Jump to content

No internet after scan part 2


Recommended Posts

Hello
  I have been working with one of your techs to resolve an inability to connect to internet after a malware bytes scan. I was instructed to start a new thread for trojan removal.
I am attaching the 3 files that were requested and told that someone here could walk me through the next steps.
Thanks!

Addition.txt

FRST.txt

mb-check-results.zip

Link to post
Share on other sites

  • Root Admin

Hello @rascalphoto

Let's go ahead and scan for other possible threats

 

Please run the following steps and post back the logs when ready.

STEP 01
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 02

 

 

adwcleaner_new.png Fix with AdwCleaner

 

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

STEP 03
Download Sophos Free Virus Removal Tool and save it to your desktop.
 

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View Log file (bottom left-hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found, please confirm that result.

STEP 04
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Link to post
Share on other sites

Hello Ron, here are the requested files. The Sophos scan was clean. When I finished making a screen shot of the Sophos window, a malwarebytes window popped up indicating a trojan. I screen shot that too. Please let me know how to proceed.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 7 Home Premium x64
Ran by Teef (Administrator) on Wed 07/12/2017 at 21:30:32.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


File System: 135

Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\Users\Teef\AppData\Roaming\Mozilla\Firefox\Profiles\6yf57y5p.default-1397346305713\searchplugins\norton-safe-search.xml (File)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SBRK5DC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SNWMWTY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1IIKX9V2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KCE4IXT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YXEZ2D7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23LONFBS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3EV9MPAH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3FBBZUIG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NDGYV7N (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3SH5CPWI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5G1PUA6F (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5N35WC33 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5UD34RT9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6D8V4D03 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77EC6V2Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8Z4TQKEN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98G9322V (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TD4KYG1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TT01WU0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9Y2BZQNY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BL6BQQTH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BTVBJEAT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D77F10TS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DI1O12G7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EADHF9IK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHGG4IOP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EY8LIFOQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F3QYQJXY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FV5GCAYT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GKACWE7Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GXILY5IZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ8THWVL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKGXTIFZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0HEMTVG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXEX3U0R (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KB6N1C3D (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRLDYIYC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCIC02DY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIJNGIWS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NNBLHNCV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NP2MWADH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQEU1LGV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OWPJMBZY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P54IMKN3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1R9C3YN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QJDFBO5I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RH3QSNNC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8JPIZ2T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SHR675Q1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB7I9XUV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TT7039IF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7UB5BRT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V2OAUAEZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDGLOW03 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKHOSWCD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VYJA65JT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2WCHH7A (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XI2UZ2Y1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM16SM65 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YE8N5IGZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIWPA2GQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKFSA77W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YSMRPJ6A (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Teef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWRH0YWA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SBRK5DC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SNWMWTY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1IIKX9V2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KCE4IXT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YXEZ2D7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23LONFBS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3EV9MPAH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3FBBZUIG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NDGYV7N (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3SH5CPWI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5G1PUA6F (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5N35WC33 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5UD34RT9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6D8V4D03 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77EC6V2Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8Z4TQKEN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98G9322V (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TD4KYG1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TT01WU0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9Y2BZQNY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BL6BQQTH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BTVBJEAT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D77F10TS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DI1O12G7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EADHF9IK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHGG4IOP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EY8LIFOQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F3QYQJXY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FV5GCAYT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GKACWE7Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GXILY5IZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ8THWVL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKGXTIFZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0HEMTVG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXEX3U0R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KB6N1C3D (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRLDYIYC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCIC02DY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIJNGIWS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NNBLHNCV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NP2MWADH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQEU1LGV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OWPJMBZY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P54IMKN3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q1R9C3YN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QJDFBO5I (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RH3QSNNC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8JPIZ2T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SHR675Q1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB7I9XUV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TT7039IF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7UB5BRT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V2OAUAEZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDGLOW03 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKHOSWCD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VYJA65JT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2WCHH7A (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XI2UZ2Y1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM16SM65 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YE8N5IGZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIWPA2GQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKFSA77W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YSMRPJ6A (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWRH0YWA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\SysWOW64\REN11C7.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\REN11C8.tmp (File)

 

Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} (Registry Key)

 

# AdwCleaner v6.047 - Logfile created 12/07/2017 at 21:54:29
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-19.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Teef - JOHN-PC
# Running from : C:\Users\Teef\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

 

***** [ Services ] *****

 

***** [ Folders ] *****

 

***** [ Files ] *****

 

***** [ DLL ] *****

 

***** [ WMI ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key deleted: HKU\S-1-5-21-4271585248-1344782898-670633372-1001\Software\Softonic
[#] Key deleted on reboot: HKCU\Software\Softonic
[-] Key deleted: HKLM\SOFTWARE\systweak
[#] Key deleted on reboot: [x64] HKCU\Software\Softonic


***** [ Web browsers ] *****

 

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1868 Bytes] - [12/07/2017 21:54:29]
C:\AdwCleaner\AdwCleaner[S0].txt - [2090 Bytes] - [12/07/2017 21:54:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2014 Bytes] ##########

 

19 hours ago, AdvancedSetup said:
  •  
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
    I see no check symbol, so I am writing check. I have run it before.

 

 

 


 

Addition.txt

clean.JPG

FRST.txt

malware.JPG

Link to post
Share on other sites

  • Root Admin

Thanks. Can you please attach logs. Posting directly to the forum the software sometimes does not render the logs correctly.

 

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

Thanks

Ron

 

Edited by AdvancedSetup
Link to post
Share on other sites

  • Root Admin

Please start an elevated Admin command prompt and type the following one by one and pressing the Enter key at the end of each line.
Then shut the computer down and power off. Then turn the power off on your router as well. Leave both off for 2 minutes with no power.
After 2 minutes go ahead and turn your router back on and leave it running for 2 minutes. Then power your computer back on.
 

ipconfig /flushdns
nbtstat -R
arp -d *
netsh branchcache reset
netsh advfirewall reset
netsh winsock reset
netsh int ipv4 reset
netsh int ipv6 reset
netsh int ip reset c:\resetlog.txt

After the computer powers back on and you're back to the desktop please run the following again from an elevated admin command prompt
 

netsh interface tcp show global
IPCONFIG /ALL

Post back the results of each of those last 2 commands.

Thanks

Ron

 

Link to post
Share on other sites

  • Root Admin

Please review the following website and read it before continuing and then do a Hard Reset back to Factory Defaults for your router.
This information is only for resetting the router DO NOT erase, install, or update the firmware, just reset your router to factory defaults.

Reset And Reboot

Hard reset or 30/30/30

 

Edited by AdvancedSetup
Link to post
Share on other sites

  • Root Admin

Are you using Wireless or a network cable to your router?

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

 

Link to post
Share on other sites

Hi Ron
  We actually have both. The computer uses a wireless system but it has the ethernet cord and local network available. One of the things that our internet provider did while I was on the phone with them, was to check both of those connections.
 The log that posted was named MTB. Please let me know if I missed something. Also, for the "list devices" option, I checked the "all" box. Please let me know if I need to redo it with one of the other options.
Thank you again for you prompt responses to this really frustrating problem.

MTB.txt

Link to post
Share on other sites

  • Root Admin

The Wired network has an IP address   IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred)

The wireless network, does not.   Autoconfiguration IPv4 Address. . : 169.254.194.76(Preferred)

The 169. means it cannot connect and get an IP address.

Please restart the computer and tap the F8 key. There should be an option to start in Safe Mode with Networking. Please try that.

Then see if you can run the following and post back the results.

 

TRACERT GOOGLE.COM

Then try this one

TRACERT 8.8.8.8

 

Thanks

Ron

 

Link to post
Share on other sites

  • Root Admin

I'm sorry, my fault.

Please click on Start and type in CMD.EXE and when it shows on the menu right click and select "Run as administrator"

Then in that DOS command prompt type the following and press the Enter key on the end.

 

TRACERT GOOGLE.COM

then try this one

TRACERT  8.8.8.8

 

Link to post
Share on other sites

  • Root Admin

Is this in Safe Mode with Networking or in Normal Windows mode?

This shows that the network connection is working and able to reach out by IP address. The first call shows it can't find Google, which means that your DNS (Domain Name System) is not working correctly.

Please review the site here and try setting up your DNS to use the Google Public DNS

https://developers.google.com/speed/public-dns/

https://developers.google.com/speed/public-dns/docs/using

 

Link to post
Share on other sites

Yes, that was in safe mode. I followed your last directions and lo and behold...internet! It's a miracle! Thank you!
I am attaching the report that came up after, as it looks like the computer is still not running properly. Can you advise me on how to proceed. I feel a bit over my head in tech stuff, so I don't want to mess anything up.
 Can you also answer if there is a way to tell when the initial virus happened or how it got in.
Thank you...
THANK YOU!

IP connectinity.JPG

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.