Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Presumed Infection - help needed


  • Please log in to reply
4 replies to this topic

#1 globaltom

globaltom

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 15 April 2015 - 02:57 AM

OS . Win. 8.1

Hi,

I have a mouse pointer, that is always busy. The Computer is slow. I had in between the Bluetooth Driver that was erased, and that i had to reinstall (it might have been due to me as well).

A scan with Norton shew no result. In safe mode, no result as well. I tried Norton power eraser, no result.

I used malwarebytes. I might have had some results but nothing I worried about.

I used adwcleaner and got the following Report

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

I desinstalled These extensions, that I am quiet sure, I did not install myself, as i do not use Google Chrome.

I did another scan with Norton and also macaffee security scan : no result.

The mouse pointer is still busy. The Computer is getting slower, and starts to Show Display mistakes so that yesterday I could just turn power off, to shut it down...

Thanks for the help !

Best thomas


Edited by hamluis, 15 April 2015 - 06:10 AM.
Moved from Win 8 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:17 PM

Posted 15 April 2015 - 08:11 AM

Is the mouse opening new tabs and clicking on ads or is it just randomly moving about screen?

 

It seems the Chrome estensions are part of Norton's security program....from a brief search for mkfokfffehpeedafpekjeddnmnjhmcmk

 

Have you checked in the Device Manager? How Do I View a Device's Status in Device Manager in Windows?

 

Try booting into Safe Mode with Networking and running Eset Online Scanner.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 globaltom

globaltom
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 15 April 2015 - 09:30 AM

Hello buddy215,

 

Thank you for the reply

 

No the mouse pointer is just busy.

 

OK, I will check that as soon as spossible and follow your instructions.

 

Best


Edited by globaltom, 15 April 2015 - 09:32 AM.


#4 globaltom

globaltom
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 15 April 2015 - 01:00 PM

Hello Buddy 215,

 

I checked the driver manager, both mouse pointers looked OK.

 

I had to use the esetsmartinstaller_enu.exe file as the other was not reachable from outside the us.

 

I got the following result

 

C:\Thomas\Operations\Business Solution\BCTechno\hacking tools\Hack ezines\THJ\thtj11.txt    probably a variant of Perl/DoS.Nertt trojan    cleaned by deleting - quarantined

 

I knew having it on the computer, as an archive

 

Do you think I have to reinstall Norton for these 2 files I deleted ?

 

I ll start the normal mode again, and keep you posted how it goes.

 

Well, i did, the pointer trouble is still there. Maybe it s a windows bug... no clue.

 

Let me know if there is someting else i can check or do.

 

Thanks for the support buddy

 

 

Best
Thomas


Edited by globaltom, 15 April 2015 - 01:17 PM.


#5 buddy215

buddy215

  • Moderator
  • 13,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:17 PM

Posted 15 April 2015 - 01:54 PM

I think it best to start a new topic in Windows 8 forum and not mention malware.....just the problem with the mouse.

Or if the computer is still under warranty you may want to go that route...

 

You don't need to reinstall Norton since you don't use Google Chrome and from what I saw the extensions are used for

encrypting passwords used in that browser. You may not of even used them.

 

You might try using a USB or wireless mouse to see what you can learn from that....


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users