Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Connection and Programme issues


  • Please log in to reply
7 replies to this topic

#1 mnrbloemie

mnrbloemie

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 30 July 2013 - 06:09 PM

Good day,

 

Recently my computer has started giving me some problems. At first I thought it was maybe something with my router or internet, but I found no problems and think that it might be something completely different.

I've done a few searches on the net to try and see if other people have experienced the same problems as I do now, but so far only a few have had sort of the same problem, but not entirely.

Initially I thought that whenever my computer goes into sleep mode (I rarely switch my computer off), when I unlock my PC it won't connect to the internet, connect to our home network (file sharing) or open any programmes, other than play videos (on VLC), but then it started happening more frequently, and sometimes while I'm using the internet it would suddenly stop connecting to websites. As stated I've done some searching and I went to my Device Manager, under my Realtek Network Card I unchecked the box that says "Allow the computer to turn off this device to save power" as other users have found this to solve their connection issues, and to be honest I think it helps. Previously I would lose connection after 10 minutes of working on my PC, but now it lasts a few hours, but the problem still exists. This will obviously also not solve the entire problem as I still cannot open any programmes when this strange thing happens.

 

I've read this topic which another user created, and we have similar issues, but also not entirely:

 

http://www.bleepingcomputer.com/forums/t/502776/pc-wont-open-programs-restart-shut-down-etc/

 

I've done the sfc Scan as suggested in that topic, but nothing was found. It said: "Windows Resource Protection did not find any integrity violations".

I've also scanned my computer multiple times with AVG (I also have malwarebytes which I will use later on to scan my PC with that).

 

So far I've found no solution, but the problem still exists. Whenver my computer doesn't want to connect to the internet, network, or open any programmes, I restart my PC and then go on, but yesterday it started happening every 10 minutes and I had to restart my PC numerous times which is very frustrating. Restarting my PC solves the problem for a short while, so it might have something to do with that. As stated initially I thought it only happens after my PC was in sleep mode for a long time, but sometimes I would lock my computer, return after 10 minutes and then have the same problem again.

 

I think it might be a problem with my hard drive. I say this because when this 'thing' happens I cannot open any programmes (which are on my hard drive), but then again I can play videos with VLC which is also on my hard drive, so I'm really confused as to what it may be.

 

If you need me to post any information, I would gladly do so. Basic information:

 

Windows 7 Ultimate Service Pack 1 (64 bit)

Pentium Dual Core CPU

4 GB RAM

2 Separate Hard Drives

 

I don't really know what other information to give. I use Firefox and almost never use IE (although it is still installed on my pc). I use AVG for scans etc. and also have Zone Alarm (firewall).

So far AVG and Zone Alarm hasn't picked up on anything (although AVG has picked up 3 infected Temporary files the other day but those were removed, and since then the problem still exists so), but it is possible that I might have some sort of infection. It's just a matter of finding the file.

 

 

Thank you


Edited by hamluis, 03 August 2013 - 08:10 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 mnrbloemie

mnrbloemie
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 30 July 2013 - 07:38 PM

My AVG Scan has found the following:

 

Adware BHO.AddLyrics - Medium Threat - Secured

KMP - Low Threat - Infected (This file is signed with a broken with a broken digital signature, issued by: Softonic International)

 

My MalwareBytes Scan has found and deleted the following:

 

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 13
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Users\Downloads\civrometrn3-ch.zip (Malware.Packer.as) -> Quarantined and deleted successfully.
C:\Windows\Installer\5604308f.msi (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.


Edited by mnrbloemie, 30 July 2013 - 07:58 PM.


#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:36 AM

Posted 30 July 2013 - 08:19 PM

Hello -

The scans seem to only show PUP (Potentially Unwanted Programs) and no specific Malware / Virus infections.

 

Please run this program to see if it fully removes any remainders.

Turn OFF (disable) your antivirus program while you run the scans, to avoid potential conflicts.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

 

Please download AdwCleaner by Xplode onto your desktop.

*Now close all open programs and internet browsers.
*Double click on adwcleaner.exe to run the tool.
*Click on Delete.
*Confirm each time with Ok.
* NOTE Your computer will be rebooted automatically. A text file will open after the restart.

*Please post the contents of that logfile with your next reply.
*You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

Thank You -



#4 mnrbloemie

mnrbloemie
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 03 August 2013 - 12:39 PM

I did as you asked. Here is the log:

 

# AdwCleaner v2.306 - Logfile created 08/03/2013 at 19:34:49
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Tiaan - TIAAN-PC
# Boot Mode : Normal
# Running from : E:\Documents and Settings\Tiaan Dippenaar\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Tiaan\AppData\Roaming\Mozilla\Firefox\Profiles\h0f5fp37.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Tiaan\AppData\Roaming\Mozilla\Firefox\Profiles\h0f5fp37.default\searchplugins\SweetIm.xml
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\Tiaan\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Tiaan\AppData\Local\Temp\Conduit
Folder Deleted : C:\Users\Tiaan\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Tiaan\AppData\Roaming\Mozilla\Firefox\Profiles\h0f5fp37.default\prefs.js

C:\Users\Tiaan\AppData\Roaming\Mozilla\Firefox\Profiles\h0f5fp37.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Users\Tiaan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [6315 octets] - [03/08/2013 19:34:49]

########## EOF - C:\AdwCleaner[S1].txt - [6375 octets] ##########
 

 

 

I've only done this now so I will observe to see if it solved the problem. If you need me to do anything else please let me know.

 

Thank you

 

EDIT

 

I just had to restart my pc again after I lost connectivity, some 15 minutes after I did the scan.


Edited by mnrbloemie, 03 August 2013 - 12:59 PM.


#5 mnrbloemie

mnrbloemie
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 03 August 2013 - 05:54 PM

Had to restart twice since my last edit. At times I can use my computer for an hour or three, but I eventually lose connection and can't use the internet, go on to the network or open certain programmes. It's quite strange. Initially I thought it might have to do with my hard drives ( I have 2 separate ones ), but even if I lose internet connection, can't access the home network, I can still open certain programmes (like Microsoft Word, Excel, certain games), I can watch any video (with VLC player) but CERTAIN programmes won't work, the majority of them are games. Sometimes it takes 5 minutes or so to open the programme, when opened i can't do anything in the programme.

 

Also I will lose internet connection, but if uTorrent is already running I can still download a torrent (speed is not affected at all). I'm really at a dead end as I've tried everything suggested on numerous forums and websites. Any help would be greatly appreciated as it's really annoying. I also have to do some homework online tomorrow and I fear that I will have to start over every time. A hasty fix is really needed.

 

Thanks



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:36 AM

Posted 03 August 2013 - 07:13 PM

A hasty fix is really needed. < <= Uninstall all Torrent programs and only download from the legal sites -

 

Download Malwarebytes' Anti-Malware Free (aka MBAM)
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
Be sure to reboot the computer after you post the log.

 

 

Please download TFC, or Temp File Cleaner by Old Timer
Usage Instructions:

  • Download TFC from the download link above and save the file on your desktop.
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press OK to reboot your computer and finish the cleanup.

Note: Depending on how much data is currently stored in the Temp folders, this process can take quite a while to remove all of the files, so please be patient.

 

 

Thank You -



#7 mnrbloemie

mnrbloemie
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 04 August 2013 - 06:34 AM

Good day,

 

I don't do anything illegal with uTorrent, and I know for a fact that's not the problem because before 2 days ago I didn't download any torrents at all for the last 1-2 months, and the problem started about 2 weeks ago.

I've already done a malware scan and it's posted above in my second post.

I will do the TFC right now.

 

Thank you



#8 mnrbloemie

mnrbloemie
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 04 August 2013 - 07:18 AM

Malware Bytes Scan:

 

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 243060
Time elapsed: 6 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

TFC has removed 850mb of temporary files.


Edited by mnrbloemie, 04 August 2013 - 07:28 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users