Jump to content

Velja89

Members
  • Content Count

    14
  • Joined

  • Last visited

About Velja89

  • Rank
    New Member
  1. i still get performance issues like its still here? what do u recommend?
  2. RogueKiller V12.12.14.0 (x64) [Apr 23 2018] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.16299) 64 bits version Started in : Normal mode User : Velja [Administrator] Started from : C:\Users\Velja\Downloads\RogueKiller_portable64.exe Mode : Scan -- Date : 04/25/2018 19:27:16 (Duration : 00:26:23) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 2 ¤¤¤ [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2324433294-2544714325-2939538662-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Found [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2324433294-2544714325-2939538662-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 3 ¤¤¤ [PUP.Gen0][File] C:\Windows\SECOH-QAD.exe -> Found [PUP.uTorrentAds][File] C:\Users\Velja\AppData\Roaming\uTorrent\updates\3.5.0_44050\utorrentie.exe -> Found [PUP.HackTool][Folder] C:\Program Files\KMSpico -> Found ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ST2000DM001-1ER164 +++++ --- User --- [MBR] 292dd6a4346cdff1c1d46536da51a4b7 [BSP] e03b81dd31a8cda194b5cded272bc6c3 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 610000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1249282048 | Size: 1297727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: CT250BX100SSD1 +++++ --- User --- [MBR] cf427fbfa987ca038dda3a4a5e5ae52b [BSP] 63786a92ea3ee08448f4a2cd989c933a : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 236619 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 484804608 | Size: 863 MB 3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 486574080 | Size: 888 MB User = LL1 ... OK User = LL2 ... OK
  3. yes malwarebytes is blocking advance system care ( i cant install it) and for the bitcoin this, this moring was here and now when i scan its not, so i am hella confused
  4. it keeps blocking advancesystem care (program), idk why is flaging his an unwanted and also this bitcoin thing is coming back. So either i do fresh windows install or i try to fix this somehow. What do you recommend? EDIT: this - https://www.iobit.com/en/advancedsystemcarefree.php
  5. and its finished, this is the result -------------------------------------------------------------------------------------------------- 2018-04-24 21:54:37.364 Sophos Virus Removal Tool version 2.6.1 2018-04-24 21:54:37.364 Copyright (c) 2009-2017 Sophos Limited. All rights reserved. 2018-04-24 21:54:37.364 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them. 2018-04-24 21:54:37.364 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64 2018-04-24 21:54:37.364 Checking for updates... 2018-04-24 21:54:37.379 Update progress: proxy server not available 2018-04-24 21:54:44.767 Option all = no 2018-04-24 21:54:44.767 Option recurse = yes 2018-04-24 21:54:44.767 Option archive = no 2018-04-24 21:54:44.767 Option service = yes 2018-04-24 21:54:44.767 Option confirm = yes 2018-04-24 21:54:44.767 Option sxl = yes 2018-04-24 21:54:44.770 Option max-data-age = 35 2018-04-24 21:54:44.770 Option vdl-logging = yes 2018-04-24 21:54:44.777 Customer ID: 094260ca9b3af99f9d4a3909fc47a743 2018-04-24 21:54:44.777 Machine ID: 80417943a926460f9c7e36320dcdbdc6 2018-04-24 21:54:44.778 Component SVRTcli.exe version 2.6.1 2018-04-24 21:54:44.778 Component control.dll version 2.6.1 2018-04-24 21:54:44.778 Component SVRTservice.exe version 2.6.1 2018-04-24 21:54:44.778 Component engine\osdp.dll version 1.44.1.2286 2018-04-24 21:54:44.778 Component engine\veex.dll version 3.68.6.2286 2018-04-24 21:54:44.778 Component engine\savi.dll version 9.0.7.2286 2018-04-24 21:54:44.778 Component rkdisk.dll version 1.5.31.1 2018-04-24 21:54:44.778 Version info: Product version 2.6.1 2018-04-24 21:54:44.780 Version info: Detection engine 3.68.6 2018-04-24 21:54:44.780 Version info: Detection data 5.46 2018-04-24 21:54:44.780 Version info: Build date 11/28/2017 2018-04-24 21:54:44.780 Version info: Data files added 746 2018-04-24 21:54:44.780 Version info: Last successful update (not yet updated) 2018-04-24 21:54:55.283 Downloading updates... 2018-04-24 21:54:55.284 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1 2018-04-24 21:54:55.284 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2018-04-24 21:54:55.284 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2018-04-24 21:54:55.284 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=] 2018-04-24 21:54:55.284 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=] 2018-04-24 21:54:55.284 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=] 2018-04-24 21:54:55.284 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I49502] sdds.data0910.xml: found supplement IDE549 LATEST path= baseVersion= [included from product IDE548 LATEST path=] 2018-04-24 21:54:55.284 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE549 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE549 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I49502] sdds.data0910.xml: found supplement IDE550 LATEST path= baseVersion= [included from product IDE549 LATEST path=] 2018-04-24 21:54:55.284 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE550 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE550 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I49502] sdds.data0910.xml: found supplement IDE551 LATEST path= baseVersion= [included from product IDE550 LATEST path=] 2018-04-24 21:54:55.284 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE551 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE551 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I49502] sdds.data0910.xml: found supplement IDE552 LATEST path= baseVersion= [included from product IDE551 LATEST path=] 2018-04-24 21:54:55.284 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE552 LATEST path= 2018-04-24 21:54:55.284 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE552 LATEST path= 2018-04-24 21:54:55.285 Update progress: [I49502] sdds.data0910.xml: found supplement IDE553 LATEST path= baseVersion= [included from product IDE552 LATEST path=] 2018-04-24 21:54:55.285 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE553 LATEST path= 2018-04-24 21:54:55.285 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE553 LATEST path= 2018-04-24 21:54:55.285 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2018-04-24 21:54:56.228 Update progress: [I19463] Syncing product SAVIW32 LATEST path= 2018-04-24 21:54:56.228 Update progress: [I19463] Product download size 178991033 bytes 2018-04-24 21:54:59.117 Update progress: [I19463] Syncing product IDE547 LATEST path= 2018-04-24 21:54:59.117 Update progress: [I19463] Product download size 4521286 bytes 2018-04-24 21:54:59.792 Update progress: [I19463] Syncing product IDE548 LATEST path= 2018-04-24 21:54:59.792 Update progress: [I19463] Product download size 3541768 bytes 2018-04-24 21:55:00.401 Update progress: [I19463] Syncing product IDE549 LATEST path= 2018-04-24 21:55:00.401 Update progress: [I19463] Product download size 4830037 bytes 2018-04-24 21:55:01.020 Update progress: [I19463] Syncing product IDE550 LATEST path= 2018-04-24 21:55:01.020 Update progress: [I19463] Product download size 2760469 bytes 2018-04-24 21:55:01.255 Update progress: [I19463] Syncing product IDE551 LATEST path= 2018-04-24 21:55:01.255 Update progress: [I19463] Product download size 2676611 bytes 2018-04-24 21:55:04.246 Update progress: [I19463] Syncing product IDE552 LATEST path= 2018-04-24 21:55:04.246 Update progress: [I19463] Product download size 506870 bytes 2018-04-24 21:55:05.979 Update progress: [I19463] Syncing product IDE553 LATEST path= 2018-04-24 21:55:06.012 Installing updates... 2018-04-24 21:55:06.614 Error level 1 2018-04-24 21:55:10.610 Update successful 2018-04-24 21:55:19.292 Option all = no 2018-04-24 21:55:19.292 Option recurse = yes 2018-04-24 21:55:19.292 Option archive = no 2018-04-24 21:55:19.292 Option service = yes 2018-04-24 21:55:19.292 Option confirm = yes 2018-04-24 21:55:19.292 Option sxl = yes 2018-04-24 21:55:19.295 Option max-data-age = 35 2018-04-24 21:55:19.295 Option vdl-logging = yes 2018-04-24 21:55:19.303 Customer ID: 094260ca9b3af99f9d4a3909fc47a743 2018-04-24 21:55:19.303 Machine ID: 80417943a926460f9c7e36320dcdbdc6 2018-04-24 21:55:19.303 Component SVRTcli.exe version 2.6.1 2018-04-24 21:55:19.303 Component control.dll version 2.6.1 2018-04-24 21:55:19.303 Component SVRTservice.exe version 2.6.1 2018-04-24 21:55:19.303 Component engine\osdp.dll version 1.44.1.2286 2018-04-24 21:55:19.304 Component engine\veex.dll version 3.68.6.2286 2018-04-24 21:55:19.304 Component engine\savi.dll version 9.0.7.2286 2018-04-24 21:55:19.304 Component rkdisk.dll version 1.5.31.1 2018-04-24 21:55:19.304 Version info: Product version 2.6.1 2018-04-24 21:55:19.305 Version info: Detection engine 3.68.6 2018-04-24 21:55:19.305 Version info: Detection data 5.46 2018-04-24 21:55:19.305 Version info: Build date 11/28/2017 2018-04-24 21:55:19.305 Version info: Data files added 830 2018-04-24 21:55:19.305 Version info: Last successful update 4/24/2018 11:55:10 PM 2018-04-24 22:31:07.849 Could not open C:\hiberfil.sys 2018-04-24 22:37:01.699 Could not open C:\swapfile.sys 2018-04-24 22:37:17.841 Could not open C:\Users\Velja\AppData\Local\Google\Chrome\User Data\Default\Current Session 2018-04-24 22:37:17.841 Could not open C:\Users\Velja\AppData\Local\Google\Chrome\User Data\Default\Current Tabs 2018-04-24 22:41:51.638 Could not open C:\Windows\System32\config\BBI 2018-04-24 22:41:51.651 Could not open C:\Windows\System32\config\DRIVERS 2018-04-24 22:41:51.657 Could not open C:\Windows\System32\config\RegBack\DEFAULT 2018-04-24 22:41:51.658 Could not open C:\Windows\System32\config\RegBack\SAM 2018-04-24 22:41:51.658 Could not open C:\Windows\System32\config\RegBack\SECURITY 2018-04-24 22:41:51.659 Could not open C:\Windows\System32\config\RegBack\SOFTWARE 2018-04-24 22:41:51.660 Could not open C:\Windows\System32\config\RegBack\SYSTEM 2018-04-24 22:57:05.988 >>> Virus 'Mal/Generic-S' found in file F:\Download Igre\3DMGAME-Dishonored.2-3DM\Dishonored2\stp-dh2.exe 2018-04-24 22:57:05.989 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2018-04-24 22:57:05.989 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2018-04-24 23:06:59.904 Could not open LOGICAL:0006:00000000 2018-04-24 23:06:59.907 Could not open G:\ 2018-04-24 23:07:00.274 The following items will be cleaned up: 2018-04-24 23:07:00.274 Mal/Generic-S
  6. well how bad is it? can we clean it or will i have to do a fresh windows install?
  7. # ------------------------------- # Malwarebytes AdwCleaner 7.1.0.0 # ------------------------------- # Build: 04-12-2018 # Database: 2018-04-24.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 04-24-2018 # Duration: 00:00:07 # OS: Windows 10 Pro # Scanned: 40722 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S08].txt ########## THe Sophos is ongoing and it will take few hours, when its done i am going to post it Fixlog.txt
  8. HunterPro and zemana. Like i said Malwarebytes is my main product that i use. Any way, do you think i can delete bitcoinminer for ever or it will keep coming back?
  9. Hi, yes i do use Malwarebytes as my main protection but i installed those two just to see if they cant detect something more or less. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/24/18 Scan Time: 9:40 PM Log File: 49cf1d6f-47f7-11e8-9d99-fcaa142d1d00.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.4862 License: Trial -System Information- OS: Windows 10 (Build 16299.371) CPU: x64 File System: NTFS User: DESKTOP-B53ND1E\Velja -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 329574 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 2 min, 25 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 RiskWare.BitCoinMiner, C:\USERS\VELJA\APPDATA\LOCAL\EXPLORER DATA\000001N.ZIP, Quarantined, [912], [467508],1.0.4862 Physical Sector: 0 (No malicious items detected) (end) --------------------------------------------------------------------------------------------------------------------------------------------------- Can you tell me why Malwarebytes cant detect SysWOW64 but HitmanPro can ? (as seen on picture below) Addition.txt
  10. Hi, recently i have been annoyed by this pop up(picture below) a lot, i tried deleting it in Windows Safe mode but it keep coming back in different folder. Now strange thing is malwarebytes keep detecting it and quarantine it but every time i turn my pc on, he is back. I do get performance issues, but strangely others malware products such as "zemana" and "Hitmanpro" never detects it. Another things that i dont understand is both of those two detect "syswow64" but malwayrebytes dont (syswow64 keeps getting delete every time and every time i turn my pc on he is back, same as bitcoinminer thing). I dont want to do fresh windows reinstall. Please help.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.