RogueKiller Anti-Malware V14.8.6.0 [Mar 24 2021] (Premium) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.19042) 64 bits Started in : Normal mode User : Mariusz [Administrator] Started from : C:\Users\Mariusz\Downloads\RogueKiller.exe Signatures : 20210324_143238, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2021/03/29 20:28:23 (Duration : 00:07:31) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Miner.Gen (Malicious)] AutoIt3_x64.exe (9676) -- (AutoIt Consulting Ltd) C:\Users\Mariusz\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Miner.Gen (Malicious)] (AutoIt Consulting Ltd) \Services\Diagnostic -- "C:\Users\Mariusz\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe" ["C:\Users\Mariusz\AppData\Local\Disk\AutoIt3\Settings.au3"] -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> XX - Software [PUP.WinZipDiskTools (Potentially Malicious)] (X64) HKEY_USERS\.DEFAULT\Software\Nico Mak Computing -- N/A -> Found [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2384729773-2530975304-3792660739-1002\Software\IM -- N/A -> Found [PUP.WinZipDiskTools (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2384729773-2530975304-3792660739-1002\Software\Nico Mak Computing -- N/A -> Found [PUP.WinZipDiskTools (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-18\Software\Nico Mak Computing -- N/A -> Found >>>>>> XX - System Policies [PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.HackTool (Potentially Malicious)] (folder) AutoKMS -- C:\Windows\AutoKMS -> Found [Tr.Injector (Malicious)] (folder) Mxmetamux -- C:\Users\Mariusz\AppData\Roaming\Mxmetamux -> Found [PUP.OnlineIO (Potentially Malicious)] (folder) AdvinstAnalytics -- C:\Users\Mariusz\AppData\Local\AdvinstAnalytics -> Found [Miner.Gen (Malicious)] (folder) Disk -- C:\Users\Mariusz\AppData\Local\Disk -> Found [PUP.WinZipDiskTools (Potentially Malicious)] (folder) Nico Mak Computing -- C:\Users\Mariusz\AppData\Local\Nico Mak Computing -> Found [PUP.Gen1 (Potentially Malicious)] (folder) vghd -- C:\Users\Mariusz\AppData\Local\vghd -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤