Web protection Block notices 2miners[.]com

[WolfByte]

I have the same exact problem.

[WolfByte]

I've recently been having issues with gaming performance, and my cpu/gpu temps going abnormally high. I've also been getting a notification from malwarebytes saying its blocking something due to Trojan.

Scanning malwarebytes does nothing.

 

I suspect this tojan virus has merged with windows files. Please assist.

[WolfByte]

Seems to have infected chrome, or renamed itself 

[1PW]

Hello @WolfByte and :

 While you are waiting for the next qualified/approved malware removal expert helper to weigh in on your topic, and even though you may have run one or more of its following procedural steps, please carefully follow the instructions within the following:

I am infected - What do I do now?

 Remember, please be certain to attach (not Copy and Paste) the three (3) resultant report files in your next reply to this topic.

Thank you.

[WolfByte]

Here's the Farbar results. I'll upload the MB scan when it's done.

Addition.txt FRST.txt

[WolfByte]

ScanMB.txt

[Maurice Naggar]

Hello  @WolfByte

I will guide you along on looking for remaining malware. Lets keep these principles as we go along.

• Removing malware can be unpredictable
• Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
• Only run the tools I guide you to.
• Do not run online games while case is on-going. Do not do any free-wheeling web-surfing.
• The removal of malware isn't instantaneous, please be patient.
• Cracked or or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure.
• Please stick with me until I give you the "all clear".
• If your system is running Discord, please be sure to Exit out of it while this case is on-going.

Please  set File Explorer to SHOW ALL folders, all files, including Hidden ones.  Use OPTION ONE or TWO of this article
Please use this Guide

This here you can start & once it is under way, you can leave the machine alone & let it run over-night. No need to keep watch once it starts the actual scan run. 

Next, This will be a check with ESET Onlinescanner for viruses, other malware, adwares, & potentially unwanted applications.

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

 

It will start a download of "esetonlinescanner.exe"

• Save the file to your system, such as the Downloads folder, or else to the Desktop.
• Go to the saved file, and double click it to get it started.

 

• When presented with the initial ESET options, click on "Computer Scan".
• Next, when prompted by Windows, allow it to start by clicking Yes
• When prompted for scan type, Click on Full scan

Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button.

• Have patience. The entire process may take an hour or more. There is an initial update download.

There is a progress window display. You may step away from machine &. Let it be.  That is, once it is under way, you should leave it running.  It will run for several hours.

• At screen "Detections occured and resolved" click on blue button "View detected results"
• On next screen, at lower left, click on blue "Save scan log"
• View where file is to be saved. Provide a meaningful name for the "File name:"
• On last screen, set to Off (left) the option for Periodic scanning
• Click "save and continue"
• Please attach the report file so I can review

[Maurice Naggar]

Hello @WolfByte  All your posts are combined here in this topic-thread. Regretfully, the topic subject line is different. In any event, this Topic here is your case. Just only reply to this topic. I will guide you.

[WolfByte]

I'm unable to run the scan, the program closes almost instantly after running for a few seconds, and also closes other program along with it such as steam, tempcore, razer, and corsair software. I tried closes everything beforehand, and problem still persist.

Also, I did a windows reset using the windows 10 recovery option last night, and had the same trojan block notification after a few hours of using the pc. I then redid the recovery again, and scanned my pc with another anti virus which detected malware on msiafterburner install. I'm now no longer getting the prevoiusly posted notification from malwrebytes as of now.

[Maurice Naggar]

Are you indicating that you downloaded & saved ESET Onlinescanner;  but it could not start at all?  Any abort / fail message from Windows ?

I would like a report set for review.   This is a report only.

Please download MALWAREBYTES MBST Support Tool

Once you start it click Advanced >>> then   Gather Logs

 Have patience till the run has finished.

Upload an archive once it is done. Attach the mbst-grab-results.zip from the Desktop.

• Please attach  mbst-grab-results.zip    to your reply

[WolfByte]

Yes I downloaded/Saved ESET Onlinescanner, but once opened for a few seconds the software closes with no warnings/Errors.

 

mbst-grab-results.zip

[Maurice Naggar]

Question: You have run a Kaspersky tool on your own?  If yes, what did it find?
Question: You have used Roguekiller On your own ?  Did you change anything ?
Please do not make changes on your own without checking with me first.
Please do not get or run other 'tools' on your own.
If you have questions or issues, please ask me / let me know first.

Next actions:
( 1 )
Take these actions so that Windows 11 is set to show all hidden files and folders.
Open File Explorer from the taskbar.

Select View > Show > Hidden items.

Select View → Show → File name extensions

( 2 )
Start Malwarebytes. Click Settings ( gear ) icon. Next, lets make real sure that Malwarebytes does NOT register with Windows Security Center

Click the Security Tab. Scroll down to

"Windows Security Center"

Click the selection to the left  for the line "Always register Malwarebytes in the Windows Security Center".
{ We want that to be set as Off   .... be sure that line's  radio-button selection is all the way to the Left.  thanks. }

This will not affect any real-time protection of the Malwarebytes for Windows    😃.

Close Malwarebytes.

( 3 )
This next custom-fix is mainly intended to run Windows' SFC & DISM to check the system for integrity. To clear tempoirary cache on Edge & Chrome. To attempt to check the system with Microsoft Defender antivirus. It will also attempt a number of stranded / no-use Tasks shown as "no filepath".
This is not a cure-all. Rather, it is meant as general check & cleanup.

This custom script is for  WolfByte  machine  only / for this machine only.

• Please save the (attached file named) FIXLIST.txt   to the   Downloads   folder

Fixlist.txt <<< - - - - -

Please be sure to Close any open work files, documents,  any apps you started yourself  before starting this. THIS run will do a Windows RESTART. Once it starts it will auto-close any other running app.

We will use FRSTENGLISH.exe  on the Downloads folder  {C:\Users\Alex\Downloads\FRST64.exe }    to run a custom script .    The system will be rebooted after the script has run. 

Start the Windows Explorer and then, go  to the Downloads    folder.

RIGHT click on FRSTENGLISH.exe    and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run.

•    If the tool warns you the version is outdated, please download and run the updated version.
• IF Windows prompts you about running this, select YES to allow it to proceed.
• IF you get a block message from Windows about this tool......

               click line More info information on that screen
               and click button Run anyway on next screen.

• on the FRST window:

Click the Fix button just once, and wait.

PLEASE have patience when this starts. You will see a green progress bar start. Lots of patience.  Please attach the Fixlog.txt with your next reply. 

[WolfByte]

Answer 1: No, I ran another anti virus tool before you responded.

Answer 2: No.

The changes I did that was mentioned on tuesday was done after my post, and before your respond. I havent gotten any pop up block from Malwarebytes since then.

I'll be away for a few days. Once I returned ill follow your next steps.

Thank you, and I appreciate the help!

[Maurice Naggar]

I will look forward to the result of the run.

[Maurice Naggar]

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks