Jump to content

sabertooth15

Members
  • Content Count

    10
  • Joined

  • Last visited

About sabertooth15

  • Rank
    New Member
  1. As of now, I don't see anything obviously wrong anymore. Thank you so much for the help, I appreciate it! Are there any programs that you recommend I run to potentially find/clean up any remnants that may not be obvious?
  2. Seems like whatever was causing the problem is gone (not getting popups from MWB telling me it blocked the miner with realtime scanning on), which is great, so thank you for that! Only thing left is potentially harmful files and settings that have been evading a majority of scanners. newest_malwarebytes_report.txt FRST.txt Addition.txt
  3. Seems it detected the miner file again, however it may have spawned again during the fixing process. I know there are other files and settings that are harmful that I still have. For example, in Windows/SysWOW64, there is a fake conhost64.exe file that comes up as a trojan on virustotal.com, but clean to MalwareBytes. Would there be any way to check if any settings or remnant files exist? http://prntscr.com/j53clz http://prntscr.com/j53co2 new_malwarebytes_report.txt
  4. I'll run the McAfee removal tool again, restart, and then use the fixlist file
  5. Yeah I quarantined + removed it after; that's the file that gets spawned every hour or so and is the only one that gets detected by Malwarebytes (I ran FRST after removing the file MWB found and restarted)
  6. Uninstalled the programs you requested and went through the steps. All logs are attached. malwarebytes_results.txt AdwCleaner[C00].txt AdwCleaner[S00].txt FRST.txt Addition.txt
  7. PC got infected with an extremely hard to remove malware. It keeps creating a fake conhost.exe file in Windows/SysWOW64, as well as fake Adobe folders in AppData/Local. No rootkit/AV/Anti Malware program has been able to detect it. It starts up shortly after the PC boots, and its presence is known as soon as MalwareBytes blocks the RiskWare.BitCoinMiner process while doing live scans. The source of this process still cannot be found/cleaned, only the BitCoinMiner process it starts up every hour or so. It will close a majority of programs that run with cmd prompt, will close the browser when trying to search for specific keywords, and tries to blue screen if the user attempts to close or restart the PC. It doesn't seem to run in safe mode. After the malware "starts", FRST keeps getting closed whenever I try to launch it. Should I try to get the logs as soon as my PC boots (before the malware has a chance to start up), or should I get the logs in safe mode? Any help is appreciated!
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.