Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with removing virus


  • Please log in to reply
3 replies to this topic

#1 joesus

joesus

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 07 February 2016 - 08:13 PM

Hello there,

 

I require some assistance with what I suspect is a virus.

 

I have an HP computer and run Windows 10 and use Google Chrome as my main browser.

 

Yesterday while I was using Chrome I noticed that pages stopped loading which isn't really that uncommon given that my internet isn't the fastest so I figured it was no big deal and tried refreshing but to no avail.Before this I had to turn the wifi on my computer off and then turn it back on which is when the problem started so I thought perhaps I just needed to restart my computer to see if that would do anything.

 

When I restarted, I couldn't get Chrome to open at all. That's happened a time or two before, where I've turned on my computer and Chrome hasn't wanted to start so I simply restart my computer entirely and then the problem's resolved but this time it just wasn't happening and worse yet it seems like my attempt to even bring Chrome up froze everything else and I had to force a restart.

 

When I got my computer back up and running I did a Norton scan which didn't produce anything. I did a system restore which also didn't do anything, the same problem still persisted.

 

I uninstalled Norton and downloaded Malwarebytes and ran a scan but it didn't find anything either. I did another system restore but still nothing. I uninstalled then reinstalled Chrome but still nothing. I downloaded BullGuard per a suggestion I'd read from other people experiencing problems with getting Chrome to open and about 80% into a full scan my computer froze again so I had to force another shut down.

 

When I got it back on I now can't even get Firefox to work, it keeps telling me that my connection is not secure and that the website I'm trying to access has configured their website improperly (which mind you, I'm only trying to bring up websites like Google, Yahoo, Bing, etc., not anything shady/dangerous).

 

I'm using Edge right now and so far we're okay but then again I had FireFox working just fine until everything suddenly froze so I don't know. I didn't even try to bring Chrome up while I was running the BullGuard scan and using FireFox so that leads me to wonder now if it isn't just a Chrome-only problem and is now instead some type of virus.

 

In any case, I'd greatly appreciate whatever help and assistance anyone can provide.

 

Thank you,

Anna



BC AdBot (Login to Remove)

 


#2 TazzyOpz

TazzyOpz

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:47 AM

Posted 07 February 2016 - 11:20 PM

It sounds like it could be some sort of adware/malware that changed your internet settings. Try running the following:

 

 

[-Running AdwCleaner-]
Download AdwCleaner from here and save it to your Desktop.
 
• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile
 
[-Running JunkWare Removal Tool-]
Download JunkWare Removal Tool from here and save it to your Desktop.
 
• Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
• On completion, a log is saved to your desktop and will automatically open.
• Please post the JRT log here.
 
 
Just for an extra layer of security. You can run a scan with Kaspersky Virus Removal tool as well.
 

[-Running Kaspersky Virus Removal Tool-]
Download KVRT from here and save it to your Desktop.
•  Right click on KVRT.exe and select Run as Administrator.
•  Read the EULA, then select Accept.
•  Wait for Kaspersky Virus Removal Tool to initialize.
•  In the main screen, select Change parameters, place a checkmark in System drive, then click OK.
•  Click Start scan.
•  Wait for Kaspersky Virus Removal Tool to complete scanning.
•  When the scan is finished, select Neutralize all for all detected objects.
•  Close Kaspersky Virus Removal Tool when done.
 

Software Developer & Malware Analyst
Programming Langues: VB.net, C#, Java, & HTML.
Reverse Engineering/Tracking Tool familiarity: Ollydbg, IDA, CE, & Wireshark
My Website


#3 joesus

joesus
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 08 February 2016 - 09:49 PM

Thank you for replying! Here are my logs-

 

 

AdwCleaner:

 

 

# AdwCleaner v5.033 - Logfile created 08/02/2016 at 18:35:44

# Updated 07/02/2016 by Xplode

# Database : 2016-02-07.2 [Server]

# Operating system : Windows 10 Home  (x64)

# Username : makes - DESKTOP-FI3RJJJ

# Running from : C:\Users\makes\Downloads\AdwCleaner.exe

# Option : Cleaning

# Support : http://toolslib.net/forum

 

 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

 

***** [ Files ] *****

 

 

***** [ DLLs ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Web browsers ] *****

 

 

*************************

 

 

:: "Tracing" keys removed

:: Winsock settings cleared

 

 

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [662 bytes] ##########

 

 

JRT:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.2 (01.06.2016)

Operating System: Windows 10 Home x64

Ran by makes (Administrator) on Mon 02/08/2016 at 18:43:38.81

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

 

File System: 5

 

 

Successfully deleted: C:\Users\makes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal (File)

Successfully deleted: C:\Users\makes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage (File)

Successfully deleted: C:\Users\makes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal (File)

Successfully deleted: C:\Users\makes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage (File)

Successfully deleted: C:\WINDOWS\wininit.ini (File)

 

 

 

 

 

Registry: 2

 

 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{395EE202-2FD3-442E-857E-B2610C723E5D} (Registry Key)

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{395EE202-2FD3-442E-857E-B2610C723E5D} (Registry Key)

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 02/08/2016 at 18:48:55.36

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

I also ran a Kaspersky Virus scan which stated that no threats were found.



#4 AndreuTZa

AndreuTZa

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 09 February 2016 - 11:43 PM

Open your BullGuard, click Settings from the top, click Advanced from the top, click Antivirus from the left and under it click Safe Browsing. Uncheck all boxes and your browsers will work. Click on Support from the lower-right corner of the application, to start a chat and ask for the certificate to fix the issue.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users