Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Already 4 devices in 3 years get slugish after connected to home wifi.


  • Please log in to reply
22 replies to this topic

#1 jbradvi9

jbradvi9

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:01 PM

Posted 01 May 2017 - 02:00 PM

I am just wandering if some expert can solve what's going on here.After multiple infections on 2 old desktops we concluded to replace the router and to set a strong password on it by mean of a new smartphone that we bought together with the router.So we did it and after that entered the internet and email username and password we finished and no infected device was used to gain router password but strange stuff happened after...A new laptop with windows7home became strange in manner you don't get the response for a keyboard or mouse action immediately but let say after 2,5,10 secs sometimes even minutes and all this symptoms after connecting to new home wifi.Not identical but simmilar happenned to 2 tablets and a new desktop.This laptop which is used for booking purposes frequently loses connection to internet at home but not at our other apartament.So really from an expert  what kind of malware are we faceing?



BC AdBot (Login to Remove)

 


#2 iMacg3

iMacg3

    Bleepin' 68000


  • Malware Study Hall Senior
  • 1,064 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:03:01 PM

Posted 01 May 2017 - 03:34 PM

I need to ask a few questions to narrow down the problem.

 

  • What happened to the two tablets? Did they become unresponsive, sluggish, etc?
  • What problems does the desktop have?
  • Did you allow any computers access to the new network (infected or not) without performing a reset on the computer?

 

Tablets do not get the same type of virus as computers, so I need to know what problems the tablets have so I can tell if it's just a coincidence or if they really have some malware.

If a computer, even if it didn't seem infected, got access to the network that was previously hooked up to the old network, it may spread a virus that was hidden on it, but wasn't "activated."


Edited by iMacg3, 01 May 2017 - 03:36 PM.

Regards, iMacg3

"Do, or do not. There is no try." - Yoda

#3 jbradvi9

jbradvi9
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:01 PM

Posted 01 May 2017 - 04:03 PM

The tablets what i can see have problems on typing  and deleting the text annoying stops and we have to tap several times for the tablet to react sometimes a page is loading for whole minute.The new desktop was unresponsive after 30 min from connecting wifi so I reinstalled windows couse we have 2 licences for it and the laptop and now the desktop is responsive because its no more connected to the network.The laptop which is connected shows bad behavior loses internet very frequently but not in other our apartament.The home network is new with strong password done from new smartphone that even had wifi disabled before use.



#4 iMacg3

iMacg3

    Bleepin' 68000


  • Malware Study Hall Senior
  • 1,064 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:03:01 PM

Posted 01 May 2017 - 04:41 PM

Do you have two laptops? (one connected, one disconnected) Or do you have one laptop that behaves better when disconnected?

 

On ALL computers except the tablets connected to the network, please follow the below steps.

 

Download Malwarebytes Anti-Malware from the provided link.

  1. Launch MBAM by clicking the .EXE file you downloaded.

  2. Run the installation wizard.

  3. Once complete, open MBAM and click Scan.

  4. Let the scan complete, then make sure all threats are selected and click Quarantine.

  5. Once done, go to History > Logs. Select the most recent Scan Log and paste its contents into a post.


Regards, iMacg3

"Do, or do not. There is no try." - Yoda

#5 jbradvi9

jbradvi9
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:01 PM

Posted 02 May 2017 - 03:14 AM

If i connect the new desktop to home network again it will get unresponsive so please let me focus at the moment just at the laptop.We have at the moment this 1 laptop and that 1 new desktop all with windows 7, 1 old desktop with windows xp,and other are tablets.

 

---------------------

..........................

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/2/17
Scan Time: 9:46 AM
Logfile:
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1394
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351429
Time Elapsed: 23 min, 24 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\LaunchPreSignup, Delete-on-Reboot, [308], [241047],1.0.1394
PUP.Optional.InstallCore, HKU\S-1-5-21-2908530081-1728504943-2728732151-1000\SOFTWARE\csastats, Delete-on-Reboot, [8], [260986],1.0.1394
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FF63AB49-E106-49C3-B192-399F54E540BD}, Delete-on-Reboot, [308], [258107],1.0.1394

Registry Value: 1
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FF63AB49-E106-49C3-B192-399F54E540BD}|PATH, Delete-on-Reboot, [308], [258107],1.0.1394

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
PUP.Optional.Amonetize, C:\USERS\BRADVICA\APPDATA\LOCAL\TEMP\AFF.CONF, Delete-on-Reboot, [13], [302527],1.0.1394
PUP.Optional.InstallCore, C:\USERS\BRADVICA\DOWNLOADS\CAMSTUDIO.EXE, Delete-on-Reboot, [8], [301065],1.0.1394
PUP.Optional.MyPCBackup, C:\WINDOWS\SYSTEM32\TASKS\LAUNCHPRESIGNUP, Delete-on-Reboot, [308], [241045],1.0.1394

Physical Sector: 0
(No malicious items detected)


(end)
 



#6 iMacg3

iMacg3

    Bleepin' 68000


  • Malware Study Hall Senior
  • 1,064 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:03:01 PM

Posted 02 May 2017 - 11:26 AM

Did you restart the computer and check if there is any improvement?

Did you quarantine and delete all found threats?

 

Please perform a reset of your router and make sure you change the SSID (network name) and password. Make sure you are using WPA2 security and do NOT use WEP or WPA as these encryption methods are outdated and easily broken.

 

Important: Use a computer to set up the network, and not a smartphone.

 

After the reset, does the problem persist?


Edited by iMacg3, 02 May 2017 - 11:31 AM.

Regards, iMacg3

"Do, or do not. There is no try." - Yoda

#7 jbradvi9

jbradvi9
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:01 PM

Posted 02 May 2017 - 12:43 PM

Now there are two big problems ,1. all devices show problems with unresponsiveness and 2.if I do a reset we will be having a serveral days long procedure of fetching the ISP internet username and password and no more contact with bleepingcomputer.com (You).There is first an important question how someone can guess a password with special characters and second a password set from a brand new device on a new router issued by Vipnet(isp).Please don'ask me to buy a new device all that we bought in a matter of minutes got bad.I believe in one thing that the router and smartphone by what i set the router password in no case had been already infected. ...........Is this possible that one or more of our computers is used as botnets to reinfect all other devices.? Please consider what i wrote above.And last after 'mbam' i rebooted this laptop and nothing changed.Only what i can see is no suspicous files shown by antivirus,no suspicous processes in taskmanager but the laptop as all other devices show unresposiveness,internet connection breaking ununiform blocking while typing or deleting text,mouse-pointer is freezing or slow ect.No hope. :(

#8 iMacg3

iMacg3

    Bleepin' 68000


  • Malware Study Hall Senior
  • 1,064 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:03:01 PM

Posted 02 May 2017 - 04:14 PM

Please contact your ISP to find the Username and Password. (By the way, do you mean the password for the configuration page or for connecting to the network?) You will have to reset the router, as this is probably a network-based infection. By resetting the router, a hacker will probably not get access past the new SSID and password.

 

My ISP, AT&T, gives me a Username and Password when I set up my Internet connection. I also have a separate Modem and Router unit. Do you have a Modem/Router combo or a separate modem and router?


Edited by iMacg3, 02 May 2017 - 04:15 PM.

Regards, iMacg3

"Do, or do not. There is no try." - Yoda

#9 jbradvi9

jbradvi9
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:01 PM

Posted 02 May 2017 - 05:35 PM

But all devices are unsecure.The new desktop on the second floor got slugish without opening any web browser just connecting the internet by wifi.If You cant help me in another way i will probably do what you told me for the router but i m not sure if this thread will continue shortly or anymore if i dont get the internet&email password and username from isp in 3-4 days.And of course i will need a new device to establish LAN with the router to reset which i cant buy at this time.The router is huawei pretty sure combo cous it goes in the phone line with no other devices...



#10 iMacg3

iMacg3

    Bleepin' 68000


  • Malware Study Hall Senior
  • 1,064 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:03:01 PM

Posted 02 May 2017 - 05:51 PM

When you say you need a device to reset the router, I don't understand that. According to Huawei's website:

"Using a PC or laptop connected to the router. You will need a paper clip or another small object to push the Reset button on the left hand side of the device. With the power on, use the paper clip to press and hold the button for 30 seconds. The router will then restart with default settings."

You will need an ethernet cable.

When you say that you have "all devices unsecure," does that mean they connect to the router with no password? Or without a cable?


Edited by iMacg3, 02 May 2017 - 05:51 PM.

Regards, iMacg3

"Do, or do not. There is no try." - Yoda

#11 jbradvi9

jbradvi9
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:01 PM

Posted 02 May 2017 - 07:17 PM

But then i will have to connect a secure device e.g. laptop to enter the internet password  in routers config page after reset to can have internet but there is no secure one.By unsecure i mean high probability infected.For the router i cant tell so i rather think it maybe have some setting that allows cumunication of these 4 comps between each other to spread infection.As the laptop is certainly infected there is high poossibility to infect the router and at that point it will be the worst scenario.I told you before that i used a new smartphone to be sure i will not get the router infected.This smartphone was used with LAN to setup the router but after that no device was used to enter in router config page anymore.Now this smartphone is gone(fell in watter).....Also (less important) all devices use wpa2 key for wifi connection ...



#12 iMacg3

iMacg3

    Bleepin' 68000


  • Malware Study Hall Senior
  • 1,064 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:03:01 PM

Posted 03 May 2017 - 06:20 AM

Does any computer exhibit no sign of infection after being disconnected?


Regards, iMacg3

"Do, or do not. There is no try." - Yoda

#13 jbradvi9

jbradvi9
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:01 PM

Posted 03 May 2017 - 10:04 AM

They are all infected you have to use them for 10 min to  spot that.Only what i did about new desktop was i reinstalled os without connecting it to the wifi anymore so it works (card games, offline reading...) but if i connected it to the wifi it would get unresponsive,believe me....all devices are annoyingly freezing , predominantly internet browsers....



#14 iMacg3

iMacg3

    Bleepin' 68000


  • Malware Study Hall Senior
  • 1,064 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:03:01 PM

Posted 03 May 2017 - 10:24 AM

Please reinstall the OS on one computer, but do not connect it to your router!

Factory reset the router and use the computer you reinstalled the OS on to configure the settings.


Regards, iMacg3

"Do, or do not. There is no try." - Yoda

#15 jbradvi9

jbradvi9
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:01 PM

Posted 03 May 2017 - 01:13 PM

Are you sure the router is the problem,i am a little bit concerned about connecting a device that has already been infected to a new router,may it have a firmware infection that keeps infection on pc so then is easy to infect the router,we relay on this router our phoneline,iptv and internet that will be a real shame?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users