Jump to content
Yax

Have issue with EpicNet Inc, Bitcoinminer and Trojan.Agent

Recommended Posts

My desktop has been infected by what I think is a malware called "CloudNet Inc", Bitcoinminer" and "Trojan.Agent".

When I run Malwarebtyes 3.6.1 i have 8 file name "RiskWare.BitCoinMiner" on my AppData\ and when i run AdwCleaner i have 3 file Trojan.Agent onmy C:Windows\rss and 2 file PUP.OptionalGlupteba on mt AppData\ (i can't delete). i also try to disable unknow program in my starup and uninstall my mozilla.

I have no idea what to do now. Help!
 

AdwCleaner[S09].txt

Addition.txt

FRST.txt

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove this program in bold via the Control Panel > Programs > Programs and Features.
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
Your copy is not signed and could be compromised.
If you need it please download the latest version from this site.
https://www.cpuid.com/
===

You're using an old compromised version of Java. If you do need it then I would suggest uninstalling your current version and keeping it up to date at all times. https://java.com
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
You can do this later when all is well.
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings
===

If AdwCleaner is still reporting the 3 items it may be a Sync issue.

If you are Syncing Firefox it with other Devices remove it.
How to:
https://support.mozilla.org/en-US/kb/how-do-i-set-sync-my-computer

===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Share this post


Link to post
Share on other sites

1. Unistalling CPUID CPU-Z 1.70 >> DONE

2. Reset default browsing >>> Done

3. AdwCleaner >> Still reporting the 3 items, but i have no sync issue. ( still cant permanently delete quarentine file)

4. Syncing firefox >> have no account for sync

Note:

Sorry, I was late to check your reply. Few minute ago my friend was help me with another fixlist.txt (attachment) so i will post fixlog.txt with that condition and also post fixlog.txt. if you see something wrong with that i will grateful for trying with your fixlist.txt, by the way sorry for my english and thanks for your attantion and your time.

 

 

fixlist.txt

Fixlog.txt

AdwCleaner[C10].txt

Share this post


Link to post
Share on other sites

Hi,

For now run my fix and post the Fixlog.txt

Let me know what problem persists.

Share this post


Link to post
Share on other sites

nvm fixed it, my antivirus has quarentined the folder and i forgot to delete it (re-detect on Malwarebtyes :P)

thanks for fixlist, bye.

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.