Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus maybe affect my internet connection??


  • Please log in to reply
7 replies to this topic

#1 GeorgeStam89

GeorgeStam89

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:01:07 PM

Posted 08 March 2017 - 04:57 PM

Hello guys i have problem with my internet in my pc and i dont know the reason...Avast detected 2 viruses in an external hdd disc and thats all..what can i do for it to be sure that its not a virus or somethin?



BC AdBot (Login to Remove)

 


#2 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,628 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:07 AM

Posted 09 March 2017 - 03:09 PM

GeorgeStam89:
 
:welcome: to the Bleeping Computer, Am I Infected? What Do I Do? Forum.  My name is Phil.  May I call you by your first name?

 

Would you be able to provide more details about "the problem with my internet in my pc"?  There could be many, many reasons for Internet connectivity issues, so the more information that you can provide, the easier it will be to attempt to diagnose and resolve your Internet problem.
 
While I am waiting for more details about your Internet issue, let's run a few standard scans to see if there is any malware infecting your computer.

.


:step1: ESET Online Scanner using Internet Explorer:

Note 1: These instructions are for Internet Explorer only! If you're using Chrome or Firefox, you will need to download and install the ESET Smart Installer tool before it can scan. See instructions here.
Note 2: You will need to disable your currently installed Anti-Virus, how to do so can be found here.

  • Download esetsmartinstaller_enu.exe and save it to your Desktop.
  • Double click the icon.
  • Check YES, I accept the Terms of Use.
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Click Advanced settings.
  • Check the following items.

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Change next to Current scan targets:
  • Place a check mark in any additional drive you wish to scan then click OK.
  • Click Start.
  • ESET will then download updates and begin scanning your computer.
  • If no threats are found simply click Uninstall application on close and hit Finish.
  • If threats are found click List of found threats.
  • Click Export to text file.
  • Save the file on your Desktop as ESET.txt.
  • Click Back.
  • Check Uninstall application on close and Delete quarantined files.
  • Click Finish.
  • Close the ESET Online Scanner window.
  • Copy and paste the contents of ESET.txt into your reply, if any threats were detected.

Don't forget to re-enable your antivirus when finished!

.


:step2: Please run a Malwarebytes Anti-Malware scan for me.

  • Please download Malwarebytes to your Desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • Then click Finish.
  • Next, please go to "Settings", "Protection", and turn on "Scan for rootkits", if it is not "On."
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If an update of the definitions is available, it will be downloaded and installed before the scan commences.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.

The Scan log is available through History ->Application logs. Please copy and paste the contents of the log into your next reply.

.


Thank you and have a great day.

Regards,
-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#3 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:01:07 PM

Posted 13 March 2017 - 12:36 AM

Good morning!

ESET Online Scanner
 

E:\$RECYCLE.BIN\S-1-5-21-1889768098-1045734326-830431835-1000\$RRSKOGU.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\$RECYCLE.BIN\S-1-5-21-1889768098-1045734326-830431835-1000\$RV9IZ0W.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\$RECYCLE.BIN\S-1-5-21-1889768098-1045734326-830431835-1000\$RY78SKP.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\UserFiles\Downloads\ccsetup527.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\UserFiles\Programs Installers\dfsetup221.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting



Malwarebytes Anti-Malware scan

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 3/13/17
Scan Time: 7:24 AM
Logfile: Malwarebytes.txt
Administrator: Yes
 
-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1488
License: Free
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Giorgos-PC\Giorgos
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 337933
Time Elapsed: 1 min, 38 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)


#4 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:01:07 PM

Posted 13 March 2017 - 12:38 AM

Am i clean now? If yes i can go on the next step.About more explaining for internet and laggs.



#5 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,628 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:07 AM

Posted 13 March 2017 - 12:48 PM

GeorgeStam89:
 
Thank for the scan logs.  Since ESET found some bundled toolbars, I would like to run a few more scans, particularly targeting browser hijackers and other unwanted applications that might be negatively impacting your Internet performance.
 
By all means, please provide the details of any issues that you are experiencing after you have run the following two scans for me, please, and then rebooted your computer.
 
.
 
:step1: Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait for it to complete the update.
  • Click on I Agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

If you are comfortable doing so, and there is nothing detected that you want to keep, then please re-run AdwCleaner and this time select "Clean".  Anything that you do want to keep, please uncheck the item, so that it is not removed during the Clean process.
 
.
 
:step2: Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Please copy and paste the contents of JRT.txt into your next message.

.


Please let me know how your computer and Internet are working now, after you reboot your computer.

Thank you and have a great day.

Regards,
-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#6 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:01:07 PM

Posted 20 March 2017 - 05:53 PM

Hello sir and sorry for waiting

1.  AdwCleaner 

First of all as for AdwCleaner after finishing the scan i didn't see any 
AdwCleaner[R#].txt after clicking the Logfile button....The text i see named  AdwCleaner[S0].txt.
And second--> program detected 2 threats: C:\ProgramData\IObit\ASCDownloader  and  C:\ProgramData\Application Data\IObit\ASCDownloader.

I didn't think that these two threats were dangerous but i selected ''Clean'' after all..

Here is the 
AdwCleaner[S0].txt:
 

# AdwCleaner v6.044 - *Logfile created 20/03/2017 *at 23:55:53
# *Updated on 28/02/2017 by Malwarebytes
# *Database : 2017-03-20.1 [*Server]
# *Operating System : Windows 7 Professional Service Pack 1 (X64)
# *Username : Giorgos - GIORGOS-PC
# *Running from : E:\UserFiles\Downloads\AdwCleaner.exe
# *Mode: Scan
 
 
 
***** [ *Services ] *****
 
*No malicious services found.
 
 
***** [ *Folders ] *****
 
*Folder Found: C:\ProgramData\IObit\ASCDownloader
*Folder Found: C:\ProgramData\Application Data\IObit\ASCDownloader
 
 
***** [ *Files ] *****
 
*No malicious files found.
 
 
***** [ DLL ] *****
 
*No malicious DLLs found.
 
 
***** [ WMI ] *****
 
*No malicious keys found.
 
 
***** [ *Shortcuts ] *****
 
*No infected shortcut found.
 
 
***** [ *Scheduled tasks ] *****
 
*No malicious task found.
 
 
***** [ *Registry ] *****
 
*No malicious registry entries found.
 
 
***** [ *Web browsers ] *****
 
*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [1125 *Bytes] - [20/03/2017 23:55:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1199 *Bytes] ##########
 


2.   Junkware Removal Tool
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 7 Professional x64 
Ran by Giorgos (Administrator) on ’¨  21/03/2017 at  0:18:52,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 18 
 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\SmartDefrag_Startup (Task)
Successfully deleted: C:\Users\Giorgos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Giorgos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Giorgos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DW8MBD6J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Giorgos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Giorgos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G1SLGKNQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Giorgos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HYD9T62G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Giorgos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Giorgos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VP544PAE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DW8MBD6J (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G1SLGKNQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HYD9T62G (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VP544PAE (Temporary Internet Files Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ’¨  21/03/2017 at  0:19:55,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 



#7 GeorgeStam89

GeorgeStam89
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:01:07 PM

Posted 20 March 2017 - 06:30 PM

After rebooting my pc i can't understand very well if my system(computer and Internet) is working good now(on normal values).I think is still same or a little...little better.

Here is the text after reboot:

 

# AdwCleaner v6.044 - *Logfile created 21/03/2017 *at 00:57:23
# *Updated on 28/02/2017 by Malwarebytes
# *Database : 2017-03-20.1 [*Server]
# *Operating System : Windows 7 Professional Service Pack 1 (X64)
# *Username : Giorgos - GIORGOS-PC
# *Running from : E:\UserFiles\Downloads\AdwCleaner.exe
# *Mode: Clean
 
 
 
***** [ *Services ] *****
 
 
 
***** [ *Folders ] *****
 
[-] *Folder deleted: C:\ProgramData\IObit\ASCDownloader
[#] *Folder deleted on reboot: C:\ProgramData\Application Data\IObit\ASCDownloader
 
 
***** [ *Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ *Shortcuts ] *****
 
 
 
***** [ *Scheduled Tasks ] *****
 
 
 
***** [ *Registry ] *****
 
 
 
***** [ *Browsers ] *****
 
 
 
*************************
 
:: *"Tracing" keys deleted
:: *Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [925 *Bytes] - [21/03/2017 00:57:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [1279 *Bytes] - [20/03/2017 23:55:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1072 *Bytes] ##########


#8 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,628 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:07 AM

Posted 21 March 2017 - 08:21 AM

GeorgeStam89:
 
Thank you for the logs and update.
 
 

After rebooting my pc i can't understand very well if my system(computer and Internet) is working good now(on normal values).I think is still same or a little...little better.

 
 
Would you describe, in as much detail as possible, what issues, if any, you are still experiencing?  From the scans that we have run, perhaps we need to look at other possible causes, other than malware.
 
Are you getting any error messages?  Are there programs that won't run?
 
Any information that you can provide, will help me, to help you.
 
Thank you and have a great day.
 
Regards,
-Phil


Member of the Unified Network of Instructors and Trusted Eliminators





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users