Ransomware - PCEU virus

[Fryern]

Just so you know I stopped the reboot to save a copy of the log. That done the reboot was exercised. The system had already saved a copy as .log

I found out your system does not like .log so the copy you have is a .txt one of the same.

 

[Fryern]

Hi the post with the txt log doesn't appear to show on my Mac very odd
So here it is again

 

[Fryern]

Even more confused. I can't see some of my posts. So the flash drive is back - solution was to turn all the power off and go to bed!

Pc still not communicating with the hub via ethernet or wireless. Mac ok.

Complete Internet repair talks about an event log. If you need it you will have to tell me where to find it

 

[Fiery]

Got the internet log

Goto Start > right-click Computer > Click manage. On the left-hand side, select device manager (it may take a while to load all the devices).

Click the little arrow beside Network Adapter. It will list all your network drivers. Can you post all the driver names on that list?

 

[Fryern]

Atheros AR928X Wireless Network Adapter
Bluetooth Device (Personal Area Network)
Bluetooth Device (RFCOMM Protocol TDI)
Intel (R) 82567V-2 Gigabit Network Connection

It says they are all working properly!!

 

[Fiery]

You use the Atheros AR928X Wireless Network Adapter for internet access correct?

If so, right-click on Atheros AR928X Wireless Network Adapter and select Uninstall. Then click Action on the top and click scan for hardware changes. Reboot the PC afterwards.

If still no internet,

Please download Farbar Service Scanner and run it on the "infected" computer

• Check all the boxes.
• Press Scan.
• It will create a log FSS.txt in the same directory the tool is run.
• Please copy and paste the log to your reply.

 

[Fryern]

You use the Atheros AR928X Wireless Network Adapter for internet access correct?

Correct

If so, right-click on Atheros AR928X Wireless Network Adapter and select Uninstall. Then click Action on the top and click scan for hardware changes. Reboot the PC afterwards.

Right-click also brings up a tick box "delete the drive s/w for this item". Do I tick or leave blank?

 

[Fiery]

What does "s/w" mean?

When you right-click, is there an option called Properties? If so, click that, then click the driver tab. There should be an Uninstall button.

 

[Fryern]

s/w is software. So delete the hardware obvious. Now what to do with the associated software. I assumed keep it so left the box unticked. Now on re boot the operating system will find the device and load the s/w.

If I delete the s/w I don't see how it can open the device?

Scan on its way.

 

[Fiery]

Don't delete the software, just uninstall driver. When you reboot, the driver should reinstall itself

 

[Fryern]

I left the software and rebooted.

Attached is the next thing you wanted

 

[Fiery]

I see the problem, there are alot of services and registry disabled by the malware. Please try installing the Tweaking Windows Repair again. Here is the link. Download the installer from this site and try installing it again.

Also, does the Atheros AR928X Wireless Network Adapter show up in device manager now?

 

[Fryern]

So I went back to an earlier post and downloaded the s/w from your link. This time it appears to be working. Looks like it's going to be a while. I chose all the scans before the .com program. Also restore points etc. The adapter has been reinstalled on re boot.

Back soon.

Old speak s/w = software h/w =hardware

Keep

 

[Fryern]

This is coming from my PC.

Lots of cleaning up to do but ethernet is working. I'll try wireless tomorrow.

Don't hold your breath but things are looking up.

btw I got a clue that ethernet was working from a message that explorer had got a little further. So I went in via the BT CD setup to see if it could find a connection and it did. It does a search and came back positive. Staying with ethernet for now. I need to update all my security and re install MSE.

 

[Fiery]

Excellent!

Reinstall MSE and then lets do more scans.

Please download Malwarebytes' Anti-Malware from here to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version.
• When it prompts you to try their 30-day trail, click decline
• Once the program has loaded, select Perform quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
• When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidently close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

 

[Fryern]

Hi
I have been using Malware for many months and do a daily full scan.
The logs show no threats. Early on there was the odd trojan.

The log from the scan just completed is below.

Out of interest I was an AOL user before BT and I prefer their email and site. I am having no luck at the moment accessing aol except via Firefox. That is not so friendly. So I am going to download their s/w and delete the existing aol 9.6 if it works. I will stick with 9.6 for now.

Fry



Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.18.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Chris :: CHRIS-PC [administrator]

18/02/2013 09:46:00
mbam-log-2013-02-18 (09-46-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 221794
Time elapsed: 12 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

[Fiery]

Through our cleaning process, adwcleaner deleted some AOL files, hence you are not able to access AOL. Let me know if you have trouble uninstalling the program then reinstalling it.

One more scan, this will take a few hours because it's a thorough scan.

Run Eset NOD32 Online AntiVirus

Note: You will need to use Internet Explorer for this scan.
Vista / 7 users: You will need to to right-click on the Internet Explorer icon and select Run as Administrator

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Disable your current antivirus software. You can usually do this with its Notfication Tray icon near the clock.
• Click Start
• Make sure that the option "Remove found threats" is Un-checked, and the following Advance Settings are Checked
  • Scan unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Click Scan
• Wait for the scan to finish
• When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
• Save that text file on your desktop. Copy and paste the contents of that log in your next reply to this topic.
• The log can also be found in logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt

 

[Fryern]

Hi

aol I can access via Firefox. I cannot go directly into aol as I used to. I have installed aol and deleted the older version as I have done before. This has made no difference. I get a message that aol is loading the required file and then it asks for a restart. This makes no difference.

I ran MSE and it took 6 hours plus for a full scan of 2m odd items. It usually takes about 2hours. It came up clear -thanks.

I'll do the above scan etc tomorrow.

Bed time again

It's so much easier working on a big screen that shows all the content. However the Mac has done me proud.

 

[Fiery]

Ok, perform the ESET scan first. Let's make sure your PC is clean before we fix the AOL issue

Goodnight!

 

[Fryern]

Here you go then. It did find some bugs.