5\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\r\ssh-keygen.exe
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\ssh-keygen.exe
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\f\ssh-keygen.exe
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\r\ssh-keygen.exe
scanner sequence 3.GL.11.SSLBG0
----- EOF -----
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 23rd, 2023, 11:53 am

ckscanner.txt :
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\windows\servicing\lcu\package_for_rollupfix~31bf3856ad364e35~amd64~~19041.2364.1.4\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\f\ssh-keygen.exe
c:\windows\servicing\lcu\package_for_rollupfix~31bf3856ad364e35~amd64~~19041.2364.1.4\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\r\ssh-keygen.exe
c:\windows\servicing\lcu\package_for_rollupfix~31bf3856ad364e35~amd64~~19041.2486.1.5\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\f\ssh-keygen.exe
c:\windows\servicing\lcu\package_for_rollupfix~31bf3856ad364e35~amd64~~19041.2486.1.5\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\r\ssh-keygen.exe
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\ssh-keygen.exe
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\f\ssh-keygen.exe
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.19041.964_none_9a882af90ea09cc3\r\ssh-keygen.exe
scanner sequence 3.GL.11.SSLBG0
----- EOF -----
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 23rd, 2023, 11:53 am

codecheck.txt
Codecheck Version 1.0

01023
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 23rd, 2023, 11:59 am

the link form second step doesnt work it just takes me to the website in the screenshot , and this is not a buissness/educational pourpuse computer and it is not connected to a buissnes or educational network , i also dont have any problems executing the instructions :)
You do not have the required permissions to view the files attached to this post.
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby pgmigg » January 23rd, 2023, 6:40 pm

Very good, thank you, nianiaxd!

Actually, I don't see any signs of an active infections in the logs you provided, however there are a few things that should be attended to.

Step 1.
FRST Fix
  1. Close all your programs.
  2. You should still have FRST64.exe on your Desktop. If not please download it HERE and save it on your Desktop.
  3. Hit your Windows Key + R to open a Run window
  4. Type Notepad then click OK
  5. This will open an empty Notepad document
  6. Copy/Paste the following into it (Don't include Code: Select All ) .....
Code: Select all
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {128D3331-A026-4BD0-9AF7-CE4B1F162AE3} - \Agent Activation Runtime\S-1-5-21-2007841477-1455595398-3338308244-1001 -> No File <==== ATTENTION
2023-01-20 21:10 - 2022-11-01 16:45 - 000000000 ___DC C:\rip awatary xd ;(
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6966]

EmptyTemp:
CMD: ipconfig /flushdns

  • Save it as fixlist.txt to the same location as FRST (must be in this location)
  • NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post me the log

Step 2.
ESET Online Scan
  1. Download ESET Online Scanner and save it to your desktop.
  2. Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  3. When the tool opens, click Get Started.
  4. Read and accept the license agreement.
  5. At the Welcome to ESET Online Scanner window, click Get Started.
  6. Select whether you would like to send anonymous data to ESET.
  7. Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  8. Click on the Full Scan option.
  9. Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  10. ESET will now begin scanning your computer. This may take some time.
  11. When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  12. ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  13. On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  14. Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

Then:
Please tell me in details what kind of lag spikes you can see - where, after what event, etc.
I must see an accurate and complete picture of what is happening - please remember that there are no superfluous or insignificant details.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

Don't post anything as attachments unless I will ask you about it specifically!

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the Fixlog.txt log file
  3. Contents of the eset.txt log file
  4. Details of current computer behavior

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 24th, 2023, 11:33 am

fixlog.txt :
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2023
Ran by danie (24-01-2023 15:50:28) Run:5
Running from C:\Users\danie\Desktop
Loaded Profiles: danie
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {128D3331-A026-4BD0-9AF7-CE4B1F162AE3} - \Agent Activation Runtime\S-1-5-21-2007841477-1455595398-3338308244-1001 -> No File <==== ATTENTION
2023-01-20 21:10 - 2022-11-01 16:45 - 000000000 ___DC C:\rip awatary xd ;(
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6966]

EmptyTemp:
CMD: ipconfig /flushdns
*****************

HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{128D3331-A026-4BD0-9AF7-CE4B1F162AE3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{128D3331-A026-4BD0-9AF7-CE4B1F162AE3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Agent Activation Runtime\S-1-5-21-2007841477-1455595398-3338308244-1001" => removed successfully
C:\rip awatary xd ;( => moved successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 145124052 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1102623150 B
Windows/system/drivers => 12226002 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 672 B
LocalService => 115302 B
NetworkService => 172834 B
danie => 127130968 B

RecycleBin => 2475337 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:50:52 ====
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 24th, 2023, 11:33 am

fixlog.txt :
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2023
Ran by danie (24-01-2023 15:50:28) Run:5
Running from C:\Users\danie\Desktop
Loaded Profiles: danie
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {128D3331-A026-4BD0-9AF7-CE4B1F162AE3} - \Agent Activation Runtime\S-1-5-21-2007841477-1455595398-3338308244-1001 -> No File <==== ATTENTION
2023-01-20 21:10 - 2022-11-01 16:45 - 000000000 ___DC C:\rip awatary xd ;(
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6966]

EmptyTemp:
CMD: ipconfig /flushdns
*****************

HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{128D3331-A026-4BD0-9AF7-CE4B1F162AE3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{128D3331-A026-4BD0-9AF7-CE4B1F162AE3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Agent Activation Runtime\S-1-5-21-2007841477-1455595398-3338308244-1001" => removed successfully
C:\rip awatary xd ;( => moved successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 145124052 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1102623150 B
Windows/system/drivers => 12226002 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 672 B
LocalService => 115302 B
NetworkService => 172834 B
danie => 127130968 B

RecycleBin => 2475337 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:50:52 ====
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 24th, 2023, 11:33 am

eset.txt
24/01/2023 16:29:27
Files scanned: 501278
Detected files: 13
Cleaned files: 13
Total scan time 00:30:17
Scan status: Finished
C:\FRST\Quarantine\C\Users\Public\b.exe.xBAD a variant of MSIL/ClipBanker.UI trojan cleaned by deleting

C:\FRST\Quarantine\C\Users\Public\d.exe.xBAD Win32/HackTool.Agent.EK potentially unsafe application cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services BITBHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services BITCHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services BITDHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services BITMHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services BITUHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services CUBHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services CUCHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services CUDHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services CUMHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DirectX\Services CUUHosted.xBAD VBS/TrojanDownloader.Agent.WBQ trojan cleaned by deleting

D:\setup-lightshot.exe a variant of Win32/Yandex.K potentially unwanted application cleaned by deleting
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 24th, 2023, 11:37 am

the lag spikes will slow the computer down for a short period of time making it impossible to switch tabs , the cursor will move very slowly or sometimes not even move at all , other times it will tab out of the window that im curently using to my desktop show my cursor in the middle of the screen and tab back to the window i was using
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby pgmigg » January 24th, 2023, 11:07 pm

Hello nianiaxd,

Please do one more scan with ADWCleaner.

  1. Download ... ADWCleaner
  2. Follow these ... Instructions ... for how to use it.
    • Do not select any of your pre-installed programs for removal
  3. Please post me a copy of the logfile produced.
    • Click on the Log Files tab
    • Double click on the logfile listed and it will open in Notepad
    • Copy/paste it in your next reply

Then:
Please tell me is your computer up to date with Windows Updates or you have any difficulties with them?

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

Don't post anything as attachments unless I will ask you about it specifically!

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the log file after ADWCleaner sacn
  3. Answer to my question about Windows Updates

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 25th, 2023, 10:52 am

adwcleaner logs:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-25-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2486)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [25/01/2023 15:43:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am

Re: PROPABLY A MALEWARE PLEASE HELP!!!

Unread postby nianiaxd » January 25th, 2023, 10:53 am

yes my computer is up to date with the updates
nianiaxd
Active Member
 
Posts: 11
Joined: January 22nd, 2023, 10:40 am
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 267 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware