Jump to content

Help resolving System Infected: Miner.Bitcoinminer Activity 7

RamSmith

By RamSmith
in Resolved Malware Removal Logs

 Share

Recommended Posts

RamSmith

RamSmith

Posted
Posted

Hello everyone,

 I hope you are doing well. 

I have been suffering from this malware Miner.Bitcoinminer Activity 7. I have followed the steps in this similar previous thread but it didn't work. The Norton notifications maybe just stopped for a while but it just came back. The attack attempts are exactly every 6 minutes. I'll try to share as much details as possible and I'd appreciate your help greatly. Thank you so much in advance.

Below is the screenshot for Norton security alert I get.

image.png.435b2aa2701cc0ebaf2cf106d7b8edc0.png

 

image.thumb.png.e4843851c7386c8c4350455716daffd8.png

 

System information:
OS: Microsoft Windows 10 Pro N
Version: 10.0.17763 Build 17763
System Type x64-based PC
Secure Boot state On
PCR7 Configuration Binding Not Possible
Windows Directory C:\Windows
System Directory C:\Windows\system32
Boot Device  \Device\HarddiskVolume2

 

Please let me know what do I need to share or do in order to get rid of it. I'd really appreciate any kind of help and once again thank you everyone.

 

image.png

Link to post
Share on other sites
nasdaq

nasdaq

Posted
Posted

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Your FRST.TXT log is not complete.

Please post it again and make sure you copy and past the complete log.
===

If the  Norton Notifications are a nuisance they can be stopped.
How To

https://www.howtogeek.com/291934/how-to-disable-nortons-notifications-and-bundled-software/

Link to post
Share on other sites
nasdaq

nasdaq

Posted
Posted

Hi,

Remove this program in bold via the Control Panel > Programs > Programs and Features.
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)

===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

There is an error in your Hosts file.

This entry

127.0.0.1 www.elephantafiles.com127.0.0.1 live.virtualdj.com

It should look llike this.

127.0.0.1 www.elephantafiles.com
127.0.0.1 live.virtualdj.com

The Hosts file (no extension) is located in this folder in bold.
C:\WINDOWS\SYSTEM32\DRIVERS\ETC

The file is also hidden.
Unhide the file.
How To:
http://windows.microsoft.com/en-ca/windows/show-hidden-files#show-hidden-files=windows-7
<<<>>>

Open the file with Notepad and do the change.
Save the File when completed.

===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Link to post
Share on other sites
  • 4 weeks later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.