Infected by adware and unsure whether it's removed or not

[joltsu]

Hello,

 

a few moments ago I stumbled into some adware due to being a tad careless and running an .exe I downloaded. At first, it closed Chrome out of the blue and some time later while it was open, a sketchy online casino website popped up out of nowhere. I scanned using Malwarebytes (version 2.2.1.1043, since newer versions have refused to work for several months already for me - the process just hangs in the background and the interface never opens), which found nothing.

I downloaded adwcleaner, which found 6 potential threats. I removed them and rebooted my computer. I attempted to open both adwcleaner and Malwarebytes after this, but they would immediately shut down once the interface popped up. Googling words like 'adware' or 'adwcleaner' would result in my Chrome shutting down immediately. After downloading adwcleaner on another computer and running it from a flash drive, it showed no threats, but the browser issue persisted. I did a system restore to 4 days back, ran adwcleaner once more and removed 5 threats. After rebooting, I experienced no issues except for Malwarebytes canceling its threat scan a few seconds after initiating it, but I found out that it could be just a bug not related to this issue. Since then I've scanned my computer with Hitman Pro, adwcleaner (multiple times) and the Kaspersky virus removal tool - no threats so far.

I installed the newest version of Malwarebytes, but the same issue that I had in the past with not being able to boot it up persisted, so next I'm going to do a clean installation of the old version I've used for a scan. I've attached log files of the two adwcleaner scans that found issues, as well as logs from FRST after doing all the things I've mentioned above.

I found this thread which had an issue very similar to mine, albeit mine did not seem as difficult.

I'd just like to know whether there is something I could still do to ensure that the issue has been dealt with. Since the last cleaning done by adwcleaner I haven't encountered any issues whatsoever (except for Malwarebytes failing to scan), bringing me to believe that this issue could be solved. Some help would definitely be appreciated.

AdwCleaner[C00].txt

AdwCleaner[C01].txt

FRST.txt

Addition.txt

[joltsu]

I just scanned with RogueKiller, I attached the log below. Quick searching revealed that the detections regarding Clover might be false positives. I've also used the program for years with no issues. Also, reinstalling the old version of Malwarebytes got the scanning working again.

roguekiller.txt

Edited July 12, 2018 by joltsu

[nasdaq]

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Please download and run the Malwarebytes Cleanup Utility.

Follow the instructions on this page.
https://support.malwarebytes.com/docs/DOC-1112

After a restart of the computer Download and re-install the application.

https://www.malwarebytes.com

Let me know if you still have issues with this computer.

fixlist.txt

[joltsu]

Hello,

thanks for the reply. I ran FRST with the fixlist.txt and have attached the fixlog below. I also ran the cleanup tool and installed the newest version, but the issue persists. I have done this multiple times in the past trying to solve this issue, but it hasn't worked as of yet for some reason. While the cleanup tool was doing its job, however, I did get an error message saying "Could not stop service", referring to MBAMService.

I also attached the mbclean results file, just in case.

mb-clean-results.txt

Fixlog.txt

[nasdaq]

Hi,

I would suggest booting to safe mode with networking and try to open Malwarebytes and if it opens run a scan with rootkit scanning enabled.

https://content.invisioncic.com/Mmalware/monthly_2018_01/5a4d8c4e86bfc_Rootkitmain.png.4f471340ce8e67c5798bf49ff5a1e3b2.png

If successful post the rootkitsummary.txt log.

Restart the computer normally and Run MBAM one more time.

Keep me posted

[joltsu]

Hi,

safe mode with networking allows me to boot up MBAM, but the scan did not result in any malicious items even with rootkit scanning enabled. Upon restarting my computer after the scan, MBAM popped up instantly after logging on, but after closing it and attempting to open it again, it would not - the same issue would persist.

[nasdaq]

Hi,

Download and run the Malwarebytes Cleanup Utility
https://support.malwarebytes.com/docs/DOC-1112

When completed restart the computer normally to reset the registry.

Reinstall the Malwarebytes.

===

Can you now run the program?

[joltsu]

I did that and upon restarting and reinstalling, MBAM succesfully runs on the first try. However, once I close it and try to relaunch it later, the interface never shows up (until reinstalling again).

[nasdaq]

Hi,

Please boot to Safe Mode with Networking and run Malwarebytes.

Remove all items found.

Restart the computer normally and find out if the problem is solved.

Keep me posted.

 

 

[AdvancedSetup]

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks