Slime Rancher Cheat Table

[Latanya Hariri]

GetSlime Rancher Trainers and cheats for Steam, Xbox, Epic Games, and GOG with the WeMod app. Slime Rancher is a first-person, sandbox experience. Play as young rancher who sets out for a life a thousand light years away. Each day will present new challenges and risky opportunities as you attempt to amass a great fortune in the business of slime ranching.

Hello, Ive somehow found myself infected with some kind of malware I've never seen before. I was gifted a game from a friend which came from a code, the site the code went on was some foreign text filled site, and In retrospect looked less than reputable. I think I got phished and that the code wasn't to a game he purchased for me, but a directory to malware. I've only known this friend for a short period, and we haven't gotten along, so I wouldn't doubt it if he is the source of this problem. Maybe I was just stupid in downloading what seemed like a gifted game.(Edit- I used translator on a .txt file from the folder of the game, and can confirm the game is from a pirating site which was advertised in the .txt. I was unaware of this fact while downloading it, and DO NOT support piracy, I'm very angry at myself for believing a "gift code" could give me a free game and will not do so again.) The virus from this "Gift" seems to have rooted itself in my fontdrvhost.exe and can't be deleted. I've isolated what file it is, and deleted the "game" and all of its files from my computer, with only the undeletable file remaining. For the record, I did go through a installation process for the game, so I think that's how I got infected. The virus, or the file that can't be deleted no matter what I try, is a ".TTE File". Ive tried to delete it multiple times through different methods like safemode and such to no avail, I would either get "is in use in a program" or "you don't have permission". I only got "you don't have permission" once after many tries, the rest were Programs in Use. I eventually used windows process explorer to find what process was hooking onto it, and I found the fontdrvhost.exe is what it was seemingly latched onto. I've tried multiple methods since then to try and rid myself of the file, and cannot find a way to do so. I've also tried scanning it with Avira and Malwarebytes Pro and have gotten nowhere, as the programs don't seem to recognize it as a threat.. I've definitely learned my lesson on Downloading anything anyone sends me over the internet. Apparently you can't even trust your friends anymore, as I've been unable to contact him since I went through the process, and believe this to be a sort of revenge for recent mishaps in our relationship. Sorry for the off topic mentions, please help me through this foolish problem of mine.

Hi,

Thanks for posting in the Malware Removal for Windows Help forum. Being infected is not fun and can be very frustrating to resolve, but don't worry because we have a team of experts here help you!!

Note: Please be patient. When the site is busy it can take up to 48 hours before a malware removal helper can assist you. If no one has replied to your new topic after 48 hours please contact a Moderator or Administrator to let them know.

First, if you haven't done so, please run a Threat Scan with the latest version of Malwarebytes. This may resolve your malware infection issue without the need for additional support. Click "Reveal Hidden Contents" below for details:

Next, if you're still experiencing issues after running Malwarebytes, then technical logs will be required to assist you. Click "Reveal Hidden Contents" below and follow the instructions to run the Farbar Recovery Scan Tool:

Please download the Farbar Recovery Scan Tool here and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

Finally, attach the Malwarebytes Threat Scan, FRST.txt and Additional.txt logs to your reply and Follow this topic to get notified when an expert has replied. Click "Reveal Hidden Contents" below for details.

Note: If you are unable to attach files, please copy and past the contents of the requested files in your Reply instead.

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

After posting your new post, make sure you click the Follow button near the top right of this page, and select the option "An email when new content is posted Change how the notification is sent" so that you're alerted by email when someone has replied to your post.

Thank you so much for the speedy reply, My logs are below, I included a safemode scan I did just before posting this thread as a bonus, the logs you requested will be found below that.

Here is the export from a full scan I did in safemode before starting the thread, it ended moments ago after an hr or so.

Thanks once more for the fast response

The files you requested are apparently some sort of anti cheat for a game, thought I don't know which they are for.

As of right now, my main concern is the file listed below, which is currently undeletable from my computer since the assumed phishing attempt by my "friend".

It came with the install, and is the only remnant of whatever it is I installed left on my computer, and so far I'm still unable to remove it.

Virus total pings it as clear, but whatever the problem is, it's seemingly immune to deletion. I've tried clearing it through a shred program, removing it's permissions, safemode booting, etc.

I'm honestly at a loss..

Thanks for the update. Can you give full navigational address for moonstone.TTE and i`ll see if it will move with FRST. Also regarding the cheat files that VT gives all clear, do you want those files and services removing...?

The directory of whatever this crap is, is this

D:\C\Program Files (x86)\Imouto Paradise 3\Game\妹ぱらだいす３\res

The file is inside the final folder

And I did some research on the origin on those anticheat files, and apparently they are from a game called Warface that I installed a while back.

I suppose I am fine with them being there since anticheats have a bad habit of sticking around after you uninstall a game, I'm kind of used to the annoyance..

Feel free to give me directions on how to remove them so that I may do so if need be in the future, but I'd like to focus on removing the previous file mentioned on my PC.

Thanks again

The cheat entries you mention really should be removed from your system asap. At present I have seen several infected systems where the origin seems to come from hidden entries related to "LLC Mail.Ru"

Is this correct for the entry you want removing: D:\C\Program Files (x86)\Imouto Paradise 3\Game\妹ぱらだいす３\res\moonstone.TTE or would you want the parent folder removing..?

Hello Kevin,

I removed the game, and the mail.ru stuff associated with said game. I did not have any extensions or things that seemed malicious as seen on the guide, just the files you found associated with a game called Warface. Yes that is the correct directory of the moonstone.TTE I need removed, it's the only file remaining inside of those folders so it is what's preventing deletion of the folder.

Please help me get rid of the moonstone.TTE

Thank you.

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

I got an "invalid file path" Syntax error when trying to execute the script.

I'll repeat the directory just incase, D:\C\Program Files (x86)\Imouto Paradise 3\Game\妹ぱらだいす３\res

I believe the problem may be in the Asian text beforehand, but I don't know, I'm not an expert.

(edit) this symbol "" inside of the file path is much larger than a normal ! symbol is, when I highlight it with my mouse it's very large within the file path. It seems to be an error in fonts because my computer doesn't recognize whatever was written. That may be the source of the problem.

I`m not really sure why the Syntax error happened, i`ve never used a script with Asian text before so I guess that could be the problem. FRST read it ok so we can try with FRST via the recovery environment.

Call me Candy - She/Her - Aspec Sapphic Queer - Fandoms: d&d, the cosmere, critical role, percy jackson, hades, slime rancher, hollow knight, and a staggering amount of kid's cartoons - occasionally does art - profile pic edited by me

3a8082e126