tryingtowork

Thank you so much for your help.

Seems to be back to normal, although I'm gun-shy now to go online with these machines. Like, what was it that brought them both to their knees?

All right--finally got the results from the second run of Zoek: zoek-results_M1.txt zoek-results_M2.txt

Here is what happened after running Zoek after a restart. Note that (1)this happened on the last run as well, and (2)Zoek continues to run after closing the error message window.

When I clicked on the 'x' to close the Zoek window, it said it was still running and then just populated the window with what was in there before. Coming up on 5 hours now; no activity visible in Task Manager. Attached is a screenshot. I will try running it again after restart.

Here are the Zoek result files. Again, I'm not sure if Zoek completed, since it didn't terminate as described in the instructions. Thanks, zoek-results_M1.log zoek-results_M2.log

Zoek has been running for 4 hours. In Task Manager, %CPU for this app is constant at 0, and %Memory is constant at 7.7MB. Does this seem right, or has it hung? Thanks,

The symptoms this morning on the Win 8.1 PC are even worse. Very slow after startup and neither the start button nor the charms would come up at all, ever. I started the zoek program and once the console came up I closed it because I had forgotten to turn off Avast and firewall. Because I couldn't get to the firewall to turn it off, I decided to shut the machine down using WinKey-R. After selecting Shutdown, the system hung at a purple screen. After about 10 minutes I decided to hard shut down, so I held the on/off down for a couple of seconds. I heard the machine turn off. Then about a second later it rebooted itself, which has never, ever happened before. I shut it off hard again and the same thing happened. The only way to keep it off is to flip off the power supply. Help!

All right, here are the logs for the two machines that use Ethernet. M1 runs Windows 8.1 on ASUS/Intel with 2 drives in RAID. I did a cleanup on it about 6 months ago. But after updating Firefox in July, the browser got to the point where I couldn't even type into web forms without severe lags and loss of characters, let alone it not being able to handle heavy websites like gmail, youtube, bitbucket, etc. So, I uninstalled it this past weekend. M2 runs Windows 7 Home on ASUS/Intel with a single drive. A cleanup hasn't been done on it in a while, but it's seldom used at all. The network is just a home network with one router. Thanks, Addition_M1.txt Addition_M2.txt FRST_M1.txt FRST_M2.txt

Before I submit the logs, here are more observations: -all desktops connected to router via Ethernet are displaying the same behavior: I -can't load web pages such as gmail and youtube -updates for all applications (e.g. vpn client, malwarebytes, Windows) fail -devices connected to router via Wifi don't have this problem I phoned my ISP and they confirmed that there's no proxy set up and no static settings have been overridden in the Ethernet adapter. They do suspect that a malware infection has spread to all machines through Ethernet. They actually pointed me back to using the Malwarebytes tool . . . These are work machines i.e. nobody is downloading anything that should cause this. . . I don't know what to do at this point.

No change: still getting Database Version v2015.06.03.03 and then after clicking 'Update Now', MWB says 'Updating Database' but the progress bar stays empty for 30 s and then it looks like it's updating with a bit of progress color in it (like 5%), but then it switches to 'Unable to access update server'. Do you think Check Disk and/or MWB is being canceled by malware? Do I need to take the drives out of RAID for Check Disk to work correctly? Thanks,

All right, the only way I could get Check Disk to work was through Windows (by right-clicking on C: in File Explorer). I've attached the log that resulted. eventlog.txt

Yes; as I mentioned in the second last reply, when the machine boots back up, it starts doing chkdsk and then after about 10 seconds it goes to login. I have 2 large drives in RAID, so the chkdsk scan should take a while.

Also, here is the message from Windows upon running chkdsk before restart:

After restart the chkdsk program ran for only a few seconds and then Windows presented the logon screen. Looking at the logs, there are no entries sourced to Wininit. I've attached some screen captures. Thanks,

Following last Firefox update, Firefox was terribly sluggish. As time went on I could no longer even load web sites in any browser including IE. So, I turned to my trusty tool, MBAM. Problem is, it no longer works. Here is what I tried: Logged in as admin under Win 8.1, I've done the following on my desktop: -run mbam-clean-2.1.1.1001 -turned off Windows firewall and Avast -installed mban-setup-2.1.9.1057 When the program tries to update, I'm given the message "unable to access update server" and the Database Version remains at v2015.06.03.03. A scan will run and detect PUPs (I ran it in normal Windows mode--should I be in Safe mode?), but following the scan the Database Version remains the same. Meanwhile, my Win 8.1 laptop, which is not running Avast, has no problem updating the database and running a scan. So, I tried copying all the update files from my laptop to my infected desktop, but did not get any different behavior. Please help! I've attached log files. Addition.txt CheckResults.txt FRST.txt

Attached are my log files. FRST.txt Addition.txt CheckResults.txt

Logged in as admin under Win 8.1, I've done the following on my desktop: -run mbam-clean-2.1.1.1001 -turned off Windows firewall and Avast -installed mban-setup-2.1.9.1057 When the program tries to update, I'm given the message "unable to access update server" and the Database Version remains at v2015.06.03.03. A scan will run and detect PUPs (I ran it in normal Windows mode--should I be in Safe mode?), but following the scan the Database Version remains the same. Meanwhile, my Win 8.1 laptop, which is not running Avast, has no problem updating the database and running a scan. So, I tried copying all the update files from my laptop to my infected desktop, but did not get any different behavior. Please help!