Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


[HELP] Possibly Infected

  • Please log in to reply
1 reply to this topic

#1 Rotek


  • Members
  • 4 posts
  • Local time:12:11 PM

Posted 29 March 2014 - 03:08 PM

OK so I downloaded an IP changer, which I now realize was fake, and after downloading I ran the .exe file. I then noticed that in the video there was no .exe file so I deleted all the files and uninstalled it. Later that day I booted up the PC and noticed the program kept coming up in my desktop, so I right click, open file location, and deleted all the files. Everything seemed good until I could not control my PC, it would not allow me to open anything, so I shut down the PC. After restarting I gained control back and tried to restore it a couple days before installing the program. I got an error message saying the restore failed, I think it said with unknown reasons. I just want to make sure my PC is not infected with anything, please help me if you can, thanks.

BC AdBot (Login to Remove)


#2 noknojon


  • Banned
  • 10,871 posts
  • Gender:Not Telling
  • Local time:05:11 AM

Posted 29 March 2014 - 06:50 PM

Hello Rotek -
We can run a few scans first and look at installed programs (and problems).
Please download all programs to desktop, unless directed, and Copy and Paste all logs.


Please ask if you are not sure at any time, or do not quite understand what I have posted.
Sometimes it can just be my way of expressing myself in a question or reply. :)


First -

Download Screen317 Security Check and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so.

If you still have problems, Temporarily Disable Your Anti-virus




Next -

Please download MiniToolBox and run it.
Checkmark following boxes:
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List Winsock Entries
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the result. (result.txt)



Next -

Please download and run RKill by Grinler. A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully. At most the tool will run for about 2 minutes

Please copy / Paste the log back here


NOW Follow directly with -

* Please download AdwCleaner by Xplode and save to your Desktop.
* Double-click on AdwCleaner.exe to run the tool.
* Vista/Windows 7/8 users right-click and select Run As Administrator.
* Click on the Scan button (only once)
* AdwCleaner will begin...be patient as the scan may take some time to complete.
* After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

* If you are OK with the programs selected to remove then procede to Clean, otherwise post the [R0]txt back here

* Click on the Clean button (only once)
* Press OK when asked to close all programs and follow the onscreen prompts.
* Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
* After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
* Copy and paste the contents of that logfile in your next reply.
* A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.



Next -

If you have this program installed, be sure to Update it, or follow the Install directions -

Download Malwarebytes' Anti-Malware Free (aka MBAM): to your desktop.
- Do not accept the Free Trial Version at this time -
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* See settings diagram below
* Once the program has loaded, select Perform Full Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer if requested.
The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
Scroll down Here to see a picture of what I mean for settings diagram.



Finally -

Run a Disk Check on your C: drive in Windows 7:
• Click Start and open Computer
• Right-click on C: (or your hard drive letter) and select Properties
• Click on the Tools tab
• Under Error-checking click the Check Now... button
• Mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
• Click on the Start button
• When the message box pops up, click the Schedule disk check button and Restart your computer
• Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
This will take (on average) 1 to 2 hours depending on your system, so please let it finish.
DO NOT force a reboot once started or you will lose data and may damage the computer
NOTE - If this is a Laptop please plug it into a reliable power source, as batteries may fail.
The computer will reboot to normal mode once it has completed all 5 stages -

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users