Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pretty sure im infected. Antiviruses and anti-malware progs cant find culprit


  • Please log in to reply
7 replies to this topic

#1 Uko

Uko

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 08 July 2017 - 04:10 AM

Hello,

My PC acts really strange: 

 

First my cursor started to change to pixalated icon with little circle (loading icon?) and it doesn't point where it shows but somewhere below (like there is another invisible cursor) for around 3-5 seconds - sometimes it turns invisible for those 3-5 seconds. This happens when i open bookmarks, applications on my PC and files.  I can interact with folders and web pages fine, without cursor being strange. 

 

After some prolonged time google chrome also started to act strange. When i open browser i need to wait around 20-30 seconds till my opened page/s actually load (like something is using bandwidth?). After that pages load fine and quick.

 

The third recent one time thing i noticed was that my PC made a sudden pop-up saying something about recycle bin that it was too full or something (it was empty at that time, 100% sure) - basically it was "yes" "no" prompt and i foolishly pressed yes. After that all my screen went black and i could only see Windows start tab. Windows was non responsive and i needed to restart it.

 

At first when only cursor was acting strange i downloaded Malwarebytes and HtmanPro - they found something, i deleted it and it worked! My cursor acted fine... for 3 days. After that scanning with these progs they found nothing, but cursor was acting again strange. After that i used some progs from guide i don't remember (i think one of them was Malwarebytes adwcleaner and rootkiller) in safe mode - it again worked but only for short time. Next time i used them again in safe mode, some of them didn't want to run... and i gave up. This goes for around 3 months. Now the third thing happened and I'm here....

 

I am pretty sure that my pc is infected. What you guys think and what should be my next step? I don't want to reinstall Windows, since my laptop came with it with no disc and i really doubt that retailer will reinstall it.

 

I am using Windows 10 and Avast as my antivirus


Edited by Uko, 08 July 2017 - 04:32 AM.


BC AdBot (Login to Remove)

 


#2 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:05 AM

Posted 08 July 2017 - 04:49 PM

Do the following malware checks and post the logs...

Download and run AdwCleaner -

https://www.bleepingcomputer.com/download/adwcleaner/

Download and run Malwarebytes Anti-Malware -

https://www.malwarebytes.org/antimalware/

Download and run the portable version of Zemana Anti-Malware

https://www.zemana.com/en-US/Download

Download and run Junkware Removal Tool -

https://www.bleepingcomputer.com/download/junkware-removal-tool/

Create a System Restore point first.



#3 Uko

Uko
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 05:55 AM

# AdwCleaner v6.047 - Logfile created 09/07/2017 at 13:45:48
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-07-07.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : ukoba - LAPTOP-AVC4OVI6
# Running from : C:\Users\ukoba\Downloads\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
No malicious folders found.
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [3257 Bytes] - [08/05/2017 23:22:02]
C:\AdwCleaner\AdwCleaner[C2].txt - [1429 Bytes] - [23/05/2017 13:20:42]
C:\AdwCleaner\AdwCleaner[S0].txt - [3172 Bytes] - [08/05/2017 23:17:37]
C:\AdwCleaner\AdwCleaner[S1].txt - [1297 Bytes] - [23/05/2017 13:05:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [1757 Bytes] - [23/05/2017 13:20:31]
C:\AdwCleaner\AdwCleaner[S3].txt - [1515 Bytes] - [23/05/2017 13:34:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [1589 Bytes] - [24/05/2017 15:43:57]
C:\AdwCleaner\AdwCleaner[S5].txt - [1504 Bytes] - [09/07/2017 13:45:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1577 Bytes] ##########
 
 
 
 
 
Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 7/9/17
Scan Time: 1:48 PM
Log File: 
Administrator: Yes
 
-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2324
License: Trial
 
-System Information-
OS: Windows 10 (Build 15063.413)
CPU: x64
File System: NTFS
User: LAPTOP-AVC4OVI6\ukoba
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 379317
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 1 min, 37 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)


#4 Uko

Uko
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 06:04 AM

Homepages found by Zemana are set by me and should be safe
 
Zemana AntiMalware 2.74.2.76 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2017.7.9
Operating System       : Windows 10 64-bit
Processor              : 4X Intel® Core™ i3-6100U CPU @ 2.30GHz
BIOS Mode              : UEFI
CUID                   : 1247B64112874873FC1B26
Scan Type              : System Scan
Duration               : 2m 2s
Scanned Objects        : 80291
Detected Objects       : 3
Excluded Objects       : 0
Read Level             : Normal
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
Chrome Startup Url
Status             : Scanned
Object             : https://www.ss.lv/lv/animals/fish/fish/
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Startup Url
 
Chrome Startup Url
Status             : Scanned
Object             : http://www.prakse.lv/vacancy/list
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Startup Url
 
Chrome Homepage
Status             : Scanned
Object             : https://www.ss.lv/lv/work/are-required/
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Homepage
 
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 3
Reported as safe      : 0
Failed                : 0

Edited by Uko, 09 July 2017 - 06:11 AM.


#5 Uko

Uko
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 06:10 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64 
Ran by ukoba (Administrator) on 09.07.2017 at 14:06:50,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 0 
 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.07.2017 at 14:09:54,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:05 AM

Posted 09 July 2017 - 02:32 PM

Run the built-in Windows Disk Cleanup tool.

 

When that is done...

 

Type cmd.exe in the search box, and right click on the result, selecting Run as administrator.

Type chkdsk /r and press Enter.


Edited by jwoods301, 09 July 2017 - 02:34 PM.


#7 Uko

Uko
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 11 July 2017 - 12:55 AM

Thanks, looks like that fixed it. Bleepingpc will get my endorsements on social. Was it even a virus or just corrupted system files?



#8 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:05 AM

Posted 11 July 2017 - 01:12 AM

Your logs show that the system appears to be clean.

 

You can see the chkdsk results in the Windows Event Logs.

 

You mentioned Avast, which is known for performance issues.

 

You might consider replacing it with another AV product, or let Windows Defender do both AV/AM for you.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users