Avast WEBforum

Other => Viruses and worms => Topic started by: REDACTED on April 01, 2015, 09:21:43 PM

Title: Think i have a virus???
Post by: REDACTED on April 01, 2015, 09:21:43 PM

Hello, my laptop has severely slowed down and all the icons have gone very small on the desktop. Im pretty sure it has viruses. Could i get any assistance with this please?

Title: Re: Think i have a virus???
Post by: essexboy on April 01, 2015, 09:35:23 PM

Follow the steps here https://forum.avast.com/index.php?topic=53253.0

Then attach the logs in this thread

Title: Re: Think i have a virus???
Post by: REDACTED on April 01, 2015, 11:25:52 PM

Okay, cheers essexboy. Here are the requested logs.

The file named protection log is from malwarebytes, and the scan file will be attached in the next reply. cheers

Title: Re: Think i have a virus???
Post by: REDACTED on April 01, 2015, 11:27:05 PM

malware scan log

Title: Re: Think i have a virus???
Post by: essexboy on April 02, 2015, 04:16:21 PM

Could you let me know what problems remain after this

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

Quote

CreateRestorePoint:
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll File Not Found
AppInit_DLLs:  c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
HKU\S-1-5-21-4255502416-1693395883-2113489983-1001\Software\Classes\.exe:  =>  <===== ATTENTION!
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe
(https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG)
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S0].txt as well.
  

Title: Re: Think i have a virus???
Post by: REDACTED on April 02, 2015, 07:05:51 PM

Okay so we ran the fix and here is the fix log.

Title: Re: Think i have a virus???
Post by: essexboy on April 02, 2015, 07:36:04 PM

Once you have run AdwCleaner could you let me know what problems you have

Title: Re: Think i have a virus???
Post by: REDACTED on April 02, 2015, 07:42:00 PM

Here is the adware cleaner log

Title: Re: Think i have a virus???
Post by: essexboy on April 02, 2015, 07:43:41 PM

What are the current problems ?

Title: Re: Think i have a virus???
Post by: REDACTED on April 02, 2015, 07:51:45 PM

Well the laptop turns on alot faster now, so thanks. But the icons are small on the desktop still and it seems like certain programs like mozilla take a long time to load up. Apart from that its alot better.

Title: Re: Think i have a virus???
Post by: essexboy on April 02, 2015, 08:02:55 PM

Have you changed the icons within windows to small ?

Title: Re: Think i have a virus???
Post by: REDACTED on April 02, 2015, 08:04:09 PM

no, just was like that when i turned it on one day, is there a way to enlarge them in the settings?

Title: Re: Think i have a virus???
Post by: essexboy on April 02, 2015, 08:36:48 PM

Changing icon size ..  http://social.technet.microsoft.com/wiki/contents/articles/909.changing-windows-7-desktop-icons-size.aspx

Subject to no further problems   :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems 

Now the best part of the day ----- Your log now appears clean  :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset  System Restore points:

Remove tools

Download and run Delfix (http://www.bleepingcomputer.com/download/delfix/)
Select the options as shown
(https://dl.dropboxusercontent.com/u/73555776/delfix.JPG)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent (http://www.foolishit.com/vb6-projects/cryptoprevent/) install this programme to lock down and prevent crypto ransome ware

(https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG)

Malwarebytes (http://www.malwarebytes.org/mbam-download.php).

Update and run weekly to keep your system clean

Unchecky (http://unchecky.com/)

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme  ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide  Best security practices  (http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/)Keep safe  :wave: