GeekPolice Tech TutorialsLog in

 


[INACTIVE] NetUtils2016: PC badly affected after installing program

Share

description[INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hi,
I had installed a program,(Glarysoft Malware Hunter) that was given to me,and 24 hours later i am still having major problems.
I have a desktop running Windows 10 home.

When installing the program, I unclicked all of the unwanted options that came with the program,but it appeared that they all installed anyway. I have since uninstalled that program. 

Since then, I have had approx 12-15 other programs installed  which i have removed with IObit Uninstaller, I have done two rootkit scans after avast internet security told me i had problems.

 I have run Adware removal tool 3 times and removed 46 problems initially,then the last 2 times,the same 2 problems showed and were removed.


Microsoft edge is loading dozens  of spam web pages continually and i can no longer use google chrome(which was my chosen browser) as it will not function.

I am using a laptop to communicate with you as i cannot get any sense out of my desktop at present.

Please help!!!

I have attached the OTL logs.

thank you

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello there, I'm analyzing your logs and will be back with a fix soon.

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Thank you

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello again,

Did not mean to delay this... Let's go ahead and begin with the following tools:
Disable CD Emulation Programs Temporarily

To disable CD Emulation programs using DeFogger please perform these steps:
  1. Please download DeFogger to your desktop.
  2. Once downloaded, double-click on the DeFogger icon to start the tool.
  3. The application window will now appear.  You should now click on the Disable button to disable your CD Emulation drivers
  4. When it prompts you whether or not you want to continue, please click on the Yes button to continue
  5. When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  6. If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine.  Please allow it to do so by clicking on the OK button.

Junkware Removal Tool

Please download Malwarebytes' Junkware Removal Tool and save the file to your desktop.
  • Right-click on the JRT.exe or Junkware Removal Tool icon and select Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.
Scan with AdwCleaner to ensure we got it all

Please download Malwarebytes' AdwCleaner onto your Desktop.
  • Double click on AdwCleaner_xxxx.exe to run the tool.
  • Click on Scan.
  • After done scanning, please hit Logfile. Locate the logfile in the Scan tab, double-click on it, copy the information inside of it, and paste it into your next reply.
  • You can find the logfile at C:\AdwCleaner[Sx].txt as well.

Malwarebytes' Scanner

If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes' scanner to your desktop.
  • Double-click mb3-setup-consumer-3.x.x.xxxx and follow the prompts to install the program.
  • Click Finish.
  • On the Dashboard, click the 'Check for Updates' button.
  • After the update completes, click the 'Scan Now' button.
  • A Threat Scan will begin. Please allow it to progress through the scanning process.
  • When the scan is complete, if there have been detections, click Quarantines Selected button to allow the program to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs: (Export log to save as txt)

  • After the restart once you are back at your desktop, open Malwarebytes once more.
  • Click on the Reports tab > Scan Report. (if you have done more than one scan in the past, select the most recent that shows the Date and time of the scan just performed. Press View Report button.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Find the log on your Desktop and Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

In your next reply, please include the following:

  • Log from Junkware Removal Tool
  • Log from AdwCleaner tool
  • Log from Malwarebytes Scanner

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello once more
Have followed your directions and i seem to be stuck on Malwarebytes free Threat scan Heuristics analysis , Checking for updates, for approx an hour. Is this normal? 
I will post the logs when it completes.
thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Give it a bit longer and let me know how it does

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello,
I have been unable to complete the Malwarebytes Free Threat Scan.
The first time it remained on Heuristics Analysis for approx 2 hours and froze at 'checking for updates' for almost  an hour and a half. It did not change in that time.

It was showing 243 Threats Identified. I could not remove them as the program would not respond any further.

I uninstalled malwarebytes free  using  mbam-clean.exe and then reinstalled the program again. I have now run adware cleaner again and Malwarebytes also again. This time I removed 94 infections with adware cleaner. 
Malwarebytes is now stuck in Heuristics Analysis again after being stuck for over 1.50 hours. It is now showing 100 threats identified but  shows no sign of ending with the only activity being the time elapsed timing and the Heuristics Analysis wheel rotating.

I will now shut it down for today and return again tomorrow. Hopefully with some better results.

I have attached 

  • Log from Junkware Removal Tool log

  • Log from AdwCleaner tool log ( both logs)

  • The Malwarebytes log is not available as it has failed to finish.


Thanks for you help today.

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Please run in order Junkware Removal Tool, AdwCleaner, and then the following please:

ComboFix scan

Please download ComboFix by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix

After the download:

  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello
It appears ComboFix will not work on Windows 10.
Do you have another I should use.
Thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Whoops, I overlooked that, because I had another ticket that a user had Windows 7. Goofy Apologies.

Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Right-click on FRST icon and select Run as Administrator to start the tool.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hi.
I have carried out the Farbar Recovery Scan and have attached both scans 
thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
There are many program entries in the logs for your computer for WildTangent games... Do you want to keep those? I ask, because they are showing a “hidden” flag next to them, which is suspicious activity unless you installed them yourself.

I also have noticed the use of P2P and cracks/keygens in your logs. This is highly unsafe, and the source of infection, including, as of recent, the prevalence of ransomware. Ransomware is a highly dangerous infection, which locks down your files/folders/PC requiring you to pay the hacker in order to restore access to your system. In addition, antivirus and anti-malware software cannot always “catch” an infection to block it... Therefore, I recommend the removal of uTorrent and any other programs related to torrenting. You'll be glad you did...! Smile...

Oh and did you upgrade from Windows XP to Windows 10?

Fix with Farbar Recovery Scan Tool
Notice to outside readers: This fix was created for this user for use on that particular machine.Running it on another one may cause damage and render the system unstable.
Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work! Therefore, if you placed FRST.exe in your “Geek Police” folder, then make sure fixlist.txt goes in the same location as FRST.exe.


  • Right-click on FRST icon and select Run as Administrator to start the tool.
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart of your computer, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.


Please post it to your reply.
Attachments
fixlist.txt

Fixlist.txt

You don't have permission to download attachments.

(6 Kb) Downloaded 5 times

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello,
Thank you for your advice and instructions. I will make those changes regarding utorrent.
I bought the pc with Windows 10 preinstalled.
I didn't install Wild Tangent Games or had any idea that it was installed on my pc. How do i remove that ?
I have carried out your instructions regarding Farbar recovery scan tool and I have attached the Fixlog.txt.
I await your comments
thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Very well... Now for the WildTangent Games, go to Start > type in appwiz.cpl and hit enter or choose the result from the search list. Then, in that list, look for the following entry: WildTangent Games. Please uninstall that, and it should remove all of the games along with it.

Then, please do the following:
Re-running FRST to search for any leftovers:

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST icon and select Run as Administrator to start the tool.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.




Malwarebytes' scanner
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes' scanner to your desktop.

  • Double-click mb3-setup-consumer-3.x.x.xxxx and follow the prompts to install the program.
  • Click Finish.
  • On the Dashboard, click the 'Check for Updates' button.
  • After the update completes, then, on the Dashboard, select Settings.
  • Click on Protection.
  • Ensure that Scan for rootkits is checked. If not, check it.
  • Return to the Dashboard and click the 'Scan Now' button.
  • A Threat Scan will begin. Please allow it to progress through the scanning process.
  • When the scan is complete, if there have been detections, click Quarantines Selected button to allow the program to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs: (Export log to save as txt)

  • After the restart once you are back at your desktop, open Malwarebytes once more.
  • Click on the Reports tab > Scan Report. (if you have done more than one scan in the past, select the most recent that shows the Date and time of the scan just performed. Press View Report button.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Find the log on your Desktop and Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)




Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.





  • If an infected file is detected, the default action will be Cure, click on Continue.



  • If a suspicious file is detected, the default action will be Skip, click on Continue.





  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.




  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents the report here.

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hi,
I have deleted all Wild Tangent games as per your instructions.
I have run Farbar Recovery Scan Tool again and attached logs.
I ran Malwarebytes once more and again it stuck on Heuristics Analysis with no sign of activity,so i closed it again. I have attached a screen capture of the 9 threats identified that couldn't be removed due to the scan sticking.The screen capture will be in a separate message that will follow this one.
I ran TDSSKiller.exe and it found no problems. The log is attached.
I await your comments.
Thank you again

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Permissions in this forum:
You cannot reply to topics in this forum