Computer is a Dell Inspiron 15R running Windows 10. It is displaying the following behaviors which make me suspect a virus infection:
1. Computer does not react at all to mouse clicks, especially left clicks. Cursor can still be moved around. This happens with both the touchpad mouse and an external mouse. This computer has a touch screen which basically works. Tqab and Eter keys work.
2. Cannot bring up task manager. Attempt to bring up task manager via Ctrl-alt-delete and selecting task manager just brings up initial screen that normally appears when the computer is booted up but not logged into.
3. Cannot restore from a restore point. Select Restore button via Enter key shows list of restore points which has only one entry that cannot be selected. Next button on this screen is not enabled.
THANKS FOR YOUR HELP!
Logs:
# AdwCleaner v6.044 - Logfile created 27/03/2017 at 11:16:37
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-27.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Michael - WINDOWS-R28NTV0
# Running from : C:\Users\Michael\Downloads\adwcleaner_6.044.exe
# Mode: Clean
# Support :
https://www.malwarebytes.com/support***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[!] File not deleted: C:\Users\PK\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnnbmiailafajdkboegcjcdklooomfic_0.localstorage
[!] File not deleted: C:\Users\PK\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnnbmiailafajdkboegcjcdklooomfic_0.localstorage-journal
[!] File not deleted: C:\Users\PK\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.sonicelectronix.com_0.localstorage
[!] File not deleted: C:\Users\PK\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.sonicelectronix.com_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
[-] Task deleted: pcdeventlaunchertask
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
- Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
- Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
- Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
- Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
- Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
- Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key deleted: HKLM\SOFTWARE\Auslogics
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com
- Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
- Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
- Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
- Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
- Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
- Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com
***** [ Web browsers ] *****
[-] [C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\PK\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\PK\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\PK\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: jnnbmiailafajdkboegcjcdklooomfic
[-] [C:\Users\pknonadmin\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\pknonadmin\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Joe Test\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Joe Test\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6228 Bytes] - [27/03/2017 11:16:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [6154 Bytes] - [27/03/2017 10:49:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6374 Bytes] ##########
malwarebytes anti-malware
Malwarebytes Anti-Malware
www.malwarebytes.orgUpdate, 3/27/2017 1:56 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Remediation Database, 2017.1.23.1, 2017.3.14.1,
Update, 3/27/2017 1:56 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Rootkit Database, 2016.11.20.1, 2017.3.11.1,
Update, 3/27/2017 1:56 AM, SYSTEM, WINDOWS-R28NTV0, Manual, IP Database, 2017.2.7.1, 2017.3.26.1,
Update, 3/27/2017 1:56 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Domain Database, 2017.2.7.5, 2017.3.26.4,
Update, 3/27/2017 1:57 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Malware Database, 2017.2.7.6, 2017.3.27.2,
Scan, 3/27/2017 2:21 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Start:3/27/2017 1:57 AM, Duration:23 min 51 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Update, 3/27/2017 11:31 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Remediation Database, 2017.3.14.1, 2017.3.27.1,
Update, 3/27/2017 11:31 AM, SYSTEM, WINDOWS-R28NTV0, Manual, IP Database, 2017.3.26.1, 2017.3.27.3,
Update, 3/27/2017 11:31 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Domain Database, 2017.3.26.4, 2017.3.27.7,
Update, 3/27/2017 11:31 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Malware Database, 2017.3.27.2, 2017.3.27.6,
Scan, 3/27/2017 11:54 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Start:3/27/2017 11:31 AM, Duration:23 min 39 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
(end)
Security check
Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
Windows Defender
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:`````````[/u]
Java 8 Update 121
Java version 32-bit out of Date! Mozilla Firefox (51.0.1)
Google Chrome (56.0.2924.87)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````[/u]
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````[/u]
Malwarebytes Anti-Malware
www.malwarebytes.orgUpdate, 3/27/2017 1:56 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Remediation Database, 2017.1.23.1, 2017.3.14.1,
Update, 3/27/2017 1:56 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Rootkit Database, 2016.11.20.1, 2017.3.11.1,
Update, 3/27/2017 1:56 AM, SYSTEM, WINDOWS-R28NTV0, Manual, IP Database, 2017.2.7.1, 2017.3.26.1,
Update, 3/27/2017 1:56 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Domain Database, 2017.2.7.5, 2017.3.26.4,
Update, 3/27/2017 1:57 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Malware Database, 2017.2.7.6, 2017.3.27.2,
Scan, 3/27/2017 2:21 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Start:3/27/2017 1:57 AM, Duration:23 min 51 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Update, 3/27/2017 11:31 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Remediation Database, 2017.3.14.1, 2017.3.27.1,
Update, 3/27/2017 11:31 AM, SYSTEM, WINDOWS-R28NTV0, Manual, IP Database, 2017.3.26.1, 2017.3.27.3,
Update, 3/27/2017 11:31 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Domain Database, 2017.3.26.4, 2017.3.27.7,
Update, 3/27/2017 11:31 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Malware Database, 2017.3.27.2, 2017.3.27.6,
Scan, 3/27/2017 11:54 AM, SYSTEM, WINDOWS-R28NTV0, Manual, Start:3/27/2017 11:31 AM, Duration:23 min 39 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
(end)