CoffeeMcCoffee
-
Posts
11 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by CoffeeMcCoffee
-
-
1 hour ago, Maurice Naggar said:
I have a few more suggestions for you. The first set is per the findings of SecurityCheck report. There are 8 programs that are out of date & insecure. They need upodates.
Microsoft Visual Studio Code (User) v.1.77.3 Warning! Download UpdateTreeSize Free V4.6.2 (64 bit) v.4.6.2 Warning! Download Update
WinRAR 6.11 (64-bit) v.6.11.0 Warning! Download Update
Discord v.1.0.9012 Warning! Download Update
Audacity 3.2.2 v.3.2.2 Warning! Download Update
HandBrake 1.5.1 v.1.5.1 Warning! Download Update
Opera GX Stable 97.0.4719.89 v.97.0.4719.89 Warning! Download Update
Brave v.112.1.50.121 Warning! Download Update
Your pc has the trial mode of Malwarebytes. We need to insure that Microsoft Defender antivirus is on and Enabled.
( A )
Start Malwarebytes. Click Settings ( gear ) icon. Next, lets make real sure that Malwarebytes does NOT register with Windows Security CenterClick the Security Tab. Scroll down to
"Windows Security Center"
Click the selection to the left for the line "Always register Malwarebytes in the Windows Security Center".
{ We want that to be set as Off .... be sure that line's radio-button selection is all the way to the Left. thanks. }This will not affect any real-time protection of the Malwarebytes for Windows 😃.
Close Malwarebytes.
( B )
I also would appreciate this report:Download Farbar's Service Scanner utility
and Save to your Desktop.
Right-Click on fss.exe and select Run As Administrator.
Answer Yes to ok when prompted.
If your firewall then puts out a prompt, again, allow it to run.
Once FSS is on-screen, be sure the following items are check-marked:
-
Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender Other services
Click on "Scan".
It will create a log (FSS.txt) in the same directory the tool is run. Please attach that file.
Here's the log:
-
-
6 hours ago, Maurice Naggar said:
Alright. Please re-run SecurityCheck.exe. Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward
Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file. Attach it with your next reply.
You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txtHere's the log:
-
Okay, I will uninstall BitDefender, Malwarebytes Premium is on and active with Real-Time Protection.
-
1 hour ago, Maurice Naggar said:
Hello. Per the SecurityCheck report these apps need your follow-up and action.
Git v.2.37.1 Warning! Download UpdateJava 8 Update 51 (64-bit) v.8.0.510 Warning! Download Update
Uninstall old version and install new one (jre-8u351-windows-x64.exe).Adobe Creative Cloud v.4.0.1.188 Warning! Download Update
Bitdefender Agent RedLine Service (bdredline_agent) - The service has stopped. QUESTION: Do you have a paid license for BitDefender ??
Winaero Tweaker v.1.40.0.0 Warning! Suspected demo version. Computer experts no longer recommend this program.
I'm going to uninstall some of these programs, I don't need some of them. Also, No, I don't have a paid version of BidDefender, I have tested the free version only.
-
14 hours ago, Maurice Naggar said:
Thanks for the Fixlog. I have not seen indicators of any malicious coinminer. I am going to list 2 further tasks.
(1)
One other scan here.
TrendMicro HouseCall scan
https://www.trendmicro.com/en_us/forHome/products/housecall.htmlFirst, Download & Save to your Downloads folder the appropriate HouseCallLauncher
Once the download is complete, go to where the Housecalllauncher is saved & double-click it to start it.The program will check with TrendMicro & do a update run.
Next it will show the Disclosure window.
Click Next to proceed.
The end user license agreement is presented. Click the Accept radio button & click Next to proceed.
I suggest a CUSTOM scan on C drive.
IF you wish a Full scan or a Custom scan, first click on the Settings
then you can select which drives you want to include in the scan.
The default is a Quick scan.
Click Scan now when ready.
The scan progress will then be displayed. Monitor the progress or just leave it alone until it finishes this phase.
When the scan phase has completed, if any items are tagged, you will see a list, showing the file & its location, the classification of the threat, the type, risk, and Action option.
If you see an item that you know is safe, you can click the Action , and select Ignore.
When all done & ready, click the Fix now button.
( 2 )
Temporarily disable Microsoft SmartScreen to download the next software below
I would recommend getting a readout report as to update status of some key apps.
Download SecurityCheck by glax24 from hereand save the tool on the desktop.
If Windows's SmartScreen block that with a message-window, then
Click on the MORE INFO spot and over-ride that and allow it to proceed.This tool is safe. Smartscreen is overly sensitive.
Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward
Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file. Attach it with your next reply.
You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txtWhen all done, you may go back to turn ON the EDGE Smartscreen protection.
SecurityCheck.txt Here's the SecurityCheck log:
-
2 hours ago, Maurice Naggar said:
Please run this special purpose custom script. Read all of this before you start. Please Close all open work.
Please download the attached fixlist.txt file and save it to Downloads folder
Fixlist.txt 12.96 kB · 2 downloads < - - -
NOTE. It's important that both files, FRSTENGLISH.exe, and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.
IF the FRST64 ( Farbar FRST) issues a error message when you start this tak-run, then Please Stop and let me know the "error exception message", then wait for me to make a new reply.
Use File Explorer to go to the Downloads folder
RIGHT-Click on FRSTENGLISH and select
RUN as Administrator
and reply YES to allow it to go forward to start.
That is important so that this run has Elevated Administrator rights !!
NEXT press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Downloads folder (Fixlog.txt) .Note: If the tool warned you about an outdated version please download and run the updated version.
The system will be rebooted after the fix has run. Attach FIXLOG.txt with next reply.
Fixlog.txtHere's the log:
-
-
I have run Malwarebytes multiple times, A quick scan and a custom scan, I also ran Avira, Windows Defender Offline Scan, Kaspersky, and Norton, and also Hitmanpro64 + Roguekiller +TDSSKILLER.
And yes i had run each of those recently on my own.
Here is the MSERT log, the scan took about 3 hours, 2,000,000 files were scanned.
It showed that my computer is completely safe. -
Here are the logs:
-
1
-
-
Hello, I suspect that i have a crypto mining malware in my laptop, Everynow and then the cpu usage spikes a little, 20% to 35% I've tried several tools to analyze the malware, Tried scanning on MalwareBytes, but found no threats. But, I still suspect there is a crypto-mining malware in my machine, How can i be sure that there's no crypto-jacking malware in my machine?
Is my laptop infected with a cryptojacker?
in Resolved Malware Removal Logs
Posted
kprm-20230510080920.txtHere's the log: