Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Able to connect to wireless but Chrome/Edge/Firefox/Comodo do not work


  • Please log in to reply
23 replies to this topic

#1 GambitX

GambitX

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 10 October 2017 - 09:54 PM

I'm not sure if this is posted in the right place because I don't know if I have a virus or what is going on.  I have Windows 10 (Automatically updated to it months ago) and have not really used this laptop in quite some time.  It has been off for months but has worked normally in Edge/Firefox/Chrome/IE, etc with no issues.  Two days ago, I could not get webpages to load even google, except in IE.  I looked up ways to try to fix it, but nothing worked.  Here are details:

 

Internet Explorer works- I am able to surf the internet in internet explorer, however Edge, Chrome, Firefox do not allow me too.  Comodo is not working properly.  It will not connect or update.  I cannot even get the old "hub" screen to load.  I have not updated Comodo in quite some time bc I have not used the internet. 

 

Avira is working and was able to download updates to stay current.  Originally, I thought my whole net connection was down until I noticed Avira was able to update.  That is when I tried IE and it also worked.

 

Malwarebytes did find a few issues that I already quarantined.  I cannot remember the names but can bring up old logs if needed- may need instructions on how to do it.  Ran Malwarebytes again today and it did find Rootkit.ADS.  It is quarantined and deleted.  Something did try to get to my registry after removing it.  My Avira blocked the attempt but looks like Comodo is not working at all.  I tried to uninstall it but nothing happens.  I am able to uninstall other applications with no issues.  Avira found no issues/viruses after running a full scan 3 days straight. 

 

Any idea on what is happening here?  I have only been remote connecting to my work computer once every so often when I work from home, otherwise this PC is usually off since I use my tablet.  Would really appreciate any input.  If this is in the wrong section, I am sorry, please let me know where to post it.  Thank you in advance.


Edited by hamluis, 11 October 2017 - 10:16 AM.
Moved from W10 Spt to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 11 October 2017 - 09:48 AM

Should I post this in a different section or does anyone need more info?  I really need help here, thank you.



#3 dc3

dc3

    Bleeping Tree Hugger


  • Members
  • 29,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:59 PM

Posted 11 October 2017 - 09:49 AM

I will request that this topic be moved to the Am I Infected, What Do I Do?  The scans I'm going to request that your run are not allowed to be used in the Windows forums.  Post the logs for each scan in your topic.  Please do not post any logs at a host website unless the scan instructions suggest that you do.  Do NOT wrap your logs in "quotes" or "code" brackets, and do not use
 use spoilers.
 
Please post the Malwarebytes log in its entirety in your topic.  You can find this by clicking/tapping File Explorer in the taskbar.  
 
Click/tap on the drive which Windows is installed (this usually is the C: Drive).
 
Click/tap on Windows, then Logs, then CBS.
 
These logs are date and time stamped so you can choose the appropriate log if there are more than one.  Copy and paste the log in your topic.
 
 
 
Please download Security Check by Screen317.

Double click on the download and choose to run the program.

A screen similar to the one below will open, click any key to run the program.

rJI98Ee.png

When the scan is finished there will be a log, copy and then paste the log in your next post.
 
 
Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.

The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
RFsyrw2.png
 
3.  Click Start Scan and allow the scan process to run.
 
hRffsT6.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!

Click on Continue.
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.

Note:  The log may be very long.  You may need to break it into parts to post the whole log in your topic.
 
 
Please download AdwCleaner and install it.

When AdwCleaner opens click on Scan to start the scan.

ZQk62WV.png

Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.

If there are no malicious programs are found you will receive a message informing you of this.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  

CsqnoTW.png
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.  The computer will be restarted to complete the cleaning process.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.


Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run
till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need
to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that
    here
    .
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • If threats are found click on Save to text file in Documents.
  • Open Documents, find the report, copy and paste it in your topic.

Edited by dc3, 11 October 2017 - 09:50 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 11 October 2017 - 09:55 AM

Thank you very much.  I am at work at the moment but will do this the moment I am home.  Is that OK?  I really appreciate your help on this. 



#5 dc3

dc3

    Bleeping Tree Hugger


  • Members
  • 29,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:59 PM

Posted 11 October 2017 - 10:03 AM

That won't be a problem, I will look for a response tomorrow.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 11 October 2017 - 10:04 AM

Thanks. I'll be on here from 7 PM EST to however long needed if you'd be available.  Otherwise, will post everything as requested.  Thank you very much!



#7 dc3

dc3

    Bleeping Tree Hugger


  • Members
  • 29,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:59 PM

Posted 11 October 2017 - 10:07 AM

I have other plans for that time, this is four o'clock my time... family time.  But I will be back in the morning.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 11 October 2017 - 10:23 AM

Excellent, thank you.  Wish I could bring my laptop in here with me lol.  Will post everything, really appreciate your help!



#9 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 11 October 2017 - 07:24 PM

One other problem that I forgot to mention is that my clock on the PC is one hour behind which is weird.

 

I'm posting the most recent one and the one from last night that found that rootkit.



#10 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 11 October 2017 - 07:40 PM

I can't get anything to paste.  Trying to copy and paste the logs but  nothing works.  Tried selecting paste from word but it isn't doing anything

 

I am able to paste anything else into the browser but not this forum for this reason.  What do I do?


Edited by GambitX, 11 October 2017 - 07:46 PM.


#11 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 11 October 2017 - 11:56 PM

I clicked the little lightswitch in the upper left of this box and it allowed me to paste, but it would not post. It just kept spinning and never went through. I tried so many different times. Any idea of how else I can get the logs to you? It says it is over 700k characters, maybe that is why?

#12 dc3

dc3

    Bleeping Tree Hugger


  • Members
  • 29,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:59 PM

Posted 12 October 2017 - 09:50 AM

You posted that you were posting the most recent one, but you didn't mention what scan this is, please post which scan this is.

 

Just for the record, I copied and posted one of my own CBS logs.  It took quite a while to load the text but the file was too large to be posted.  The last time I checked the file size limit is 6.1MB.  You could get around this by posting sections of the log without exceeding the 6.1MB limit.

 

If this is the CBS log you may need to post this through a host website such as Dropbox to post the log.  You can start a free 30 day trial.  Once you have loaded the log at Dropbox post a link to the website.

 

Unfortunately you cannot post images in this forum, otherwise I would suggest that you create a screenshot and post that in your topic.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 12 October 2017 - 04:12 PM

Sorry for the confusion. I was trying to paste the log but it wouldn't paste. My computer would take way too long to paste it. I'll try dropbox tonight to see if that would work. I wasn't sure if I was allowed to post links so thank you for clearing it up. I'll get this done tonight. Sorry for the confusion and sorry for the delay on this.

#14 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 12 October 2017 - 08:42 PM

Link to Malware Bytes log from 10/11: https://www.dropbox.com/s/jt32ts0l0xbjc0n/CBS.log?dl=0

Link to Malware Bytes log from 10/10 where it found the rootkit: https://www.dropbox.com/s/feq552sebjbxpjm/CbsPersist_20171011040731.log?dl=0

#15 GambitX

GambitX
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 12 October 2017 - 08:56 PM

Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Antivirus
Windows Defender
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 91
Java version 32-bit out of Date!
Google Chrome (58.0.3029.110)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Windows Defender MSASCuiL.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users