Jump to content

CoffeeMcCoffee

Members
  • Posts

    11
  • Joined

  • Last visited

Posts posted by CoffeeMcCoffee

  1. 5 hours ago, Maurice Naggar said:

    Thanks. This report is very good. To date, there is no malware here. We can wrap up this case.
    Let's go ahead and do some clean-up work and remove the tools and logs we've run.
    Please download KpRm by kernel-panik and save it to your desktop.

    • right-click kprm_(version).exe and select Run as Administrator.
    • Read and accept the disclaimer.
    • When the tool opens, ensure all boxes under Actions are checked.
    • Under Delete Quarantines select Delete Now, then click Run.
    • Once complete, click OK.
    • A log will open in Notepad titled kprm-(date).txt.
    • You may attach that file to your next reply. (not compulsory)

    Delete mb-support-1.8.7.918.exe
    Delete mbst-grab-results.zip on the Desktop. 

    kprm-20230510080920.txtHere's the log:

  2. 1 hour ago, Maurice Naggar said:

    I have a few more suggestions for you. The first set is per the findings of SecurityCheck report. There are 8 programs that are out of date & insecure. They need upodates.
    Microsoft Visual Studio Code (User) v.1.77.3  Warning! Download Update

    TreeSize Free V4.6.2 (64 bit) v.4.6.2  Warning! Download Update

    WinRAR 6.11 (64-bit) v.6.11.0  Warning! Download Update

    Discord v.1.0.9012  Warning! Download Update

    Audacity 3.2.2 v.3.2.2  Warning! Download Update

    HandBrake 1.5.1 v.1.5.1  Warning! Download Update

    Opera GX Stable 97.0.4719.89 v.97.0.4719.89  Warning! Download Update

    Brave v.112.1.50.121  Warning! Download Update

    Your pc has the trial mode of Malwarebytes. We need to insure that Microsoft Defender antivirus is on and Enabled.
    ( A )
    Start Malwarebytes. Click Settings ( gear ) icon. Next, lets make real sure that Malwarebytes does NOT register with Windows Security Center

    Click the Security Tab. Scroll down to

    "Windows Security Center"

    Click the selection to the left  for the line "Always register Malwarebytes in the Windows Security Center".
    { We want that to be set as Off   .... be sure that line's  radio-button selection is all the way to the Left.  thanks. }

    This will not affect any real-time protection of the Malwarebytes for Windows    😃.

    Close Malwarebytes.

    ( B )
    I also would appreciate this report:

    Download   Farbar's Service Scanner utility

    and Save to your Desktop.

    Right-Click on fss.exe and select Run As Administrator.

    Answer Yes to ok when prompted.

    If your firewall then puts out a prompt, again, allow it to run.

    Once FSS is on-screen, be sure the following items are check-marked:

    • Internet Services
      Windows Firewall
      System Restore
      Security Center/Action Center
      Windows Update
      Windows Defender
      Other services

      

    Click on "Scan".

    It will create a log (FSS.txt) in the same directory the tool is run.   Please attach that file.  

    Here's the log:

    FSS.txt

  3. 6 hours ago, Maurice Naggar said:

    Alright. Please re-run SecurityCheck.exe. Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"   and reply YES to allow to run & go forward
    Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file.  Attach it with your next reply.
    You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

    Here's the log:

    SecurityCheck.txt

  4. 1 hour ago, Maurice Naggar said:

    Hello. Per the SecurityCheck report these apps need your follow-up and action.
    Git v.2.37.1  Warning! Download Update

    Java 8 Update 51 (64-bit) v.8.0.510  Warning! Download Update
    Uninstall old version and install new one (jre-8u351-windows-x64.exe).

    Adobe Creative Cloud v.4.0.1.188  Warning! Download Update

    Bitdefender Agent RedLine Service (bdredline_agent) - The service has stopped. QUESTION: Do you have a paid license for BitDefender ??

    Winaero Tweaker v.1.40.0.0 Warning! Suspected demo version. Computer experts no longer recommend this program.

    I'm going to uninstall some of these programs, I don't need some of them. Also, No, I don't have a paid version of BidDefender, I have tested the free version only.

  5. 14 hours ago, Maurice Naggar said:

    Thanks for the Fixlog. I have not seen indicators of any malicious coinminer. I am going to list 2 further tasks.

    (1)

    One other scan here.

    TrendMicro HouseCall scan
    https://www.trendmicro.com/en_us/forHome/products/housecall.html

    First, Download & Save to your Downloads folder the appropriate HouseCallLauncher
    Once the download is complete, go to where the Housecalllauncher is saved & double-click it to start it.

    The program will check with TrendMicro & do a update run.

    Next it will show the Disclosure window.

    Click Next to proceed.

    The end user license agreement is presented.   Click the Accept radio button & click Next to proceed.

    I suggest a CUSTOM scan on C drive.

    IF you wish a Full scan or a Custom scan, first click on the Settings

    then you can select which drives you want to include in the scan.

    The default is a Quick scan.

    Click Scan now when ready.

    The scan progress will then be displayed.   Monitor the progress or just leave it alone until it finishes this phase.

    When the scan phase has completed, if any items are tagged, you will see a list, showing  the file & its location, the classification of the threat, the type, risk, and Action option.

    If you see an item that you know is safe, you can click the Action  , and select Ignore.

    When all done & ready, click the Fix now button.

    ( 2 )

    Temporarily disable Microsoft SmartScreen to download the next software below 

    I would recommend getting a readout report as to update status of some key apps.
    Download SecurityCheck by glax24 from here

    and save the tool on the desktop.

                       If Windows's  SmartScreen block that with a message-window, then
                             Click on the MORE INFO spot and over-ride that and allow it to proceed.

                                 This tool is safe.   Smartscreen is overly sensitive.

    Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"   and reply YES to allow to run & go forward
    Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file.  Attach it with your next reply.
    You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

    When all done, you may go back to turn ON the EDGE Smartscreen protection.

     

    SecurityCheck.txt Here's the SecurityCheck log:

  6. 2 hours ago, Maurice Naggar said:

    Please run this special purpose custom script. Read all of this before you start. Please Close all open work.

    Please download the attached fixlist.txt file and save it to Downloads folder   

    Fixlist.txt 12.96 kB · 2 downloads  < - - -

    NOTE. It's important that both files, FRSTENGLISH.exe, and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

    IF the FRST64 ( Farbar FRST) issues a error message when you start this tak-run, then Please Stop and let me know the "error exception message", then wait for me to make a new reply.

    Use File Explorer to go to the Downloads folder

    RIGHT-Click on   FRSTENGLISH and select

    RUN as Administrator

    and reply YES to allow it to go forward to start.

    That is important so that this run has Elevated Administrator rights !!

    NEXT press the Fix button just once and wait.
    If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
    The tool will make a log on the Downloads folder (Fixlog.txt) . 

    Note: If the tool warned you about an outdated version please download and run the updated version.

    The system will be rebooted after the fix has run. Attach FIXLOG.txt with next reply.

    Fixlog.txtHere's the log:

  7. Hello, I suspect that i have a crypto mining malware in my laptop, Everynow and then the cpu usage spikes a little, 20% to 35% I've tried several tools to analyze the malware, Tried scanning on MalwareBytes, but found no threats. But, I still suspect there is a crypto-mining malware in my machine, How can i be sure that there's no crypto-jacking malware in my machine?

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.