Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Coin Miner Virus


  • Please log in to reply
8 replies to this topic

#1 cutex1234

cutex1234

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:31 PM

Posted 26 October 2013 - 05:09 AM

primerly i am sory about my english . i scanner my computer with pc and he founf 8 virus that i cant remove manully  what i need to do . my pc is very slow


Edited by hamluis, 26 October 2013 - 06:34 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:31 AM

Posted 26 October 2013 - 05:59 AM

Hello and we may be able to help you -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

 

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size. 
Click Go and copy / paste the result (Result.txt).

 

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

 

 

Download Malwarebytes Anti-Malware Free (a.k.a MBAM) to your desktop.
NOTE : Do not accept the Free Trial Offer at this time.
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer if requested

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

 

 

 

I'd like us to scan your machine with ESET OnlineScan

Use Internet Explorer for this scan please, as it uses ActiveX
1. Hold down Control and click on This Link to open ESET OnlineScan in a new window.
2. Click the ESET Online Scanner button.
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

- 1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2. Double click on the icon on your desktop.

4. Check "YES, I accept the Terms of Use."
5. Click the Start button.
6. Accept any security warnings from your browser.
7. Under scan settings, check "Scan Archives" and "Remove found threats"
8. Click Advanced settings and select the following:*Scan potentially unwanted applications
*Scan for potentially unsafe applications
*Enable Anti-Stealth technology
9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this Will take quite some time. (my last scan was almost 2 hours)
10. When the scan completes, click List Threats
11. Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
12. Click the Back button.
13. Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Thank You -



#3 cutex1234

cutex1234
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:31 PM

Posted 26 October 2013 - 07:12 AM

tanx alot 

bay  the way  . how i attached the log? 

and i want to say that is  the secaend time i scanner with east scanner and the virus is not removed 


Edited by cutex1234, 26 October 2013 - 07:38 AM.


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:31 AM

Posted 26 October 2013 - 03:18 PM

Hello -

You must use Copy and Paste with your answers in this area. If you do not know how to do this, I will link a Tutorial to help you.

Some logs may be long, so use 2 or more reply boxes if needed.

 

Even if it is the second time with a scanner, we like to see todays result and make sure you have done all steps correctly.

We also like to make sure all scanners are up to date.

 

Thank You -

EDIT - Link for "How to Copy and Paste" instructions/

http://www.bleepingcomputer.com/tutorials/cut-copy-and-paste-in-windows/


Edited by noknojon, 26 October 2013 - 03:22 PM.


#5 cutex1234

cutex1234
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:31 PM

Posted 26 October 2013 - 03:44 PM

/


Edited by cutex1234, 26 October 2013 - 03:46 PM.


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:31 AM

Posted 26 October 2013 - 03:48 PM

OK - Try for => Download MiniToolBox, Save it to your desktop and run it.
 



#7 cutex1234

cutex1234
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:31 PM

Posted 26 October 2013 - 04:11 PM

 
 
 
סוג הסריקה: סריקה מלאה (C:\|D:\|)
אפשרויות סריקה מופעלות: זכרון | אתחול | Registry | קובץ מערכת | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
אפשרויות סריקה מושבתות: P2P
סריקת אובייקטים: 497745
הזמן שחלף: 3 שעות, 10 דקות, 24 שניות
 
תהליכי זיכרון נגועים: 0
(לא נמצאו פריטים זדוניים)
 
זכרונות מודלים נגועים: 0
(לא נמצאו פריטים זדוניים)
 
מפתחות רישום נגועים: 0
(לא נמצאו פריטים זדוניים)
 
ערכי רישום נגועים: 0
(לא נמצאו פריטים זדוניים)
 
פריטי נתוני רישום נגועים: 0
(לא נמצאו פריטים זדוניים)
 
תיקיות נגועות: 0
(לא נמצאו פריטים זדוניים)
 
קבצים נגועים: 3
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> הוסגר ונמחק בהצלחה.
D:\Download\iLividSetup-r1154-n-bc.exe (PUP.Optional.Bandoo) -> הוסגר ונמחק בהצלחה.
D:\GoforFiles\uninstall.exe (PUP.Optional.GoForFiles.A) -> הוסגר ונמחק בהצלחה.


#8 cutex1234

cutex1234
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:31 PM

Posted 26 October 2013 - 04:13 PM

 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 10/26/2013 02:36:16 PM
Execution time: 0 hours(s), 1 minute(s), and 43 seconds(s)
0.99.74  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 21  
 Java version out of Date! 
 Adobe Reader XI  
 Google Chrome 29.0.1547.41  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 mbamscheduler.exe    
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:31 AM

Posted 26 October 2013 - 04:16 PM

Hello -

Please start from the Top of my post -

 

I set the directions so that they move how I like it

 

Thank You -

EDIT - Please ask if you have questions ......


Edited by noknojon, 26 October 2013 - 04:17 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users