yessuz
Members-
Posts
17 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by yessuz
-
BitCoin Miner removed but PC is still slow
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
Hi. Looks like better. But this is like secondary machine for now, so I will update my post If anything :) many thanks for help! -
BitCoin Miner removed but PC is still slow
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
hi. sophos came out clean SophosVirusRemovalTool.log SophosVirusRemovalTool_cloud4.log -
BitCoin Miner removed but PC is still slow
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
hi. frst ran. fixlog attaced. now runing antivirus Fixlog.txt -
BitCoin Miner removed but PC is still slow
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
yes, of course. but strangely, although I do not remember deleting the frst exe - it's gone from my system. redownloaded. Addition.txt FRST.txt -
BitCoin Miner removed but PC is still slow
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
hi. 1) MalwareBytes report below: --------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 11/6/18 Scan Time: 12:11 PM Log File: 069e836c-e1bd-11e8-bf82-3085a92838ed.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.482 Update Package Version: 1.0.7717 License: Free -System Information- OS: Windows 10 (Build 17134.345) CPU: x64 File System: NTFS User: JOLANTOS2\Jolanta -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 388812 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 56 min, 21 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 RiskWare.GameHack, C:\PROGRAM FILES (X86)\ARTIFEX MUNDI\ENIGMATIS - THE MISTS OF RAVENWOOD\STEAM_API.DLL, Quarantined, [7810], [305544],1.0.7717 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) ------------------------------------------------------------------------------- 2) AdwCleaner logs: # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-05.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 11-06-2018 # Duration: 00:00:14 # OS: Windows 10 Home # Scanned: 32052 # Detected: 2 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** PUP.Optional.Legacy Ask Jeeves PUP.Optional.Legacy Ask Jeeves ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-05.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 11-06-2018 # Duration: 00:00:00 # OS: Windows 10 Home # Cleaned: 1 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Not Deleted Ask Jeeves Deleted Ask Jeeves ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1303 octets] - [06/11/2018 12:01:18] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## 3) frst and addition files attached Addition.txt FRST.txt -
So, I had my pc fixed some time ago and feel good now. But.. took my daughter's pc (!!) and tried to use it for some time, and found the PC was slow.. So used Malwarebytes and it found the BitCoin miner installed. I have successfully removed it, but symptoms still persist. Laptop performs reasonably well soon after the reboot, but it really slows down after half an hour or so. Laptop is with i5, 8gb ram, SSD. so stuff should fly on it... anyway. I think I know WHERE i got the miner from (github rep with software, made with java... yep) but I still find that PC turns slow even after the removal Windows 10 home 64 bit Please help!
-
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
nope. all sound and clear. thanks! -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
I do not torrent executables, all are media files also, all files are stored in one location for easy management :/ anyhow, thanks for the support! Highly appreciated! -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
looks like OK is there any way to find the source, how it got in? Fixlog.txt -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
yup. probably messed up. here's the full one. Addition.txt FRST.txt -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
here you are Addition.txt FRST.txt -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
yes, please find it attached. by the way, I have found the suspicious folder (location of the file in the first post) and deleted it manually. No negative effect on system... BUT - interistingly - where it does come from. scan report.txt -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
well, ran report - 0 threats found... -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
did it today and pc was clear... but I kinda need to understand where it comes from -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
many thanks! -
RiskWare.BbitCcoinMiner.Themida re-appears
yessuz replied to yessuz's topic in Resolved Malware Removal Logs
bump.. anyone? -
Hi. I have win 10 (x64). Recently noticed that laptop fans are spinning almost all the time and battery drain is HUGE. So, I downloaded MalwareBytes, scanned and found the RiskWare.BbitCcoinMiner.Themida. I quarantined and removed it... Some time later it re-appeared... screenshot attached. I also downloaded the FRST64. files attached. Addition.txt FRST.txt Please help me to get rid of it and, if possible, find the source...