Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unexplainable actions of my system and browser.


  • Please log in to reply
32 replies to this topic

#1 dannyboy950

dannyboy950

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:02 AM

Posted 07 December 2015 - 12:04 PM

At first I thought this was malware related. After some checking the malware team decided it was not malware.

This pretty much leaves system corruption.

 

Some of the questionable activity is.

1. IE11 will sometimes start and stop itself on it's own. Sometimes even restarting after I have closed the page it will restart right in front of my eyes.  A few times while navigateing on the page IE will close out and I get a black screen for a few seconds and then will come back on it's own. No action required on my part.

2.  After the last 2 updates some system changes I noticed were on my logging only certain logs will work and the options I have chosen have been reverted back to defaults. {overwrite log] instead of save log to file when it reaches a certain size.  This option is no longer available to me.  All prior saved logs have been deleted and not by me.

3. When getting ready to post this I ran the Sysnative app and perfmon.  The Sysnative app completed and created it's log and zipped it up.  Perfmon you have to manually zip the file.  That is when I found that 7zip on here has been disabled and moved from the top of the programs list to the bottom and has been removed from every file sub menu. There is no longer an option to send the file to the zip folder.

Therefore it is unzipped and so far nothing I have tried has been able to get it zipped.

 

I do have a zip of perfmon that I ran in the last 2 weeks for the malware team. I will send that.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


BC AdBot (Login to Remove)

 


#2 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 1,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:03:02 PM

Posted 07 December 2015 - 03:09 PM

Try running System File Checker please and let me know the result.

CLICK ME.



#3 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:02 AM

Posted 07 December 2015 - 06:13 PM

Sfc found no errors. run from option3. The other two would be nearly impossible to do on this system. I latterly never see a black boot screen on here.  I have tried disableing fast boot before and it will not work on this PC.

What next??


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#4 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 1,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:03:02 PM

Posted 07 December 2015 - 06:38 PM

There is a problem device: Unknown USB Device (Device Descriptor Request Failed)    USB\VID_0000&PID_0002\5&240B7E71&0&2    This device is working properly.

Can you relate to it?



#5 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 1,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:03:02 PM

Posted 07 December 2015 - 06:52 PM

Also, please take a screenshot of Device Manager and post the photo. Have you tried running your system in Clean boot mode and seeing if there is any improvement there? If not, please do.

Guide.



#6 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:02 AM

Posted 07 December 2015 - 07:19 PM

The USB device is a hub that powers my cool pad under my laptop. I will try the other what ever that is lol.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#7 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:02 AM

Posted 07 December 2015 - 08:20 PM

A couple of questions when I do Msconfig am I already supposed to be in selective start-up instead of normal?

 

Would being in selective start-up and chooseing the options you wanted cause my Malwarebytes Pro live protection to be off.?


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#8 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 1,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:03:02 PM

Posted 07 December 2015 - 08:32 PM

All looks good, except that problematic USB device. Do you have the latest chipset drivers and srivers generally? Yes, because you have disabled a service once, not necessarily now and then it changed from Normal to Selective. It's nothing to worry about.



#9 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:02 AM

Posted 07 December 2015 - 08:50 PM

All drivers check out as being the latest.  The hub is just a pass thru device uses generic drivers. It merely provides usb power to a fan under the lap top. I have used it on three different pc for over 5 years with no problems.  Now that it is getting colder I may not need to use it anymore but the PCU on here is working at its max capacity just to get win 10 to run on here. So it stays in the upper temp range but is within limits for normal operation.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#10 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 1,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:03:02 PM

Posted 08 December 2015 - 06:35 AM

I understand, try resetting browser settings. If that doesn't help, uninstall IE and reinstall it afterwards. How was clean boot? Did the issue recur?



#11 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:02 AM

Posted 08 December 2015 - 04:40 PM

There was no discernable difference from clean boot to normal boot. All actions that were takeing place before are still randomly happening.

Right now I can not even find ie 11 to either repair or uninstall. It is not listed in programs for me to do anything with.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#12 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 1,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:03:02 PM

Posted 08 December 2015 - 05:46 PM

It should be under Windows features.



#13 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:02 AM

Posted 09 December 2015 - 06:46 PM

So I am left with a quandary. I have no malware according to the malware forum and now here I have no system corruption yet IE11 opens and closes on it's own [I have actually watched it do that in real time].  My DNS has been changed 27 times in the last 5 days.  The PC itself has rebooted 3 times and black screened 4 times.

 

Reboots did not coincide with any updates.  All my other programs have their own updater servers and IE11 does not have to run for them to update.

So what else is left? A remote administration of my pc? That would not show up as malware or system corruption would it not?

 

It would be doing things by using normal proto-calls just not initiated by me.  That would be hard to catch I would think.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#14 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:02 AM

Posted 10 December 2015 - 05:49 PM

I hate to sound like a broken record on this but I still need some advice on which way to go from here.

I am well past the 30 day limit to revert, not that I would want to revert to 8 at all.

 

If I do a recover repair will I loose all the installed updates for 10?  This in some ways would seem the easiest way. Wipe out all changes I have made right or wrong and still keep already installed programs.

Or am I miss understanding and I should just reinstall from a ISO and wait for all the updates to repopulate.

 

At about 10:am I had to reboot to complete some update that had installed this morning.  However I can not find any update listed for that time frame. Que Passa????

 

My prior post covered some possibilities but were a bit of a reach I must admit.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#15 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 1,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:03:02 PM

Posted 10 December 2015 - 07:54 PM

Sorry for not replying earlier. If you mean there is someone remotely accessing your PC and doing this, that's highly unlikely because our malware experts would have caught it. I recommend you to try with a Windows 8.1 clean install and then if it's all OK, preform a clean install of W10, not an upgrade.

Have you tried reinstalling IE?

Have you tried Windows repair Free and doing a repair of IE? If not, try it.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users