Possible malware

[AbstractMadness]

This morning around 10 am (its now the next day 8-22-15 at 1:50am)

At first I thought my router was the problem but I soon realized that the wifi was working fine and when I plugged in my laptop, it was working fine too. But my desktop (the one with the issue) was being weird.. The internet icon at the bottom right corner of the screen would go from "normal" to "loading" to the exclamation mark and then a red X, randomly. The connection would work to load a page and when I would click a link or reload the page or anything that was interacting with the webpage or anything internet related (like updating the virus defs) the internet icon would go through the process again and back to a red X.

I ran all the normal netsh commands to reset everything and even reset the router because why not. But nothing worked. I started searching things on my phone when I ran across an article that was from this site and thought I would give you guys a shot. So far I have installed and ran tdsskiller, awdcleaner, ccleaner, kaspersky total security, malwarebytes, avast (after I paused KS) I did not find anything with malwarebytes and ccleaner cleaned out a bunch of reg errors. But with that said, this past week I noticed that a program I had installed awhile back was popping up as a malicious attempt to connect to my pc on malwarebytes so I uninstalled it.

Even after all that, nothing would work and even trying to connect to my router via the web browser 192.168.1.1 wouldn't work either because it was off and on. I will say that I do A LOT of downloading so this is my reason for thinking it's malware related. I understand the risks but usually I dont have a problem because I have alot of security in place and take steps to avoid screwing up. I have Acronis and RollBack RX installed so "fixing the problem" is as simple as rolling back to last week. But i'm intrigued as to what the problem is, what's causing it and how I can make sure it doesn't happen again.

I almost forgot to mention, (and this is kind of important) My computer blue screened and I was able to snap a pic on my phone. The error code was 0x0000000A.

Also something I think from ADWcleaner fixed my internet issue. I booted the computer in SM and installed, updated and ran AWD and then restarted in normal and my internet has been working fine. So i'm assuming that either booting in SM fixed the problem or AWD did.

I understand the principle of not having 2 AV installed at once because it creates a redundancy, I merely installed Avast to see if it would catch anything that Kaspersky didn't. I have 5+ tb worth of info on my hard drives so scans might take some time.

I've included the FRST log in this post and hope to hear some good news

 

[AbstractMadness]

As soon as I sent this my computer froze up and the log did not load. I then tried to open cmd and was faced with this "the program can't start because WINBRAND.dll is missing from your computer. Try reinstalling the program to fix this problem." and on another window on my second screen, the "my computer" type of window that shows all the drives you have connected, reloaded itself and was missing my OS Solid State drive.

I then tried to do Ctrl+Alt+Del and was faced with
"the login process was unable to display security and logon options when Ctrl+Alt+Del was pressed. If the operating system does not respond, press ESC or restart the computer by using the power switch"

And then the Chrome window I had open crashed, all my icons dissappeared and the message
"The instruction at 0x0000000076b02b62 referenced memory at 0x0000000076b02b62. The required data was not placed into memory because of an I/O error status of 0xc000000e. Click OK to terminate the program"


soooooooo is my computer screwed??

 

[TwinHeadedEagle]

Hello,



They call me TwinHeadedEagle around here, and I'll be working with you.



Before we start please read and note the following:

• At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
• Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  
• All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
• If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
• I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.
  
• Please attach all report using
  
  button below. Doing this, you make it easier for me to analyze and fix your problem.
  
• Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay for the repair.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

 

[AbstractMadness]

oops, sorry, I forgot to include the addition log

 

[AbstractMadness]

I think it's also worth noting that I have a hardware firewall and almost 2 months ago, my desktop was hacked live while I was on it. Who ever initiated the takeover was able to take full control over my computer, shut down the program I was running, startup a whole bunch of tasks in the background while opening up a txt document and typing out my passwords one by one. Since then I have gone to extensive lengths to keep my PC safe but obviously, nothing is ever %100 safe when it comes to computers.

 

[TwinHeadedEagle]

This topic will be closed due to presence of pirated content.

Piracy policy