Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Control Panel Shuts Automatically


  • Please log in to reply
1 reply to this topic

#1 Kaizensan

Kaizensan

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central North Texas, United States of America, Earth, Solar System, Milky Way Galaxy
  • Local time:03:26 AM

Posted 08 August 2014 - 10:48 PM

Forgive my failure to complete the standard scannig process, but I want to get something up here soon.  I find myself stuck in analysis paralysis.

.:.

System is an HP Pavilion p6-2317c PC

Processor: x64-based AMD A6-5400K with Radeon HD Graphics   3.60 GHz

RAM: 8 GB (7.40 GB usable)

.:.

OS is Windows 8 64-bit (the 8.1 upgrade is NOT installed )

Updates not current.

Required

- KB2899090:  Update for Microsoft Camera Codec Pack for Windows 8 for x64-based Systems

- KB2862768:  Update for Windows 8 for x64-based Systems

- KB2893519:  Update for Windows 8 for x64-based Systems

.:.

Optional

No Updates Available

.:.

Threats

Recently quarantined threats by Immunet.3

- Clam.Trojan.IRCBot-3503 on the following files

....VS1B0US3.dle

....VS1B0US3.dmb

....VS1B0US3.e7c

- Clam.Win.Adware.Dudu-14 on the following files

....VS1B0US3.edv

.:.

Potential threats quarantined by MalwareBytes

Folders: 20
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\images, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\da, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\de, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\en, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\es, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\fi, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\fr, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\it, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\ja, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\ko, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\nl, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\pl, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\pt_br, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\ru, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\sv, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\zh_cn, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\zh_tw, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 

Files: 18
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\manifest.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\images\en_app_icon-128.png, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\da\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\de\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\en\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\es\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\fi\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\fr\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\it\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\ja\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\ko\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\nl\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\pl\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\pt_br\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\ru\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\sv\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\zh_cn\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 
PUP.Optional.MultiPlug, c:\users\marka\appdata\local\google\chrome\user data\default\extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\_locales\zh_tw\messages.json, Delete-on-Reboot, [d4b6378de69578be7fec8a4b778b5ca4], 


.:.

Symptoms

System runs slowly with processor and memory being over taxed.  Virus/Malware scanners seem to take huge amounts of resources, otherwise system.exe uses huge precentage of resources. 

.:.

Initially, SSL connections where prevented from connecting.  Need to validate this is still gone as limiting secure logins.  Using Comodo IceDragon in hopes of limiting data being stolen if infected by spyware.

.:.

Opening Control Panel causes everything to go dartk as if about to request Admin password.  Then it returns but the Desktop to clear of background images, shortcuts, taskbar, notification area, clock, etc.  Only the default color for the desktop is shown.  Bing Desktop does remain at the center top as set.  Dropping mouse to lower left shows the Windows Panel selection screen.  Alt-TAB brings up the change program window.  After a bit of time the screen goes dark and everything comes back except:

- Control Panel is closed

- Explorer Windows are closed (as are any Windows accessed from Control Panel).

.:.

Windows Update was able to be opened via short cuts for a while.  Yet as I worked through scanning and attempting to clean the system this stopped.  Now opening any setting screen accessed via the Control Panel either do not open or act the same as opening the Control Panel.

.:.

For awhile I was not able to update any of the virus or malware programs.  I used some PortableApps versions to clean what I was able and currently am able to update what I use.

.:.

Malware Bytes does not find anything lately.

.:.

SUPERAntiSpyware are finding tracking cookies yet nothing else now.

.:.

Immunet.3 found some items.  It did find a RootKit and went through cleaning it.  I'll try to find which it found.

.:.

aVast! finds the system clean.  On occasion is shows Immunet.3's files it its temp folders as a possible thread.  Previously, aVast! has found items and did force two scans from boot up about a week apart.

.:.

This has been going awhile.  I'm trying to keep it up enough for use but keep having issues.  I'm disabled so there may be over 48 hours between responses if things get bad.  If able to connect, I shall. 

.:.

Right know, I mainly wish to learn if anyone has ever heard of an infection which allows use of the system yet seems to be trying to prevent access to Control Panel settings as described above?  Thank you.


Edited by Kaizensan, 09 August 2014 - 06:37 PM.


BC AdBot (Login to Remove)

 


#2 Kaizensan

Kaizensan
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central North Texas, United States of America, Earth, Solar System, Milky Way Galaxy
  • Local time:03:26 AM

Posted 08 August 2014 - 11:28 PM

I ran the system scan suggested at a Microsoft site using the Adminstrator Command Prompt to execute:

sfc /scannow

.:.

The results are:

Microsoft Windows [Version 6.2.9200]
(c) 2012 Microsoft Corporation. All rights reserved.

C:\windows\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files but was unable to fix some
of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For
example C:\Windows\Logs\CBS\CBS.log. Note that logging is currently not
supported in offline servicing scenarios.

C:\windows\system32>

The file is about four megs with 26494 lines.

I'm not finding a quick way to attach it to the post here. 

Should I just past the CBS.log as a reply? 

.:.

When I'm able to get back, I'll try to find how to attach a file.  Pushed it too far tonight.

.:.

Sorry.

.:.

.:.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users