jamiewlh
Members-
Posts
14 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
ok done thanks -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
thanks for sorting this out man i appreciate all the help you given me -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
-
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
-
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
https://www.virustotal.com/en/file/3aae5239f951e29497d759326bdc23e19644b763dc5661ca4e4980418195c37d/analysis/1481091940/ https://www.virustotal.com/en/file/3aae5239f951e29497d759326bdc23e19644b763dc5661ca4e4980418195c37d/analysis/1481092256/ -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
how would i go about uploading steam to the site to be scanned? -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
I have had steam installed for 2 years so 2012 makes no sense what so ever -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
SystemLook.txt -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
sophos found nothing but i ran it in safemode -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
okay i downloaded your file and then ran fix Fixlog.txt -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
i didn't have a fixlog added to my desktop so no idea where that is -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
thats all of them hope you figure this out buddy Addition.txt AdwCleaner[C0].txt FRST.txt JRT.txt AdwCleaner[S0].txt -
steam bitcoin virus bitcoin miner steam virus need help
jamiewlh replied to jamiewlh's topic in Resolved Malware Removal Logs
# AdwCleaner v6.030 - Logfile created 01/12/2016 at 10:40:37 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-10-18.1 [Local] # Operating System : Windows 7 Professional Service Pack 1 (X64) # Username : Jamie - JAMIE-PC # Running from : C:\Users\Jamie\Desktop\AdwCleaner.exe # Mode: Clean # Support : hxxps://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Jamie\AppData\LocalLow\avg web tuneup [-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search [-] Folder deleted: C:\ProgramData\AVG Secure Search [-] Folder deleted: C:\ProgramData\AVG Security Toolbar [-] Folder deleted: C:\ProgramData\avg web tuneup [#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search [#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Security Toolbar [#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup [-] Folder deleted: C:\Program Files (x86)\avg web tuneup [-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup ***** [ Files ] ***** [-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml [#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml [#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE [-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 [-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj [-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1 [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7} [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Key deleted: HKU\S-1-5-21-2345269712-2798079661-2258478838-1001\Software\AVG Tuneup [#] Key deleted on reboot: HKCU\Software\AVG Tuneup [-] Key deleted: HKLM\SOFTWARE\AVG Tuneup [#] Key deleted on reboot: [x64] HKCU\Software\AVG Tuneup [-] Key deleted: HKU\S-1-5-21-2345269712-2798079661-2258478838-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL [-] Key deleted: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol [-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh [-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin [#] Key deleted on reboot: HKLM\SOFTWARE\Classes\protocols\handler\viprotocol [-] Key deleted: HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion ***** [ Web browsers ] ***** [-] [C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: uk.ask.com [-] [C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: bmkckgpgekmanipelfidlhmkfcjicion ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [6627 Bytes] - [01/12/2016 10:40:37] -
bit coin miner for steam c:programfiles x86\steam\steam.exe and always changes pid can't seem to get rid of this whatever I do this thing self replicates and I have tried avg, superantispyware and malawarebytes and this thing is still here and activates whenever i open any game from steam. uninstalling steam is not gonna happen either I have 198 games