Jump to content

I'm infected but can't find anything

Recommended Posts



I  get strange situations where I can't see buttones on a website where I need to click to login for example. Also noticed that I I can't installe certain extensions in Chrome which I can install in Edge .And the start of browsers etc...is very slow. Also w hen I download something  alsway see that Ihave downloaded twice, but that's not true.

I had ran a FRST Report that will attach here. 
That will tell more I guess.

Thank you

Addition.txt FRST.txt

Link to post
Share on other sites

  • Root Admin

Hello @arjenjamy

let me suggest that you try temporarily uninstalling F-Secure

Then run the following


Please follow the directions from the following topic


Then run the Avast removal utility



Let me know if that helps correct the issue or not




Link to post
Share on other sites

sorry for not replying sooner.
I had so many problems here. 
I have done what you said and it l ooked like everything was back to normal
but then it happened again. 
I had to run my pc for about 3 days ...looked beautifull and then suddenly when 
accessing a new program. Website Software, that was new I got blocked.
My screen got frozen and couldn't do anything.
This happenend to me many times before.

I tried to see what would happpen if i installed avast antivirus. First not possible.
But then i managed to do so.  It was all clean:-) I have removed F-secure.
Then I got a message that my firewall was a basic one so i tried to install zonealarm,
but i was not allowed:-) 

Finally after 3 times i succeeded.
But he's still somewhere.
Shall I run the FBAR program again?


Link to post
Share on other sites



Well, I think  he had taken over my pc completeley. 
I couldn't move anything at a given time. Blocked all my browsers and pages. Even antivirus was blocked

Then I was able to to close everything and disconnected the network and I could run a MB scan.  And found 15 cases, which MB couldn't find 

with the network running.
After that I ran the windows repair tool and it found a bunch of errors. 
Perhaps you want to take a look at what it found? 

I have attached the files,



10.4.2021_1.18.19-AM.zip MB-SCAN-REPORT.txt

Link to post
Share on other sites

  • Root Admin

The disk check was run in READ ONLY mode so it found errors but did not fix them.

Please exit out of or stop real-time protection from antivirus and run the following fix. @arjenjamy


Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

NOTE-3: As part of this fix it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.




Link to post
Share on other sites

But there's no fixlog.txt .
I had the program running from a special mao as seen in the image attached.
IF you look at the file frst64  you'l see tht its the 2nd download. But i have downloaded it ONLY once.
This happens all the time, as if someone is grabbing the 2nd one!

But No fixlog.txt there


Link to post
Share on other sites

Hi ,

I have seen no takenover my website or screen .
What I still had noticed is that however the screen is smaller now it still happens that

when restarted after windows start I get two flashing DOs black screens appearing very fast

and away again. They were bigger before, now they're smaller. 


Link to post
Share on other sites

  • Root Admin

Many things are going on when a computer starts. Having a DOS style screen show up is not uncommon and alone does not mean there is an issue.

Please start the Farbar FRST program again and click on the SCAN button. Make sure there is a checkmark in the Addition.txt check box.
Then post back both new logs.


Next, please get me an Autoruns log

Create an Autoruns Log:

  • Please download Sysinternals Autoruns from here.
  • Save Autoruns.exe to your desktop and double-click it to run it.
  • Once it starts, please press the Esc key on your keyboard.
  • Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures and Check VirusTotal.com and Submit Unknown Images
  • Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.
  • When it's finished, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop and close Autoruns.
  • Right-click on the Autoruns.arn file on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder
  • Attach the Autoruns.zip folder you just created to your next reply






Link to post
Share on other sites



Last night I had put my pc to sleep and today I want to start again. 
No screen! Dark

I found your email to download where it says start downloading "here".
Websute blocked Can't go to the site. 
I'm telling you. Someone is blocking me in such a way that even any software or expert can find.

This is different from all viruses or hackers i had before.

I'm really helpless with this problem. 

I have to login 3 times on my mobile since I had connected it a week ago  to my pc. 



Link to post
Share on other sites

Oh , forgot to m ention.

I could not signout of google or other email program.
I had to swith the pc off. 
When restarted i was still logged into these prgrams.

Someone is taking over my pc.
I think my windows installation should be checked as well. 
Maybe I login to his pc or his account?  I have no idea how that works. Im just saying.


Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.