Jump to content

Not exactly sure if infected but may have unknown adware/something else?


Recommended Posts

Hi, So my PC isn't infected directly but may have adware aswell as something keeps putting security center in my start menu when i have not went to view it at all. Not sure if this is OS related or malware. Not many answers about the topic either. 

 

Before i get into it, i sadly HAVE ran CC cleaner twice prior to this. Not immediately but recent enough(Tho i hadn't used the options to there full extent, i un-selected a few items i thought it shouldn't touch). I hadn't thought about it when i used it but alas what is done is done. hope this doesn't hurt to much in this look-over.

 

Issues:

 

Minor/Possible hardware related issues:

-Clicking fails to hold click when i tell it to(Example: Selecting multiple files it will just decide to stop mid way or right away and select whatever im hovering over)

-Clicking doesn't always click(Gotta double or triple click to get a click)

-Sometimes double clicks

(Iv changed usb slot in the back of pc, issue seems to be still persisting. havent tried all but i dont think it'd make much difference if multiple are have the same issue/mouse laser is clean on clean mousepad. this is an issue with different mice)

 

Potential PC Performance issues that may or may not be related to malware:

-Not sure if this is an issue: Windows media player is activating for whatever reason on boot? And fails to terminate when i tell it to sometimes. Not sure whats causing it(Only startup programs is bitdefender, MB Anti exploit, nvidia geforce drivers and related modules so there shouldnt be a reason for it to be on i imagine)

-Might be related to set events by default: PC Randomly gets svchost.exe(which work in the windows/system32 folder[only revealed by show all processes) that suck up max memory then go back to low memory(a few thousand). One time it completely froze my system to where even CTRL ALT DLT didn't work and said "failed to load security" or something along those lines. At this point i pulled the plug on the PC since it wasn't responding at all. 

 

Biggest issue:

-But the major concerning factor here is when i visit any website, regardless of whats on it my adblock(ublock origin) will block ad's on it. Some websites(Like a youtube video) will go all the way up to 1000+ ads total blocked which leads me to suspect theres some adware on here that several scanning tools cannot find. No have i asked so far have said they have this kind of effect so i suspect its something on my end. thus iv gotten myself a little "arsenal" of tools to clean out my system and fix it. Those tools are:

Malwarebytes(and chameleon/two different files), Malwarebytes AE, malwarebytes anti rootkit beta, malwarebytes junkware removal tool, bitdefender, hitmanpro, adwarecleaner, ccleaner. And just for backup i got network adapter repair tool and regassasin. Additionally i got rkill to kill all malicious programs just incase to make sure this system works as is intended. Lastly if none of those tools work, id un-install bitdefender and install avast, try it and if fails, try kaspersky as another backup. I did install avast the other day and found nothing on it(besides performance issues), then switched to bitdefender.

 

(Why all these tools? Computer is basically my life right now and the thought of this computer breaking once again to the point where i can't fix it is basically making me heart sink to where i want to throw up)

 

Last note: Windows defender is OFF, disabled by ME due to this PC's age and how slow it gets if two anti virus's are scanning at the same time. 

 

Okay that was a mouthful and im sorry, Heres the two .txt's via pastebin. 

FRST: http://pastebin.com/yakua7AL

Addition: http://pastebin.com/YSMXzN0i

 

If this is not the place for this kind of stuff, i am sorry and please close this/Maybe send me a PM notifying me this is closed. If you can help i would greatly appreciate answers to any of whats listed above or whats going on with this PC, Or even some tips to "optimize" security and performance. (I am using a usb for extra ram if that counts for anything)

Link to post
Share on other sites

  • Staff

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • I volunteer to help you, so please, do not ask for help for your company/business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 


FRST.gif Scan with Farbar Recovery Scan Tool

 

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please upload them into your next reply.
Link to post
Share on other sites

I understand and removed the pastebin. Im just looking for guidance/help if possible and am aware your prime area is malware

 

I am okay if this kind of thing would take longer then 3 days so patience is fine by me provided my computer doesn't explode in the meantime. 

 

Tho i do wish to make a request through this process and that is 

  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.

With my anxiety i kinda can't let my PC sit through this process with me not knowing if its clean as possible, So i may be running rkill process terminator along side with hitmanpro, malwarebytes anti malware and sometimes adw cleaner and malwarebytes junkware removal tool. I hope this is what you are talking about with Scripts. If not then never mind!

If your wondering where i got these tools, i got them from the links provided here on this sub-reddit: https://www.reddit.com/r/techsupport/comments/33evdi/suggested_reading_official_malware_removal_guide/

 

Somethings to note: im confident that there is no pirated content on this PC, I have steam and own all the games installed on this PC(I can unlock my privacy to public so you can double check if you'd like). Its a relatively fresh install to(a month or more) but has the usual stuff i need like steam, required net frameworks, notepadd++, 7zip, java, chrome, opera, adblock-genre extensions to those two browsers(and nothing else). seagate related harddrive program(tested to see if it was failing, it wasn't, past 100% in all tests) and speccy. the nvidia and ccleaner stuff aside, the rest was installed via Steam or came with the install. (Silverlight and microsoft security essentials came with install, uninstall essentials and now on bitdefender)

 

Lastly i attached the two .txt's to this post. 

Addition.txt

FRST.txt

Link to post
Share on other sites

  • Staff
2eyjdoj.png Check Disk
chkdsk C: /r
  • Press the WindowsKey.png + R on your keyboard at the same time. Type cmd and click OK.
  • Copy/Enter the command below and press Enter:
  • You should get a message to schedule Check Disk at next system restart. Please type Y and press Enter.
  • All you should do now is to restart your PC and let the Check Disk process finish uninterrupted.
Check Disk report:
  • Press the WindowsKey.png + R on your keyboard at the same time. Type eventvwr and click OK.
  • In the left panel, expand Windows Logs and then click on Application.
  • Now, on the right side, click on Filter Current Log.
  • Under Event Sources, check only Wininit and click OK.
  • Now you'll be presented with one or multiple Wininit logs.
  • Click on an entry corresponding to the date and time of the disk check.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.
Link to post
Share on other sites

Log Name:      Application

Source:        Microsoft-Windows-Wininit

Date:          1/3/2016 9:15:40 PM

Event ID:      1001

Task Category: None

Level:         Information

Keywords:      Classic

User:          N/A

Computer:      VistaPC

Description:

 

 

Checking file system on C:

The type of the file system is NTFS.

 

 

One of your disks needs to be checked for consistency. You

may cancel the disk check, but it is strongly recommended

that you continue.

Windows will now check the disk.                         

  149568 file records processed.                                  

 

  817 large file records processed.                            

 

  0 bad file records processed.                              

 

  0 EA records processed.                                    

 

  47 reparse records processed.                               

 

  197946 index entries processed.                                 

 

  0 unindexed files processed.                               

 

  149568 security descriptors processed.                          

 

Cleaning up 1702 unused index entries from index $SII of file 0x9.

Cleaning up 1702 unused index entries from index $SDH of file 0x9.

Cleaning up 1702 unused security descriptors.

  24190 data files processed.                                    

 

CHKDSK is verifying Usn Journal...

  34992128 USN bytes processed.                                     

 

Usn Journal verification completed.

Windows has checked the file system and found no problems.

 

 488384511 KB total disk space.

 130809616 KB in 119216 files.

     73172 KB in 24191 indexes.

         0 KB in bad sectors.

    268919 KB in use by the system.

     65536 KB occupied by the log file.

 357232804 KB available on disk.

 

      4096 bytes in each allocation unit.

 122096127 total allocation units on disk.

  89308201 allocation units available on disk.

 

Internal Info:

40 48 02 00 3b 30 02 00 c9 0e 04 00 00 00 00 00  @H..;0..........

70 00 00 00 2f 00 00 00 00 00 00 00 00 00 00 00  p.../...........

90 d7 01 77 00 00 00 00 50 23 bb ff 00 00 00 00  ...w....P#......

 

Windows has finished checking your disk.

Please wait while your computer restarts.

 

Event Xml:


  <System>

    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />

    <EventID Qualifiers="16384">1001</EventID>

    <Version>0</Version>

    <Level>4</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x80000000000000</Keywords>

    <TimeCreated SystemTime="2016-01-04T03:15:40.000Z" />

    <EventRecordID>2340</EventRecordID>

    <Correlation />

    <Execution ProcessID="0" ThreadID="0" />

    <Channel>Application</Channel>

    <Computer>VistaPC</Computer>

    <Security />

  </System>

  <EventData>

    <Data>

 

Checking file system on C:

The type of the file system is NTFS.

 

 

One of your disks needs to be checked for consistency. You

may cancel the disk check, but it is strongly recommended

that you continue.

Windows will now check the disk.                         

  149568 file records processed.                                  

 

  817 large file records processed.                            

 

  0 bad file records processed.                              

 

  0 EA records processed.                                    

 

  47 reparse records processed.                               

 

  197946 index entries processed.                                 

 

  0 unindexed files processed.                               

 

  149568 security descriptors processed.                          

 

Cleaning up 1702 unused index entries from index $SII of file 0x9.

Cleaning up 1702 unused index entries from index $SDH of file 0x9.

Cleaning up 1702 unused security descriptors.

  24190 data files processed.                                    

 

CHKDSK is verifying Usn Journal...

  34992128 USN bytes processed.                                     

 

Usn Journal verification completed.

Windows has checked the file system and found no problems.

 

 488384511 KB total disk space.

 130809616 KB in 119216 files.

     73172 KB in 24191 indexes.

         0 KB in bad sectors.

    268919 KB in use by the system.

     65536 KB occupied by the log file.

 357232804 KB available on disk.

 

      4096 bytes in each allocation unit.

 122096127 total allocation units on disk.

  89308201 allocation units available on disk.

 

Internal Info:

40 48 02 00 3b 30 02 00 c9 0e 04 00 00 00 00 00  @H..;0..........

70 00 00 00 2f 00 00 00 00 00 00 00 00 00 00 00  p.../...........

90 d7 01 77 00 00 00 00 50 23 bb ff 00 00 00 00  ...w....P#......

 

Windows has finished checking your disk.

Please wait while your computer restarts.

</Data>

  </EventData>

</Event>

Link to post
Share on other sites

should note after i did this that when it logged back in, i was greeted with a UAC notification saying something about bitdefender after installer from programfiles/common files/bitdefender and wanted to install bitdefender but bitdefender was already installed so not sure whats going on with that area... 

Link to post
Share on other sites

  • Staff

should note after i did this that when it logged back in, i was greeted with a UAC notification saying something about bitdefender after installer from programfiles/common files/bitdefender and wanted to install bitdefender but bitdefender was already installed so not sure whats going on with that area... 

 

It was Bitdefender uninstall component. Did you try to uninstall Bitdefender? 

 

Your PC doesn't seem to be infected.

Link to post
Share on other sites

It was Bitdefender uninstall component. Did you try to uninstall Bitdefender? 

 

Your PC doesn't seem to be infected.

 

Nope, I recently installed bitdefender and that may have been the first time i rebooted since installing it. I do not wish to uninstall it ever for the time being. I did not let it uninstall aswell i was greeted by a message claiming to be from Steam about steam service and requesting uac access to install. i declined and it booted up steam when its not set to boot steam up on boot on msconfig or steam itself. Not sure why it appeared.

 

thats good, Tho i dont suppose you got any idea as to why some of the issues like mouse clicking is happening? after i ran that farbar scan tool it actually helped so im not sure what it did but i would like to know what it did so i can replicate that effect when my clicking starts to fail. 

Link to post
Share on other sites

i have two mouses, One is an optical wireless mouse bought at bestbuy. Iv cleaned the lense multiple times(With q tip and blowing of air), cleaned mouse pad, changed mouse pad and swapped usb ports. All still have this issue. 

 

Then the other day i went and bought a 21$ keyboard and mouse box set(figured id get a backup keyboard just incase this one breaks you know) and swapped into for this mouse. It did say it was optical but it seems this mouse is laser(it has a giant red laser under it) which is okay. But yet mouse issues arise.

 

Also i was talking with some friends about windows vista and they said if im having issues to turn off windows search indexer as it uses up a bunch of cpu sometimes, which im completely fine with since i dont browse files all THAT often so i tried turning it off via services but when i changed startup type from automatic to disabled it said "Access is denied". Any idea whats up with that? UAC pop up happened when i did open services so it should be able to turn it off. 

Link to post
Share on other sites

Press Start, type services.msc and then right click and Run as Administrator. Now try to disable desired service.

 

Okay that worked. Guess the msc part was important to running as admin. 

 

Is there any other processes that you may know of like search indexer that may cause performance issues? 

Link to post
Share on other sites

got any idea as to what would cause my mouse issues? If its not malware or adware, It must be something as i doubt two different mouses(one wired and one wireless) would both have the same issues in different usb ports. i havent tried the front usb port but i was once told that things are slower in the front so im not gonna try that one. 

 

Im gonna go nuts here if i dont find out whats causing my mouse to click again when im in a light weight game(like banished from steam) or even just re-arranging a bookmark and it clicks while im holding the mouse button down. 

Link to post
Share on other sites

  • Staff

21ajseu.gif Scan with HWiNFO

Download HWiNFO64 Portable and save it to your Desktop.

  • Unpack arhive and run HWiNFO64.exe
  • When Welcome window opens, click Settings and make sure to uncheck following boxes:
    • Show System Summary on Startup
    • Automatic Update
  • Click OK and then click Run
  • Wait until program analyzes your computer.
  • Click Report --> Create
  • In the next window, check Text Logfile, and then click Browse.
  • Select your Desktop and name the report as you wish. Press Save.
  • Click Next --> Finish.
  • Attach produced report in your next reply.
Link to post
Share on other sites

Installed(Took awhile like 10 minutes for all those drivers to install) and it asked to reboot and i let it reboot. Still happening, Doesn't seem to occur as much as before but if i start rapidly click-holding or even just click once it will double click. 

 

Should i try my front USB slot i guess? 

Link to post
Share on other sites

  • Staff

Let's get fresh FRST reports:

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content into your next reply.
Link to post
Share on other sites

Added.

 

Just to notify you in this post, I did modify the system(slightly) since the last post of this kind.

 

One: Windows search index is now OFF. (Done by me)

Two: Teamviewer was Installed and i let a very old friend(3/4? years now) take a look around the computer to see if he could find anything. He is in very much the same position you are and works remotely from home to work on other peoples computers. He's the one who recommended that i turn off windows search indexer if my system is running really badly. As far as i could tell as he was operating my installed tools on my system(Seagate tools) nothing out of the ordinary happened to the PC.

Three: Steam re-installed Steam Service(Link to the reddit post/image here of what the message was and statements about it: https://www.reddit.com/r/Steam/comments/3zw3rc/is_this_legit/and off topic: oh wow it got 68 upvotes)

 

Regarding #2 i do trust this guy very much so i don't think there should be anything out of the ordinary with what he did while he had access. (Also this teamviewer.exe has been on my system since the original scan, i just haven't gotten around to using it until now)

 

Im unsure if installing teamviewer(Basic installation) breached what we agreed to above, It might have now that i think about it, Sorry if it does. 

Addition.txt

FRST.txt

Link to post
Share on other sites

well this issue was with both mouses(wireless and wired). Im not sure what model or brand this is, i just went down to RedApple(A store that sells all sorts of stuff), spotted a cardboard box that sold keyboard and mouse for 21$ and claimed to be an optical wired mouse so i just went with that one. On the bottom of the mouse there is a white sticker with this written on it: KB-IM5159 that was along the top, then this is along the bottom: 8 78294 03581 3. Then below that: S/N: IMJS014102103099

 

Device manager just says HID Compliant mouse. 

 

Checked the keyboard that came with this mouse, its sticker says relatively the same thing. 

 

Im gonna try every usb port including the front and test them individually. 

Link to post
Share on other sites

so i was just playing with my mouse a bit: not in settings but ingames(where iv been testing since its easier to reproduce the issue in various games) and i noticed it wont click if im not touching anything on my keyboard but if im moving and clicking it will instantly double click? Dont suppose this is related in anyway?

Link to post
Share on other sites

  • Staff

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware
  • Click the Scan tab, choose Threat Scan is checked and click Start Scan.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and upload your next reply.
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.