[Fide84]

Hi, I have a pc running Windows 8.  Ended up getting a virus from 4share a few days ago, which seems to be slowing my browser (Firefox), as well as (at one point; it's gone now, as running Malbytes seemed to make it disappear, even though the program didn't find anything) causing an un-deleteable desktop icon for "Home network" to pop up. 

 

I ran rkill, which did show a (x86)\System Recovery type entry was stopped.  Then ran TFC, then both Malbytes anti-malware and Avira anti-virus, but both programs claimed they didn't find any infected items.  However, every time I start my computer, I run rkill first thing, and every time, it shows one malicious process stopped, but in a different file location each time.  Virus hasn't stopped me from downloading updates for Malbytes or or Avira, but won't let me download Windows Update security patches.

 

Any help is much appreciated, this has been driving me NUTS. 

 

 

~Fide84

Edited by Fide84, 10 May 2014 - 10:32 AM.

[Advertisements]

Could you post the rkill log please

Download OTL to your Desktop
Secondary link

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
  
• Select All Users
• Select LOP and Purity
• Under the Custom Scan box paste this in
  
  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  c:\program files (x86)\Google\Desktop
  c:\program files\Google\Desktop
  dir "%systemdrive%\*" /S /A:L /C
  /md5start
  rpcss.dll
  /md5stop
  CREATERESTOREPOINT
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Attach both logs

[Essexboy]

Could you post the rkill log please

Download OTL to your Desktop
Secondary link

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
  
• Select All Users
• Select LOP and Purity
• Under the Custom Scan box paste this in
  
  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  c:\program files (x86)\Google\Desktop
  c:\program files\Google\Desktop
  dir "%systemdrive%\*" /S /A:L /C
  /md5start
  rpcss.dll
  /md5stop
  CREATERESTOREPOINT
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Attach both logs

[Fide84]

Just to let you know, upon downloading OTL prior to starting my thread, I gave it a run on default settings (box not checked to "scan all users," "LOP check," or "Purity check," and no custom scan info), to make sure it didn't have any problems running.  At that time an OTL and an Extras log were produced. 

 

Having just run the program again to your specifications, a new OTL log was created, but not another Extras log.  Am including the most recent OTL log, along with the original/only Extras log produced.  If this won't provide enough info, or the exact info you need, please let me know and I can try running OTL yet again.

 

 

I haven't restarted my computer since using rkill right after logging on, but running rkill right now gives me this log:

 

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Lindsey on 05/10/2014 at 10:23:46.


Processes terminated by Rkill or while it was running:


C:\Users\Lindsey\Downloads\OTL.exe
C:\Users\Lindsey\Important Stuff\rkill.com


Rkill completed on 05/10/2014  at 10:24:09.
 

 

ETA: Restarted my computer, and a new rkill run doesn't show any malicious processes:

 

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Lindsey on 05/10/2014 at 10:42:36.


Processes terminated by Rkill or while it was running:


C:\Users\Lindsey\Important Stuff\rkill.com


Rkill completed on 05/10/2014  at 10:42:48.

~~~

 

However, having restarted, Windows is now displaying hidden files and file extention names, which it hadn't been set to allow, prior to restart.

 

 

~Fide84

Attached Files

•  OTL.Txt   140.14KB   110 downloads
•  Extras.Txt   49.7KB   152 downloads

Edited by Fide84, 10 May 2014 - 11:49 AM.

[Essexboy]

Nothing apparent there, could you reboot and run Rkill again then post the log.  Then I can see what it is flagging

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.