Jump to content

yessuz

Members
  • Posts

    17
  • Joined

  • Last visited

Everything posted by yessuz

  1. Hi. Looks like better. But this is like secondary machine for now, so I will update my post If anything :) many thanks for help!
  2. hi. sophos came out clean SophosVirusRemovalTool.log SophosVirusRemovalTool_cloud4.log
  3. hi. frst ran. fixlog attaced. now runing antivirus Fixlog.txt
  4. yes, of course. but strangely, although I do not remember deleting the frst exe - it's gone from my system. redownloaded. Addition.txt FRST.txt
  5. hi. 1) MalwareBytes report below: --------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 11/6/18 Scan Time: 12:11 PM Log File: 069e836c-e1bd-11e8-bf82-3085a92838ed.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.482 Update Package Version: 1.0.7717 License: Free -System Information- OS: Windows 10 (Build 17134.345) CPU: x64 File System: NTFS User: JOLANTOS2\Jolanta -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 388812 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 56 min, 21 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 RiskWare.GameHack, C:\PROGRAM FILES (X86)\ARTIFEX MUNDI\ENIGMATIS - THE MISTS OF RAVENWOOD\STEAM_API.DLL, Quarantined, [7810], [305544],1.0.7717 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) ------------------------------------------------------------------------------- 2) AdwCleaner logs: # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-05.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 11-06-2018 # Duration: 00:00:14 # OS: Windows 10 Home # Scanned: 32052 # Detected: 2 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** PUP.Optional.Legacy Ask Jeeves PUP.Optional.Legacy Ask Jeeves ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-05.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 11-06-2018 # Duration: 00:00:00 # OS: Windows 10 Home # Cleaned: 1 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Not Deleted Ask Jeeves Deleted Ask Jeeves ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1303 octets] - [06/11/2018 12:01:18] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## 3) frst and addition files attached Addition.txt FRST.txt
  6. So, I had my pc fixed some time ago and feel good now. But.. took my daughter's pc (!!) and tried to use it for some time, and found the PC was slow.. So used Malwarebytes and it found the BitCoin miner installed. I have successfully removed it, but symptoms still persist. Laptop performs reasonably well soon after the reboot, but it really slows down after half an hour or so. Laptop is with i5, 8gb ram, SSD. so stuff should fly on it... anyway. I think I know WHERE i got the miner from (github rep with software, made with java... yep) but I still find that PC turns slow even after the removal Windows 10 home 64 bit Please help!
  7. I do not torrent executables, all are media files also, all files are stored in one location for easy management :/ anyhow, thanks for the support! Highly appreciated!
  8. looks like OK is there any way to find the source, how it got in? Fixlog.txt
  9. yup. probably messed up. here's the full one. Addition.txt FRST.txt
  10. yes, please find it attached. by the way, I have found the suspicious folder (location of the file in the first post) and deleted it manually. No negative effect on system... BUT - interistingly - where it does come from. scan report.txt
  11. did it today and pc was clear... but I kinda need to understand where it comes from
  12. Hi. I have win 10 (x64). Recently noticed that laptop fans are spinning almost all the time and battery drain is HUGE. So, I downloaded MalwareBytes, scanned and found the RiskWare.BbitCcoinMiner.Themida. I quarantined and removed it... Some time later it re-appeared... screenshot attached. I also downloaded the FRST64. files attached. Addition.txt FRST.txt Please help me to get rid of it and, if possible, find the source...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.