Jump to content

Google Update Task Machine QC a bitcoin miner


Recommended Posts

@tsuki123

Although I will not be directly assisting you, a malware removal expert will be along to assist after you do the following.

Let's get the info to get the process started. Be aware it will take many steps and scans to fully remove malware.

Please respond to all future instructions from your helper in a timely manner.

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process

Then follow each step in the order provided. Unless otherwise asked, please attach all logs

 

Please make the following system changes: Please pay close attention the the instructions in all of the following links.

  • If you have not done so already - Enable System Protection and create a NEW System Restore Point  <<<<< Important.
  • Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed
  • Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed
  • Disable-Fast-Startup   Windows 8 and newer only <<<<< Important.
  • Show-Hidden-Folders-Files-Extensions

Please run the following scans: Please pay close attention the the instructions in all of the following links.

  1. Click the following link and run a  Scan with AdwCleaner
  2. Click the following link and run a  Scan with Malwarebytes
       RESTART the computer <<<<< Important.
  3. Click the following link and run a  Scan with Farbar Recovery Scan Tool 

Example image of where to click to attach files when posting your reply

image.thumb.png.e208c182ff570799c53bcf57

Then be patient for the next expert to take your case. <<<<< Important.

 

Thank you

Link to post
Share on other sites

Hello  @tsuki123  and  :welcome:

 

My name is MKDB and I will assist you.

 

 

Let's keep these principles as we proceed. Make sure to read the entire post below first.

  • Please follow the steps in the given order and post back the log files.
  • Please attach all log files into your post.
  • Before we start, please make sure that you have an external backup, not connected to this system, of all private data.
  • Only run the tools I guide you to. Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • As English is not my native language, please do not use slang or idioms. It may be hard for me to understand.
  • If you do not respond within 4 days, your topic will be closed.
  • Cracked or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also a big source of current trojan infections. If you are running any kin of illegal software on your system, please uninstall them now, before we start the cleaning procedure.

 

 

Please give me some time to review what you have posted!

Thank you!

Link to post
Share on other sites

@tsuki123

Unfortunately there is evidence of illegal software on your computer.
I am going to request you completely uninstall and remove all programs and all other products/folders/files for which you do not have a valid Product Key, including all "cracked" software.

Quote

Ableton Live 11 Suite (HKLM-x32\...\{1f0fb310-1ad9-441c-83bd-7e82c426db15}) (Version: 11.0.0.0 - Ableton)

Antares Auto-Tune bundle (HKLM\...\Antares Auto-Tune bundle_is1) (Version: 9.1.0 - Antares & Team V.R)
Antares Auto-Tune Pro (64-bit) (HKLM\...\{BDD7A150-34AB-4913-8CB8-56282DD84BB4}) (Version: 9.1.0 - Antares Audio Technologies)

Arturia Pigments (HKLM\...\Pigments_is1) (Version: 2.0.1.837 - Arturia & Team V.R)

iZotope Meter Tap 3 (HKLM\...\Meter Tap 3_is1) (Version: 1.0.4 - iZotope)
iZotope Nectar 3 (HKLM\...\Nectar 3_is1) (Version: 3.8.0 - iZotope)
iZotope Ozone 9 Advanced (HKLM\...\Ozone 9 Advanced_is1) (Version: 9.0 - iZotope & Team V.R)
iZotope Relay (HKLM-x32\...\Relay) (Version: 1.0.4 - iZotope, Inc.)
iZotope RX 8 Breath Control (HKLM\...\RX 8 Breath Control_is1) (Version: 8.6.0 - iZotope)
iZotope Tonal Balance Control 2 (HKLM-x32\...\Tonal Balance Control 2) (Version: 2.0.1 - iZotope, Inc.)

Microsoft Office профессиональный плюс 2016 - ru-ru (HKLM\...\ProPlusRetail - ru-ru) (Version: 16.0.17928.20114 - Microsoft Corporation)

Native Access 3.1.0 (HKU\S-1-5-21-3121602436-638458503-4154510473-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.1.0 - Native Instruments)
Native Instruments Creator Tools (HKLM-x32\...\Native Instruments Creator Tools) (Version: 1.5.2.0 - Native Instruments)
Native Instruments Guitar Rig 7 (HKLM\...\Guitar Rig 7 Pro_is1) (Version: 7.0.2 - Native Instruments & Team V.R)
Native Instruments Kontakt 7 (HKLM-x32\...\Native Instruments Kontakt 7) (Version: 7.10.6.0 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.9.1.0 - Native Instruments)


Nexus (HKLM\...\Nexus_is1) (Version: 4.5.4 - reFX & Team V.R)

ShaperBox v2.1.0 (HKLM\...\ShaperBox 2_is1) (Version: 2.1.0 - CableGuys & Team V.R)

Valhalla DSP bundle 2021.4 (HKLM\...\ValhallaDSP bundle_is1) (Version: 2021.4 - Valhalla DSP, LLC & Team V.R)
Valhalla DSP Valhalla Delay (HKLM\...\Valhalla Delay_is1) (Version: 2.5.0 - Valhalla DSP)
Valhalla DSP Valhalla VintageVerb (HKLM\...\Valhalla VintageVerb_is1) (Version: 1.7.1 - Valhalla DSP)
ValhallaFreqEcho version 1.0.5 (HKLM-x32\...\{86164718-6457-42DE-8DB6-EA05F7045F2C}_is1) (Version: 1.0.5 - Valhalla DSP, LLC)

 

As already said in my first post:
Cracked or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also a big source of current trojan infections. If you are running any kind of illegal software on your system, please uninstall them now, before we start the cleaning procedure.

 

More information here:

 

Thanks for your understanding!

Edited by MKDB
Link to post
Share on other sites

@tsuki123

Once you have uninstalled/removed all of these pirated software components, let me know and we start the malware removal process.

After you remove anything illegal, I hope we won't find anything like this again. So make sure that every crap is gone.

Thank you again!

 

Edited by MKDB
Link to post
Share on other sites

Due to the lack of feedback, I do not follow this topic any longer.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection.

Thank you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.