What do I do? Please help me! [Internet connection]

[Sass Drake]

• Open Notepad (click Start button -> type notepad.exe -> press Enter)
• Copy text from code block below and paste it into Notepad

Code: [Select]

HKLM-x32\...\Run: [chrome] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --headless --disable-gpu --remote-debugging-port=9222 hxxp://mi-de-ner-nis3.info/cdn-37.html?t=0.4
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0EE3BE16-5A42-4419-B8BA-9680A80DBB10} - System32\Tasks\FastDataX Task => C:\PROGRA~2\FASTDA~1\FASTDA~1.EXE
Tcpip\Parameters: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{4C64E1C4-3495-4D7A-8109-C961B000B025}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{532E43E3-D068-40CA-A3F9-1384E66BABDE}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{532E43E3-D068-40CA-A3F9-1384E66BABDE}: [DhcpNameServer] 82.163.142.9
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\636559140.js [2017-04-27] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\636559140.cfg [2017-04-27] <==== ATTENTION
Shortcut: C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Eхрlorer.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firеfoх.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.xoferif.bat ()
Shortcut: C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfoх.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.xoferif.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аvast SаfеZоnе Browsеr.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.rehcnual.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfоx.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.xoferif.bat ()
C:\Users\Karam\AppData\Roaming\Browsers
C:\ProgramData\{3ef26ccf-212c-1}
C:\PROGRA~2\FASTDA~1
EmptyTemp:

• Go to File -> Save As
• Make sure that  UTF-8 is selected as Encoding (left side of Save button)
• Save it as fixlist.txt on Desktop
• Open again FRST and click on button Fix
• Wait until FRST finishes
• fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.

[Nodar]

I am very very sorry I uninstalled some Software I thought that may solve my problem but No, It didn't.
I will send you new logs.
And I am sorry again.

I have some questions please,
Won't the software harm the system if I click on "Fix" button? What I mean is maybe it is not smart software.  Nothing is guaranteed about it.
And what does fixlist.txt do?
And should I select all the options so it fixes them?  Registry, Services, Drivers, Processes, Internet.
If yes, then why not choosing only "Internet" Option? I only have problem with my internet connection, I can access my network  but can't access the internet.

[Sass Drake]

When you click on Fix button, FRST will look for fixlist.txt and do what is instructed in fixlist.txt. Options Registry, Services, Drivers, Internet are scan options and they control what will appear in scan log. Follow instructions I gave please.

[Nodar]

OK but I see in the fixlist "Mozilla firefox". so I must tell you that I uninstalled Mozilla firefox too. I am sorry for that.

So I think the new logs have the latest information, That is why I sent you them. Shouldn't I use a new fixlist.txt because of the new logs?

or Should I still use the old fixlist you gave me?

[Sass Drake]

Doesn't matter if you uninstalled Firefox. Just follow the instructions.

[Nodar]

Ok I followed the instructions and clicked on "fix" and sent you Fixlog.txt

I still have problem and I noticed that my IP address got changed, but the location is the same.
And I feel that the period got decreased, I mean maybe every 10 minutes or 15 minutes or even less than 10 minutes , the problem happens again.
it was 30 - 60 minutes,and now it is 10 -15 minutes or less than 10 minutes. I can't spend an hour without losing connection.

[Sass Drake]

Post fixlog.txt here.

[Nodar]

Code: [Select]

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-05.2019
Ran by Karam (18-05-2019 01:14:15) Run:1
Running from C:\Users\Karam\Desktop
Loaded Profiles: Karam (Available Profiles: Karam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [chrome] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --headless --disable-gpu --remote-debugging-port=9222 hxxp://mi-de-ner-nis3.info/cdn-37.html?t=0.4
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0EE3BE16-5A42-4419-B8BA-9680A80DBB10} - System32\Tasks\FastDataX Task => C:\PROGRA~2\FASTDA~1\FASTDA~1.EXE
Tcpip\Parameters: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{4C64E1C4-3495-4D7A-8109-C961B000B025}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{532E43E3-D068-40CA-A3F9-1384E66BABDE}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{532E43E3-D068-40CA-A3F9-1384E66BABDE}: [DhcpNameServer] 82.163.142.9
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\636559140.js [2017-04-27] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\636559140.cfg [2017-04-27] <==== ATTENTION
Shortcut: C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Eхрlorer.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firеfoх.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.xoferif.bat ()
Shortcut: C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfoх.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.xoferif.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аvast SаfеZоnе Browsеr.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.rehcnual.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfоx.lnk -> C:\Users\Karam\AppData\Roaming\Browsers\exe.xoferif.bat ()
C:\Users\Karam\AppData\Roaming\Browsers
C:\ProgramData\{3ef26ccf-212c-1}
C:\PROGRA~2\FASTDA~1
EmptyTemp:
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\chrome" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EE3BE16-5A42-4419-B8BA-9680A80DBB10}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EE3BE16-5A42-4419-B8BA-9680A80DBB10}" => removed successfully
C:\WINDOWS\System32\Tasks\FastDataX Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastDataX Task" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4C64E1C4-3495-4D7A-8109-C961B000B025}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{532E43E3-D068-40CA-A3F9-1384E66BABDE}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{532E43E3-D068-40CA-A3F9-1384E66BABDE}\\DhcpNameServer" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
C:\Program Files (x86)\mozilla firefox\defaults\pref\636559140.js => moved successfully
C:\Program Files (x86)\mozilla firefox\636559140.cfg => moved successfully
C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Eхрlorer.lnk => moved successfully
C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firеfoх.lnk => moved successfully
C:\Users\Karam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfoх.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аvast SаfеZоnе Browsеr.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfоx.lnk => moved successfully
C:\Users\Karam\AppData\Roaming\Browsers => moved successfully
C:\ProgramData\{3ef26ccf-212c-1} => moved successfully
"C:\PROGRA~2\FASTDA~1" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16142581 B
Java, Flash, Steam htmlcache => 3409 B
Windows/system/drivers => 1299544632 B
Edge => 0 B
Chrome => 121913892 B
Firefox => 431771183 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 7676402 B
systemprofile32 => 336682503 B
LocalService => 1450820 B
NetworkService => 607262 B
Karam => 1470921471 B

RecycleBin => 0 B
EmptyTemp: => 3.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:14:51 ====

[Sass Drake]

Post new FRST.txt and Addition.txt logs.

[Nodar]

New Logs

[Sass Drake]

• Open Notepad (click Start button -> type notepad.exe -> press Enter)
• Copy text from code block below and paste it into Notepad

Code: [Select]

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

• Go to File -> Save As
• Make sure that  UTF-8 is selected as Encoding (left side of Save button)
• Save it as fixlist.txt on Desktop
• Open again FRST and click on button Fix
• Wait until FRST finishes
• fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.

[Nodar]

Code: [Select]

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Karam (19-05-2019 16:40:35) Run:2
Running from C:\Users\Karam\Desktop
Loaded Profiles: Karam (Available Profiles: Karam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
*****************

HKLM\SOFTWARE\Policies\Mozilla => removed successfully

==== End of Fixlog 16:40:35 ====

I still have the problem, I got "limited" word under my network name and lost connection. So I reconnected again.

[Sass Drake]

Do you have other PC, phone or tablet in same network and if you have, dou you have same problem on them?

[Nodar]

Actually I have another PC, but its case is different,     it can access the network but it can't access the internet [AT ALL].
in the past it was working fine, then I stopped using it for months, then someday I turned it on and I found it very slow -[I looked at task manager then I found             "System Process" it uses too much of the CPU,  CPU Usage maybe 90 - 97 , I don't know why]-,  and can't access the internet.
I don't why it is slow, maybe because I didn't clean it years ago with a blower. And I don't know why it doesn't have access to the internet.

[Sass Drake]

According to logs your PC is clean. Can you test with Google Chrome instead of Avast Browser?