Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible infection destroying laptops.


  • Please log in to reply
3 replies to this topic

#1 nihil5586

nihil5586

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 20 March 2018 - 07:34 PM

I apologize for the length of this post. 

 

I've owned 2 laptops since late 2016 and on each of the laptops I've experienced the same issues. I used to use Comodo free firewall along with AVAST. (1st laptop) One day I restarted my laptop and found that Comodo was unable to start as was AVAST, so I tried to uninstall and reinstall Comodo Firewall but for some reason it wouldn't fully uninstall and the installer wouldn't allow me to install it without removing the older version, but I was able to restart the AVAST service which allowed AVAST to function somewhat normally. After the aforementioned, I started running several antivirus programs to try to figure out if my computer had been compromised..some of them worked but reported absolutely nothing and some of them wouldn't run at all. Also, the computer was running very sluggish and I would constantly have to use system restore because I wasn't able to boot to the desktop. I eventually decided to clean install Windows 10, but soon after my hard drive failed along with my motherboard

 

I'm currently on my second laptop, which exhibited the EXACT same issues as the first laptop..restarted the laptop and Comodo had been rendered inoperable and AVAST needed some tweaking to function correctly..security software didn't detect anything, but some wouldn't run at all, sluggish performance, etc. On this laptop I've recently clean installed Windows 8.1 and I'm only using the Windows Firewall, AVAST AV, and MBAM free version, and everything seems to be functioning correctly, but I'm not sure because a day ago I restarted the laptop and was told by MBAM that real time protection had been turned off and that it was unable to load the Anti Rootkit driver and that I needed to restarted the computer, which I did and since then I haven't experienced any other issues. I've run just about every Rootkit detection out there, but none of them find anything. I've ran AV scans using AVAST and Malware Scans using MBAM...nothing is found. 

 

Also, another issue that I'm having is that I'm receiving friend requests on Facebook from strange people that are using my name and are vaguely revealing personal things about my life and it sometimes seems like they know what I'm looking at and doing online (nothing illegal). The question I have here is, am I being hacked? Is there any way to figure out if I'm infected or am I just being paranoid? My two laptops exhibiting the same strange behavior is too big of a coincidence for me to brush off. 

 

Note: The two laptops were never connected and never shared files. The symptoms on the second laptop appeared after my first laptop died. 


Edited by nihil5586, 20 March 2018 - 07:36 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,312 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:23 AM

Posted 21 March 2018 - 04:50 AM

Welcome to BC...

 

FREE Malwarebytes wouldn't have any real time protections activated. You have to pay for that.

 

Avast will install adware in your browsers. You should run a scan using AdwCleaner and check your Add-ons in your

browsers and disable/ delete anything mentioning Avast or Search Protection.

 

I don't have a Facebook account but you should change your password if you suspect it has been compromised. I would

suggest making it private, too. As we all know that Facebook is in trouble now over the Cambridge Analytica affair.

See the many ways to make Facebook private to the degree you want in the Google Search responses linked below.

make facebook private - Google Search

 

Suggest you secure your router if you haven't done so. At a minimum...change default password....block remote connections....confirm firewall is active

Router Security

 

Use the programs below to clean, remove adware and check security.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of Google Chrome and Avast.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop. (compatible with Windows 7, 8 and 10)

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • Please download Security Check by glax24 and save the file to the Desktop
  • Run the tool by accepting all the Security prompts
  • when complete the tool will produce a log file C:\SecurityCheck\SecurityCheck.txt and also copy the contents to the Clipboard
  • Simply Paste the log to your reply

If you don't have an ad blocker installed I suggest using Adblock Plus.

Adblock Plus :: Add-ons for Firefox     Adblock Plus - Chrome Web Store

Adblock Plus for Edge browser   Adblock Plus for IE

 

You can block the ad and tracking cookies from installing on your computer by blocking third party cookies.

How to disable third-party cookies in all major web browsers

Once you have blocked the install of those cookies then run CCleaner to remove the existing ones.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 nihil5586

nihil5586
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 21 March 2018 - 04:22 PM

Thank you for your response. Here are the log files you requested. 

 

# AdwCleaner 7.0.8.0 - Logfile created on Wed Mar 21 21:19:10 2018
# Updated on 2018/08/02 by Malwarebytes 
# Database: 2018-03-20.1
# Running on Windows 8.1 (X64)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
No malicious folders found.
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries.
 
*************************
 
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
 

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 21.03.2018 22:19:44
Path starting: C:\Users\Anna\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Anna
VersionXML: 4.90is-18.03.2018
___________________________________________________________________________
 
Windows 8.1(6.3.9600) (x64) Core Lang: Polish(0415)
Installation date OS: 19.03.2018 23:54:38
LicenseStatus: Windows®, Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: Internet Explorer (C:\Program Files\Internet Explorer\iexplore.exe)
SystemDrive: C: FS: [NTFS] Capacity: [931 Gb] Used: [50.9 Gb] Free: [880.1 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18953
User Account Control enabled (Level 4)
Automatically download and schedule installation
Date install updates: 2018-03-21 01:47:32
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (enabled and up to date)
Windows Defender (disabled and up to date)
Malwarebytes (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Malwarebytes (enabled and up to date)
Windows Defender (disabled and up to date)
Avast Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.18.2.2328
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes version 3.4.4.2398 v.3.4.4.2398
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.3.0.1
--------------------------------- [ IM ] ----------------------------------
Viber v.8.4.0.5
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 59.0.1 (x64 en-US) v.59.0.1
Google Chrome v.65.0.3325.162
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.18.2.3827.0
aswbIDSAgent (aswbIDSAgent) - The service is running
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.18.2.3827.307
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.3.0.0.1395
Malwarebytes Service (MBAMService) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.1.0.634
Windows Defender Service (WinDefend) - The service has stopped
Windows Defender Network Inspection Service (WdNisSvc) - The service has stopped
----------------------------- [ End of Log ] ------------------------------
 


#4 buddy215

buddy215

  • Moderator
  • 13,312 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:23 AM

Posted 21 March 2018 - 06:15 PM

No problems or adware found. You installed Windows on the 19th so I wouldn't expect any problem.

 

Lots of programs hosted at the site linked below that do not have unwanted software bundled with them like most free

software does these days. Ninite - Install or Update Multiple Apps at Once


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users