Iremoval Pro Windows

[Willy Aucoin]

Igot infected previously back in August, and I removed the bitcoin miner (I can't recall which one it is, but I don't think it was the same one.) Now, I got infected with CoinMiner and I removed it via Windows Defender. However, I think it was on my computer for a longer time than before as I noticed in my FRST/Addition logs that my defender are always stopped before completion. I have attached my latest Malwarebytes Log and my FRST and Addition log. I wasn't sure if "One Month" was supposed to be ticked in whitelist, so I uploaded both.

The computer would generally be on. I leave my computer continuously on so it should not be on sleep mode at 6AM. I don't usually log out so I rarely login (when I do have to login, I assume that windows had automatically updated.), but I use the computer regularly around 9AM EST.

The files shouldn't be there as I think Windows Defender removed them after I did a full scan. I knew there was something wrong because my mouse was stuttering and that happened previously before with a bitcoin miner malware.

Ahh. Your pc does indeed go into sleep mode after a period of inactivity. I would urge you to make it a habit to do a Windows SHUTDOWN from the main menu when you no longer need to use the computer, like each evening. Select Start and then select Power > Shut down.

It shouldn't go to sleep after inactivity as I have turned off that setting. The current setting is "Never" for sleep mode. The last bitcoin miner malware, I had to reset my Windows as it deleted/removed my Windows Defender (I don't know if the old WinSyS files might have anything to do with it). It currently has MalwareBytes active as the virus defender, and so I turned on the "Periodic Scanning", scanned for intelligence updates, and did a full scan of the C:/ drive. No threats were found. What should I do next?

I don't have Command Prompt as a shortcut there (due to the virus previously, it wouldn't let me create new folders so instead I enabled the shortcut for Windows Powershell instead and then did the fix for windows system). I opened up Command Prompt as administrator and typed in the following:

Yes, I filled in my info and email. The only downloader you get is the Scan&Clean tool. There is nothing in my email regarding this. You can try it yourself, as I only get the download for the Scan&Clean tool.

Click the selection to the left for the line "Always register Malwarebytes in the Windows Security Center".

We want that to be set as Off .... be sure that line's radio-button selection is all the way to the Left. thanks.

Thanks for the log report. The Microsoft Defender antivirus is proptecting in real-time. Its definitions are up-to-date:

AntivirusSignatureLastUpdated : 2022-01-19 1:27:01 PM

AntispywareSignatureLastUpdated : 2022-01-19 1:27:01 PM

The "boogers" that had been flagged on the 17th are no longer around.

We have run a few different scans before:

The Sophos Scan and clean

ESET Online scanner

a manual Microsoft Defender scan by you.

Malwarebytes Adwcleaner

^

Lets monitor over the next couple of days to see if Microsoft Defender flags anything over the next couple of days.

*

Meantime lets get a couple of readout reports.

Bonjour v.3.1.0.1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.

3a8082e126