Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my pc infected?


  • Please log in to reply
39 replies to this topic

#1 Aarohan

Aarohan

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 21 July 2016 - 09:37 AM

Hello guys, I am new to Bleeping computer and also to this forum . I hope I will receive a good response to my questions.

 

 

 

From about one month , I am facing a very weird problem in my pc, every time  I want to open some program (.exe) files and I click on them , it loads for sometime and nothing happens . I am getting very annoyed by this problem and also I can"t edit the registry and open the task manager it displays Task manger is disabled and Registry editing tools are disabled by your administrator. 

 

 

 

 

 

 

 

What can I do ? people? 

 

 

 

Plzzzzz help me!!!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(PS: I scanned the pc several times but that didn"t help at all)



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:00 AM

Posted 21 July 2016 - 08:28 PM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

http://ccm.net/download/download-24750-zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply



#3 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 21 July 2016 - 09:45 PM

Thanks for the fast reply, Imma dload these softwares and scan my pc now.I will post the logs by afternoon 13:00 PM today.

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:00 AM

Posted 21 July 2016 - 09:46 PM

:thumbup2:



#5 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 22 July 2016 - 07:44 AM

Imma upload the logs in 60 mins!!!!!!!!

 

 

 

 

 

Be ready 

InadequateInfirmity

#6 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 22 July 2016 - 10:08 AM

What the hell !!!! I can"t post the logs !!!!!!!! They are too large



#7 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 22 July 2016 - 10:12 AM

Hello InadequateInfirmity , 

These are the logs 

1.Adawre Removal Tool

 PUP.Toolbar3 ->> File ->> C:\Program Files (x86)\CyberLink\YouCam\UI\CtrlPool\toolbar3d.kc

PUP.minithunderplatform ->> File ->> C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
PUP.minithunderplatform ->> File ->> C:\ProgramData\download\MiniThunderPlatform.exe
Adware.HohoSearch ->> Folder ->> C:\Program Files (x86)\Cluudomclwuse
Adware.Smartbar ->> Folder ->> C:\Windows\Temp\Smartbar
PUP.SaveServices ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ <RegKey:> Lamzap.exe
PUP.SaveServices ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ <RegKey:> Lamzap.exe
 
 
 
 
2.Ad w cleaner
 
# AdwCleaner v5.201 - Logfile created 22/07/2016 at 02:26:47
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-21.2 [Server]
# Operating system : Windows 8.1 Single Language  (X64)
# Username : hp - AAROHANSPC
# Running from : G:\Windows and miscelllanous apps\Important apps for cleaning malware\adwcleaner_5.201_2.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Users\hp\AppData\Roaming\Profiles\yzzfdyu4.default
[-] Folder Deleted : C:\Windows\SysWOW64\GroupPolicy\Adm
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[#] Key Deleted : HKCU\Software\UCBrowser
[#] Key Deleted : HKCU\Software\UCBrowserPID
[#] Key Deleted : HKLM\SOFTWARE\UCBrowser
[#] Key Deleted : HKLM\SOFTWARE\UCBrowserPID
[#] Key Deleted : HKU\S-1-5-21-2011839681-2881996057-2626484808-1001\Software\UCBrowser
[#] Key Deleted : HKU\S-1-5-21-2011839681-2881996057-2626484808-1001\Software\UCBrowserPID
[#] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\Lamzap
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [12799 bytes] - [11/06/2016 10:07:28]
C:\AdwCleaner\AdwCleaner[C2].txt - [11902 bytes] - [15/06/2016 07:03:51]
C:\AdwCleaner\AdwCleaner[C3].txt - [1499 bytes] - [22/07/2016 02:26:47]
C:\AdwCleaner\AdwCleaner[S1].txt - [13090 bytes] - [11/06/2016 10:06:08]
C:\AdwCleaner\AdwCleaner[S2].txt - [14115 bytes] - [15/06/2016 07:00:58]
C:\AdwCleaner\AdwCleaner[S5].txt - [1660 bytes] - [22/07/2016 02:24:55]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1793 bytes] ##########
 
 
 
 
 
 
 


#8 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 22 July 2016 - 10:14 AM

 
 
 
 
3.JRT 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows_NT x64 
Ran by hp (Administrator) on 22-07-2016 at 14:03:51.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 3 
 
Successfully deleted: C:\ProgramData\thunder network (Folder) 
Successfully deleted: C:\Users\Public\thunder network (Folder) 
Successfully deleted: C:\Windows\prefetch\IDM OPTIMIZER - STABLE.EXE-512BEF8A.pf (File) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22-07-2016 at 14:07:33.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
4.Zemana after scan
 
Zemana AntiMalware 2.21.2.139 (Installed)
 
-------------------------------------------------------
Scan Result            : Terminated
Scan Date              : 2016-7-22
Operating System       : Windows 8.1 64-bit
Processor              : 4X Intel® Core™ i3-4030U CPU @ 1.90GHz
BIOS Mode              : UEFI
CUID                   : 126409077B2891C289015E
Scan Type              : Deep Scan
Duration               : 2m 5s
Scanned Objects        : 10661
Detected Objects       : 0
Excluded Objects       : 21
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
There are no detected objects
 
 
 


#9 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 22 July 2016 - 10:21 AM

For the last log , go to this link, I couldn"t post it here , it was too large

https://www.dropbox.com/s/p1h78pa8cfncnhd/While%20scanning.txt?dl=0



#10 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 22 July 2016 - 10:22 AM

I need help soon 

InadequateInfirmity
 

#11 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 22 July 2016 - 11:12 AM

I also can"t open the task manager and edit the registry . There is key that keeps coming even after I delete it by unlocking the task manager by a script called Registryeditor.vbs. And after that , both the task manager and registry gets locked again. The antivirus soft wares also detect it and delete it but it keeps returning.  


Edited by Aarohan, 22 July 2016 - 11:13 AM.


#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:00 AM

Posted 22 July 2016 - 02:18 PM

Scan & Clean With Ads Fix

 

  • Disable Windows Defender & Antivirus Prior To Running This Tool!!
  • Save Ads Fix to your desktop.
  • Right Click & Run As Administrator.
  • You will then be prompted to install Certificates.
  • Install then click OK.
  • Right Click & Run As Administrator Again.
  • Click Options then select Unlock the deletion.
  • Then click on clean.
  • Post the log created, if the tool does not run then skip it.

 

Reset Host File

 

 

  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.

 

 

Pre_Scan

 

Please download Pre_Scan.

Save it to your desktop.

Disable your antivirus, and windows defender.

Close All open work Pre_Scan will close all processes to run.

Right Click Run as Admin.

Allow completion, when it completes the program will reboot your machine and open a log.

Please post that log here in your next reply.

 

 

 

9-Lab Scan.

 

  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon  run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean 
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.


#13 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 22 July 2016 - 09:47 PM

Will the scanning by these programs really help in fixing my pc?



#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:00 AM

Posted 22 July 2016 - 10:24 PM

Yes.



#15 Aarohan

Aarohan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 23 July 2016 - 01:55 AM

How?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users