DuckFX

Scan did not remove MinerD files, but I think removed the MinerD startup Program, I deleted the MinerD files, rebooted, and voila! Its not there anymore! Computer working properly! Thank you Malware-bytes! Thank you AdvancedSetup!

PS: I know the file Location of MinerD, (Ps it says Remove Selected, I didn't press it because I wasn't sure so I'll let you decide) Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/23/2016 Scan Time: 10:01 AM Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.11.23.09 Rootkit Database: v2016.11.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Amaury J-D Scan Type: Threat Scan Result: Completed Objects Scanned: 337510 Time Elapsed: 17 min, 16 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 30 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [f4c1ffc40892b77f752e674300035fa1], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [f4c1ffc40892b77f752e674300035fa1], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [f4c1ffc40892b77f752e674300035fa1], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\REI_AxControl.ReiEngine, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\REI_AxControl.ReiEngine, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\REI_AxControl.ReiEngine.1, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\REI_AxControl.ReiEngine.1, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKU\S-1-5-21-285063949-4146897881-553778616-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, , [6b4ad9ead1c910260edf0393ad56f808], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, , [457018ab08925fd714dad9bd2ad92bd5], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, , [c8edb013702a9c9a568bb1e58f74d927], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [862f8f34c8d2d3638820c9e1be45b44c], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, , [793c0db62a70979f41a0bed82fd420e0], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [6a4b4a797e1c2b0b2385feacce35ec14], PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, , [cce96360aeec78be1b9de4d3e91a0df3], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, , [0ca99231c7d3a19526bb1284b64d5ca4], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [2d88457e554577bfe7c1a00ab64d669a], PUP.Optional.Reimage, HKU\S-1-5-21-285063949-4146897881-553778616-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., , [9b1a23a0c8d21d19905b2a6ca95aef11], PUP.Optional.Reimage, HKU\S-1-5-21-285063949-4146897881-553778616-1001\SOFTWARE\REIMAGE\PC REPAIR, , [ad08a81bd6c4a195ec00ade9986bd32d], Registry Values: 4 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [862f8f34c8d2d3638820c9e1be45b44c] PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [6a4b4a797e1c2b0b2385feacce35ec14] PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [2d88457e554577bfe7c1a00ab64d669a] PUP.Optional.Reimage, HKU\S-1-5-21-285063949-4146897881-553778616-1001\SOFTWARE\REIMAGE\PC REPAIR|QuitMessage, , , [ad08a81bd6c4a195ec00ade9986bd32d] Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 PUP.Optional.SpeedItUp, C:\Windows\Reimage.ini, , [d1e45f6465351125bb70118e7f84f50b], Physical Sectors: 0 (No malicious items detected) (end)

I don't know if MinerD is in there. Hope it is! Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/22/2016 Scan Time: 5:24 PM Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.11.22.14 Rootkit Database: v2016.11.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Amaury J-D Scan Type: Threat Scan Result: Completed Objects Scanned: 337295 Time Elapsed: 13 min, 41 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 30 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [4e0840834555c076376d59512dd67090], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [4e0840834555c076376d59512dd67090], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [4e0840834555c076376d59512dd67090], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\REI_AxControl.ReiEngine, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\REI_AxControl.ReiEngine, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\REI_AxControl.ReiEngine.1, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\REI_AxControl.ReiEngine.1, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKU\S-1-5-21-285063949-4146897881-553778616-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, , [57ff249f4e4c033329c54d49fc07bd43], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, , [70e6388b9dfdcb6b737c0d898e7502fe], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, , [bf97aa19faa0b77fbd25910511f2cf31], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [ce88467d356539fdf7b25654e12221df], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, , [4d09a71c77237db940a293033ac956aa], PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [3125fcc70e8c171f8f1ae0ca956e2cd4], PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, , [76e0ae1568325dd9b801c3f424dfad53], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, , [e2746360247611259c465f3715eed42c], PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [9fb79132afebca6ca30601a99271a25e], PUP.Optional.Reimage, HKU\S-1-5-21-285063949-4146897881-553778616-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., , [31256a59f8a28aac44a8494d986b0ef2], PUP.Optional.Reimage, HKU\S-1-5-21-285063949-4146897881-553778616-1001\SOFTWARE\REIMAGE\PC REPAIR, , [fc5a487b96040f279558ecaaa360d52b], Registry Values: 4 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [ce88467d356539fdf7b25654e12221df] PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [3125fcc70e8c171f8f1ae0ca956e2cd4] PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [9fb79132afebca6ca30601a99271a25e] PUP.Optional.Reimage, HKU\S-1-5-21-285063949-4146897881-553778616-1001\SOFTWARE\REIMAGE\PC REPAIR|QuitMessage, , , [fc5a487b96040f279558ecaaa360d52b] Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 PUP.Optional.SpeedItUp, C:\Windows\Reimage.ini, , [ba9c5f640c8eb4822408ddc2a85ba35d], Physical Sectors: 0 (No malicious items detected) (end)

Dear Moderators, Staff, Recently I've seen that minerd.exe has popped up on my computer task manager, i managed to remove it so that it doesn't take all of my CPU up, but i still found the file location. My anti-Virus, Kaspersky, says the virus is still there as in "malware" and I think I may agree with him. I then tried deleting the files but each time i deleted it and rebooted, they just re-popped up and same cycle over and over. How do I get rid of it definitely? Thankyou!