Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

how do I know if I am infected or if there is something wrong with my wireless


  • This topic is locked This topic is locked
19 replies to this topic

#1 Milway

Milway

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 05:25 AM

Hi there,

 

My wireless is acting strange lately it times out quite often, also my firefox browser bar flicks from time to time, how do I know if I am infected or if there is something wrong with my wireless network?

 

Thanks for your help!

 

 



BC AdBot (Login to Remove)

 


#2 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 05:41 AM

Hi

 

I ran Adwcleaner and found these on the Registry tap

 

any suggestions of what this might be?

 

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\APN PIP
Key Found : HKLM\Software\PIP



#3 Jo*

Jo*

  • Malware Response Team
  • 3,410 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:31 PM

Posted 10 March 2014 - 05:46 AM

:welcome:

Hello Milway,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#4 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 05:56 AM

hi Jo*,

 

Thanks

 

Here is the log from "Security Check"

 

"Security Check"

 

 Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
McAfee Anti-Virus and Anti-Spyware   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Spyder3Elite     
 Free Internet Window Washer  
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TuneUp Utilities    
 TuneUp Utilities Language Pack (es-ES)
 Mozilla Firefox (25.0)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 17% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

 

_____________________________________



#5 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 06:10 AM

Hi Jo*,
 
Could be deleted this info once we finished please.
 
OTL logs.
 
 
OLT
 
Edit by Jo:
Removed log because the user asked for that.

 

< End of report >

Edited by Jo*, 10 March 2014 - 05:38 PM.


#6 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 06:11 AM

Second log
 
Extras
 
Edit by Jo:
Removed log because the user asked for that.

 
< End of report >

Edited by Jo*, 10 March 2014 - 05:38 PM.


#7 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 06:17 AM

A quit note:

 

When I typed a minute ago in the url, hotmail.com, Firefox redirect me to another page that wasn't hotmail but rather to the http://www.imdb.com website with one of their films, this is the first time that happens to me this, strange.



#8 Jo*

Jo*

  • Malware Response Team
  • 3,410 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:31 PM

Posted 10 March 2014 - 06:51 AM

Hello Milway,

Did you reinstall or restore Windows this weekend?

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 07:07 AM

Hey Jo*,

 

Yes, I did, I thought that by reinstall windows the issue that I am experiencing will go, but didn't unfortunately.

 

Ok, I open “Malwarebytes Anti-rootkit” and question mark window pop ups saying

“Registry value “AppInit_Dlls” has been found, which may be caused by rootkit activity.

 

go ahead??



#10 Jo*

Jo*

  • Malware Response Team
  • 3,410 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:31 PM

Posted 10 March 2014 - 07:14 AM

go on and post the logs.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 07:14 AM

ok



#12 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 07:42 AM

Hi Jo*

 

Thanks

 

Here are the logs

 

Malwarebytes

 

Malwarebytes Finished the scan with: No malware found!

 

________________________

 

AdwCleaner

 

# AdwCleaner v3.020 - Report created 10/03/2014 at 12:39:12
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : wintertree - W
# Running from : C:\Users\wintertree\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\APN PIP
Key Found : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\wintertree\AppData\Roaming\Mozilla\Firefox\Profiles\o6mv1luh.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [885 octets] - [10/03/2014 10:30:46]
AdwCleaner[R1].txt - [804 octets] - [10/03/2014 12:39:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [863 octets] ##########



#13 Jo*

Jo*

  • Malware Response Team
  • 3,410 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:31 PM

Posted 10 March 2014 - 07:53 AM

Hello Milway,

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***

Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***

Run OTL again.
  • Double click on the OTL icon to run it.
  • Right click on the OTL icon and select[/color][/i] Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***

How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#14 Milway

Milway
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 10 March 2014 - 02:48 PM

Hi Jo*,
 
Thanks
 
Well the computer seems ok, wireless still drop-in on me, I mean it times out from time to time, the Troubleshooting in windows is telling me that the connection between my access point, router, or cable modem and the internet is broken, how this can be when I have internet when I get this reading? Strangely, the browser still have some flicking but is less.
 
Here are the logs 
 
AdwCleaner:
 
# AdwCleaner v3.021 - Report created 10/03/2014 at 19:09:02
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : wintertree - W
# Running from : C:\Users\wintertree\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\wintertree\AppData\Roaming\Mozilla\Firefox\Profiles\o6mv1luh.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [885 octets] - [10/03/2014 10:30:46]
AdwCleaner[R1].txt - [946 octets] - [10/03/2014 12:39:12]
AdwCleaner[R2].txt - [1005 octets] - [10/03/2014 19:07:49]
AdwCleaner[S0].txt - [891 octets] - [10/03/2014 19:09:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [950 octets] ##########
 
 
_________________________________________
 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by wintertree on 10/03/2014 at 19:19:29.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/03/2014 at 19:25:58.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
____________________________________________
 
OTL:
 
Edit by Jo:
Removed log because the user asked for that.


< End of report >

Edited by Jo*, 10 March 2014 - 05:43 PM.


#15 Jo*

Jo*

  • Malware Response Team
  • 3,410 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:31 PM

Posted 10 March 2014 - 03:10 PM

Hi Milway,

in this forum section we can only check your pc for malware!
When we are sure, that your pc is clean, you can go on at http://www.bleepingcomputer.com/forums/f/77/internet-networking/

1. Java
1.1 Uninstall old Java versions (if present):
  • Please go to Start > Control Panel > Programs and Features .
  • Locate all Java Updates
  • Uninstall them all.
1.2 Install latest Java 7 update. Click this link and click on the Free JAVA Download.

1.3 Find here instructions how to clear the java cache.
Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)
Under Temporary Internet Files, click the Delete Files button.
There are options in the window to clear the cache - Leave ALL Checked
  • Applications and Applets
  • Trace and log files
Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Java Control Panel.

 

***


2. Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download the free version of Malwarebytes' Anti-Malware and save it to your desktop.
Double-click mbam-setup****.exe and follow the prompts to install the program.
Note to Vista | Windows 7/8 users, please right-click and select Run as Administrator.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware.
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply.
Note 1: The log can also be found via the Logs tab when Malwarebytes' Anti-Malware is started.
Note 2: If you receive a notice that some of the items couldn't be removed and they have been added to the delete on reboot list, please reboot.



***


3. ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

***



How the computer is running now?



***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users