Windows 10: trojan:msil/r77rootkit.a!mtb detect by my laptop please suggest me what will need to get...

trojan:msil/r77rootkit.a!mtb detect by my laptop please suggest me what will need to get rid of it

:)

 

Trojan and Malware

2/21/2022 5:28:49 AM

Files scanned: 1217349

Detected files: 43

Cleaned files: 43

Total scan time 06:50:37

Scan status: Finished

C:\$SysReset\AppxLogs\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\$SysReset\CloudImage\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\$SysReset\Logs\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\$SysReset\MDM\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\$SysReset\Scratch\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\$SysReset\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Aomei\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Boot\sm_da\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Boot\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\PI\PI.xBAD PowerShell/Kryptik.D trojan cleaned by deleting



C:\LDPlayer\LDPlayer4.0\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\LDPlayer\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\MobiMoverBackup\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\NVIDIA\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\OneDriveTemp\S-1-5-21-2131174034-2530422207-1368632259-1001\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\OneDriveTemp\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Program Files\Wondershare\Wondershare Filmora\WsAP-Filmora.dll a variant of Win64/HackTool.Crack.W potentially unsafe application cleaned by deleting



C:\Program Files\Wondershare\Wondershare Filmora - Copy\WsAP-Filmora.dll a variant of Win64/HackTool.Crack.W potentially unsafe application cleaned by deleting



C:\Program Files (x86)\****-GoldBerg\****\OnlineFix64.dll a variant of Win64/HackTool.Crack.AA potentially unsafe application cleaned by deleting



C:\Riot Games\League of Legends\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Riot Games\Riot Client\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Riot Games\VALORANT\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Riot Games\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\SWSetup\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\temp\TxGameDownload\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\temp\{AA7C2609-F5C3-4F2D-85D0-97C700C016B3}\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\temp\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\text\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Users\TSKY\AppData\Local\VirtualStore\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Users\TSKY\Desktop\Ready.Or.Not.v17900.Early.Access\Ready Or Not\ReadyOrNot\Binaries\Win64\Custom.dll a variant of Win64/HackTool.Crack.AD potentially unsafe application cleaned by deleting



C:\Users\TSKY\Desktop\Ready.Or.Not.v17900.Early.Access\Ready Or Not\ReadyOrNot\Binaries\Win64\OnlineFix64.dll a variant of Win64/HackTool.Crack.AA potentially unsafe application cleaned by deleting



C:\Users\TSKY\Downloads\Ready_or_Not_Fix_Repair_Steam_V3_Generic\ReadyOrNot\Binaries\Win64\Custom.dll a variant of Win64/HackTool.Crack.AD potentially unsafe application cleaned by deleting



C:\Users\TSKY\Downloads\Ready_or_Not_Fix_Repair_Steam_V3_Generic\ReadyOrNot\Binaries\Win64\OnlineFix64.dll a variant of Win64/HackTool.Crack.AA potentially unsafe application cleaned by deleting



C:\Users\TSKY\Downloads\Windows 10_Digital_License\BIN\slc.dll Win32/HackTool.WinActivator.AL potentially unsafe application cleaned by deleting



C:\Users\TSKY\Downloads\Windows 10_Digital_License\Windows 10 Digital License Activation Script.cmd Win32/HackTool.WinActivator.AI potentially unsafe application cleaned by deleting



C:\Users\TSKY\Downloads\BrowserSetup_b0zz0i5.exe a variant of Win32/CryptoTab.A potentially unwanted application cleaned by deleting



C:\Users\TSKY\Downloads\counter-strike-1-6.exe a variant of Win32/GameHack.ANF potentially unsafe application cleaned by deleting



C:\Users\TSKY\Downloads\windows.cmd BAT/RiskWare.HackTool.WinActivator.A application cleaned by deleting



C:\Users\TSKY\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Windows \System32\_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Windows \_readme.txt MSIL/Filecoder.ANG trojan deleted



C:\Xamp Premium\_readme.txt MSIL/Filecoder.ANG trojan deleted



D:\_readme.txt MSIL/Filecoder.ANG trojan deleted

 

windows defender detects but cant remove Trojan msil crypinject C!MIL.....

C:\Users\Admin\Downloads\krnl\krnlss.exe

Trojan msil cryptinject C!MIL

I cant get windows defender to remove/quarantine this virus, any help would be appreciated.

 

Trojan Detected in OneDrive

Can I just make an observation here?

From your pic, it appears that the executable OneDrive.exe has been flagged as a virus. This sounds like a FP (false positive) to me.

I would suggest you upload that file to VirusTotal website and see what comes up there.

I have the same file on my system in the same location and it's 536KB. I do not use OneDrive on this particular machine.

I do not think you are infected with anything. Did TDSSKiller find anything on that file?