Jump to content

jamiewlh

Members
  • Posts

    14
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. thanks for sorting this out man i appreciate all the help you given me
  2. constantly changing PID and this only happens when i open a game in steam
  3. https://www.virustotal.com/en/file/3aae5239f951e29497d759326bdc23e19644b763dc5661ca4e4980418195c37d/analysis/1481091940/ https://www.virustotal.com/en/file/3aae5239f951e29497d759326bdc23e19644b763dc5661ca4e4980418195c37d/analysis/1481092256/
  4. how would i go about uploading steam to the site to be scanned?
  5. I have had steam installed for 2 years so 2012 makes no sense what so ever
  6. i didn't have a fixlog added to my desktop so no idea where that is
  7. thats all of them hope you figure this out buddy Addition.txt AdwCleaner[C0].txt FRST.txt JRT.txt AdwCleaner[S0].txt
  8. # AdwCleaner v6.030 - Logfile created 01/12/2016 at 10:40:37 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-10-18.1 [Local] # Operating System : Windows 7 Professional Service Pack 1 (X64) # Username : Jamie - JAMIE-PC # Running from : C:\Users\Jamie\Desktop\AdwCleaner.exe # Mode: Clean # Support : hxxps://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Jamie\AppData\LocalLow\avg web tuneup [-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search [-] Folder deleted: C:\ProgramData\AVG Secure Search [-] Folder deleted: C:\ProgramData\AVG Security Toolbar [-] Folder deleted: C:\ProgramData\avg web tuneup [#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search [#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Security Toolbar [#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup [-] Folder deleted: C:\Program Files (x86)\avg web tuneup [-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup ***** [ Files ] ***** [-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml [#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml [#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE [-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 [-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj [-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1 [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7} [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Key deleted: HKU\S-1-5-21-2345269712-2798079661-2258478838-1001\Software\AVG Tuneup [#] Key deleted on reboot: HKCU\Software\AVG Tuneup [-] Key deleted: HKLM\SOFTWARE\AVG Tuneup [#] Key deleted on reboot: [x64] HKCU\Software\AVG Tuneup [-] Key deleted: HKU\S-1-5-21-2345269712-2798079661-2258478838-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL [-] Key deleted: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol [-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh [-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin [#] Key deleted on reboot: HKLM\SOFTWARE\Classes\protocols\handler\viprotocol [-] Key deleted: HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion ***** [ Web browsers ] ***** [-] [C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: uk.ask.com [-] [C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: bmkckgpgekmanipelfidlhmkfcjicion ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [6627 Bytes] - [01/12/2016 10:40:37]
  9. bit coin miner for steam c:programfiles x86\steam\steam.exe and always changes pid can't seem to get rid of this whatever I do this thing self replicates and I have tried avg, superantispyware and malawarebytes and this thing is still here and activates whenever i open any game from steam. uninstalling steam is not gonna happen either I have 198 games
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.