erikc4l Posted May 26, 2017 ID:1130257 Share Posted May 26, 2017 (edited) Hi, a couple days ago I noticed I was receiving this cmd prompt popup for like a second and go away. In the title bar it said something about microsoft office. Seemed pretty fishy to me so I ran malwarebytes and did a scan but no threats came up. Then I used adwarecleaner from malwarebytes and a threat came up by the name of C:\END I hit clean and restarted the computer. Computer worked fine after that but a couple minutes later I was kicked off my game and everything started lagging. My wifi adapter disconnected me from my network and would no longer let me connect to any network or even look at available networks. It was just completely disabled and I couldn't open the network and sharing center either. Right now I can access the network and sharing center but my wifi adapter is completely disabled and I have no idea how to fix it. I've also tried to do a system restore twice but it gives me an error each time. I can't get on the internet on that computer, but I do have a spare laptop that I can use to transfer files and stuff onto there if needed. I'm not sure if this C:\END thing is a virus or not? I ran the Farbar recovery tool and have attached the logs. Also a picture of the error it keeps giving me when I try to do a system restore. Thanks in advance FRST.txt Addition.txt Edited May 26, 2017 by erikc4l Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 26, 2017 Root Admin ID:1130326 Share Posted May 26, 2017 Hello @erikc4l and I don't see any obvious infection, but there are errors in the Event Logs including a Shell which can probably cause various unexpected results in Windows. We'll go ahead and scan for any potential malware though just to make sure. Please restart the computer first and then run the following steps and post back the logs as an attachment when ready.STEP 01 Please download Junkware Removal Tool to your desktop. Shutdown your antivirus to avoid any conflicts. Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP. The tool will open and start scanning your system. Please be patient as this can take a while to complete. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next reply message When completed make sure to re-enable your antivirus STEP 02 Fix with AdwCleaner Please download AdwCleaner by Xplode and save the file to your Desktop. Right-click on icon and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan. When finished, please click Clean. Your PC should reboot now. After reboot, logfile will be opened. Copy its content into your next reply. Note: Reports will be saved in your system partition, usually at C:\Adwcleaner STEP 03 Download Sophos Free Virus Removal Tool and save it to your desktop. Double click the icon and select Run Click Next Select I accept the terms in this license agreement, then click Next twice Click Install Click Finish to launch the program Once the virus database has been updated click Start Scanning If any threats are found click Details, then View Log file (bottom left-hand corner) Copy and paste the results in your reply Close the Notepad document, close the Threat Details screen, then click Start cleanup Click Exit to close the program If no threats were found, please confirm that result. STEP 04 Please download the Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Link to post Share on other sites More sharing options...
erikc4l Posted May 27, 2017 Author ID:1130687 Share Posted May 27, 2017 Hi thank you for replying to me. I've followed your instructions and here are the logs. Sophos found nothing. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Home x64 Ran by happy birthday nigga (Administrator) on Fri 05/26/2017 at 22:25:15.14 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 05/26/2017 at 22:29:28.60 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v6.047 - Logfile created 26/05/2017 at 22:02:46 # Updated on 19/05/2017 by Malwarebytes # Database : 2017-05-26.6 [Server] # Operating System : Windows 10 Home (X64) # Username : happy birthday nigga - BIGFOIG # Running from : C:\Users\Erik\Desktop\adwcleaner_6.047.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Web browsers ] ***** No malicious Firefox based browser items found. No malicious Chromium based browser items found. ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1012 Bytes] - [24/05/2017 22:30:32] C:\AdwCleaner\AdwCleaner[S0].txt - [1148 Bytes] - [24/05/2017 22:29:50] C:\AdwCleaner\AdwCleaner[S1].txt - [1683 Bytes] - [24/05/2017 22:48:55] C:\AdwCleaner\AdwCleaner[S2].txt - [1222 Bytes] - [26/05/2017 22:02:46] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1295 Bytes] ########## FRST.txt Addition.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 27, 2017 Root Admin ID:1130702 Share Posted May 27, 2017 As suspected no obvious malware, but also not full of too many errors. Please visit each of the following sites and let's reset all of your browsers back to defaults to prevent unexpected issues. If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in. Internet ExplorerHow to reset Internet Explorer settings Firefox Click on Help / Troubleshooting Information then click on the Reset Firefox button. Chrome I would like to reset Chrome back to defaults to completely clear out what is going on with Chrome. You can keep your “Bookmarks” if you want to keep them, but you have to export them first – >> Export Bookmarks << – Everything else should be removed. Then I need you to go to >> Google Sync << and sign into your account. Scroll down until you see the “reset sync” button and click on the button At the prompt click on “Ok”. .Reset Your Browser Settings . In the top-right corner of the browser window, click the “Chrome Menu” icon (Three horizontal lines) Select “Settings”. At the bottom, click “Show advanced settings…” Scroll down until you see “Reset settings”, Then click on the button “Reset Settings”. In the dialog that appears, click “Reset”. .Close Chrome and restart it and check it out for me please Link to post Share on other sites More sharing options...
erikc4l Posted May 27, 2017 Author ID:1130726 Share Posted May 27, 2017 Ok I don't have IE or firefox installed so I just followed the instructions for Chrome. I did everything and restarted it but it still shows the same webpages and stuff on the new tab page. The bookmarks are also still there. Is that what was supposed to happen or am I not doing this right? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 30, 2017 Root Admin ID:1131454 Share Posted May 30, 2017 Are you running a special version of Windows released to Europe that had Internet Explorer removed by Microsoft or you read some page and removed it on your own? Somewhere along the line I'd have to believe you've not reset something in Chrome as a good cleanup should restore it exactly back to the way it was the day you first installed it. Please download and install Firefox temporarily and make sure it all works. Then do the clean up of Chrome again, then after you've cleaned it, Export your bookmarks so you don't lose them. Then go ahead and uninstall Chrome temporarily (we'll reinstall it a bit later on) and run FRST again and post back both logs and I'll take a look. Thanks Ron Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 2, 2017 Root Admin ID:1148602 Share Posted August 2, 2017 We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.Thank you and sorry we missed your topic. Link to post Share on other sites More sharing options...
Recommended Posts