[Silas-wolf-fang]

Just yesterday I ran a boot-time scan for my computer and it came up as having about 7 different iBryte-j(something) infected files. I only let the scan run through to 49% because it was taking hours to complete. When I went on the Internet afterward I could not get on. The proxy server wouldn't work. Every program that uses Internet connection works fine, like Spotify and such, but the Internet itself won't work. I use Firefox, and I tried it with Internet Explorer as well... No luck.

Today I ran a quick scan with Avast and it said that I had a Malware-gen. I moved it to chest.

I ran a scan with OTL but, using the iPad to type this and having no internet connection on my computer, I don't really have a way of getting it to you. This might be very difficult

I really appreciate any help on this!! Thank you!

Edited by Silas-wolf-fang, 18 February 2015 - 09:31 PM.

[Advertisements]

Hi. My name is Brian, and I would be happy to look into your issue.
 

- General Instructions -

• Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
• I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
• Any fixes provided by myself are for this log file only and should not be used on any other systems.
• Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
• It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
• You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
• Please feel free to ask any questions, especially if you are having problems with my instructions.

- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

OK, let's see what we can do. Do you know what Operating System you have? (i.e. Windows XP, Vista, 7, 8, 8.1).

 

 

If you don't know, you can look at your start button in the lower left corner of the computer screen and comparing to the pictures below. Let me know.
 
               Windows 8.1
Windows 8 (Note: You won't see this in the lower left corner unless you hover your mouse in the bottom left corner of the screen)
               Windows 7
            Windows Vista
   Windows XP

 

 

[BrianDrab]

Hi. My name is Brian, and I would be happy to look into your issue.
 

- General Instructions -

• Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
• I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
• Any fixes provided by myself are for this log file only and should not be used on any other systems.
• Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
• It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
• You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
• Please feel free to ask any questions, especially if you are having problems with my instructions.

- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

OK, let's see what we can do. Do you know what Operating System you have? (i.e. Windows XP, Vista, 7, 8, 8.1).

 

 

If you don't know, you can look at your start button in the lower left corner of the computer screen and comparing to the pictures below. Let me know.
 
               Windows 8.1
Windows 8 (Note: You won't see this in the lower left corner unless you hover your mouse in the bottom left corner of the screen)
               Windows 7
            Windows Vista
   Windows XP

 

 

[Silas-wolf-fang]

Thank you for getting back to me, this issue is terrible I appreciate it!

My operating system is Windows 7 Home Premium

[BrianDrab]

No problem. I'm going to have you run a different tool to create logs and then try to have you boot into Safe Mode With Networking and then submit it.

 

Fresh Set of Logs Needed
If you are able to download files to your computer please do the following. If not, skip bullets#1-6 and continue from there.
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
    Only one of them will run on your system, that will be the right version.
2. Right click on the file and select Run as administrator (If you don't have this option simply double-click the file to open). When the tool opens click Yes to disclaimer.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should be the desktop)
5. Please copy and paste log back here.
6. The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.
     Note: Please do not attach any logs unless specifically requested. It's easier if you simply copy and paste them into your reply. It's OK if you have to use more than one post to do so.

 

 

If you are Not able to download files then please try to boot into Safe Mode with Networking using the instructions below. Then go ahead and try to follow the previous steps to produce the logs.

 

1. Shut down your machine and leave it off for 10 seconds.

2. Power on your machine and begin tapping the F8 key about a second apart for each tap while your computer is booting to get the Advanced Boot Options Menu and selecting Safe Mode With Networking as shown below. 
 

 
 
Let me know please. Thanks.

[Silas-wolf-fang]

I can't access the Internet whatsoever, so I won't be able to download anything. I tried the Safe Mode with Networking, but even that didn't work D: it still keeps saying "Proxy Server is refusing connections"

I myself am suspicious about the Avast Boot Time scan that I ran; maybe it mistook a good, Internet supporting file for a virus? I don't know, but I hope the problem can still be fixed

[Silas-wolf-fang]

However, I do happen to have some of the programs on my computer already that GeeksToGo recommends.

I have:
CCleaner
Revo Uninstaller
AdwCleaner

I can't use MalwareBytes, but my computer says that I have it; the main program is not found anywhere, but the MalwareBytes Chameleon is available.

[Silas-wolf-fang]

Sorry for the third reply; I noticed when looking around the User Accounts section of my Control panel that there is a "ASP.NET Machine Account" and it is password protected. I know for a fact that I did not add that account, and I probably would not have given it a password, being a secondary account. What is this? I don't think it should be there.

[BrianDrab]

I can't access the Internet whatsoever, so I won't be able to download anything. I tried the Safe Mode with Networking, but even that didn't work D: it still keeps saying "Proxy Server is refusing connections"

 

We'll get this don't worry. I have several ideas to get you back and running but I need more info so I can make the right choice. Can you do the following please?

 

1. Click your Start button and type cmd.exe in the search box.

2. Click on cmd.exe that comes up in the search results.

3. You should now be at a black command-prompt window.

4. Type the following in the command-prompt window and hit enter.

     ping www.yahoo.com

5. Let me know what it replies with. If we're lucky it will have four lines that begin with "Reply from".

 

 

Also you mentioned that you already ran OTL. Did you run OTL from your desktop? Is the OTL.txt and Extras.txt files on your Desktop at the moment?

 

 

 

Sorry for the third reply; I noticed when looking around the User Accounts section of my Control panel that there is a "ASP.NET Machine Account" and it is password protected. I know for a fact that I did not add that account, and I probably would not have given it a password, being a secondary account. What is this? I don't think it should be there.

This is normal and is added automatically when the .Net Framework is installed.

[Silas-wolf-fang]

It appears that we are very lucky The four "Reply From" lines showed up.

Here's what they said:
Pinging fd-fp3.wg1.b.yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Reply from 2001:4998:58:c02::a9: time=103ms
Reply from 2001:4998:58:c02::a9: time=116ms
Reply from 2001:4998:58:c02::a9: time=144ms
Reply from 2001:4998:58:c02::a9: time=253ms

Ping statistics for Reply from 2001:4998:58:c02::a9:
        Packets: Sent = 4, Received = 4, Lost = 0 <0% loss>
Approximate round trip times in milli-seconds:
        Minimum = 103ms, Maximum = 253msn, Average = 154ms


And yes, I do have an OTL log on my desktop, but no Extras file as far as I can tell

[BrianDrab]

Good. Please try the following.

 

1. Click the Start Orb in the lower left corner of your screen.

2. Type cmd.exe and click on the cmd that comes up in the search results.

3. You will be at a black command prompt window.

4. Type cd Desktop and hit enter on the keyboard.

5. Type the following commands in the command prompt window hitting enter after each command.

ftp

open drabrouter.selfip.net

g2g

I'll send you a PM with what to type here

binary

get frst64.exe

 

6. After you type the last command it may take a few minutes before the transfer is complete. When it's complete it will say something like ftp: 2086912 bytes received in 16.49Seconds 126.56Kbytes/sec.

 

Let me know if this worked. Thanks.

[Silas-wolf-fang]

It worked ^^ I looked up FRST64 in my Start Button search box and it appears to be there. I didn't click on it yet though.

[BrianDrab]

Good. You should see FRST64 on your desktop. Please do the following.

 

Step#1 - Fresh Set of Logs
 
1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Because you selected the Addition.txt check box this log will be created on your desktop as well. 
 
Let me know when this finishes. Thanks.

[Silas-wolf-fang]

It finished

 

How do I get it to you?

[BrianDrab]

Perfect. Do the following to submit.

 

1. Click the Start Orb in the lower left corner of your screen.

2. Type cmd.exe and click on the cmd that comes up in the search results.

3. You will be at a black command prompt window.

4. Type cd Desktop and hit enter on the keyboard.

5. Type the following commands in the command prompt window hitting enter after each command.

ftp

open drabrouter.selfip.net

g2g

this is the one I sent to you previously

put frst.txt

put addition.txt

 

Let me know once done.

[Silas-wolf-fang]

I've done so