Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Preparing Security Options" -- Really


  • Please log in to reply
3 replies to this topic

#1 cathedral_pines

cathedral_pines

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 AM

Posted 02 November 2016 - 09:33 AM

I have been looking this up for quite some time but figured I would ask for help now.

 

I did a dumb thing and torrented something, opened the .exe file (WHY AM I SO DUMB), and my computer has never been the same.

 

This was a brand new Dell Inspirion 15 5000 with Windows 10.

 

My computer was pretty slow, and still is -- more than a few tabs open makes it bog down, whereas I had no issue before with mutliple programs up, etc. It's not devastating, but the slowness I experience is obviously enough to make me seek help.

 

The big indicator of something wrong is when I ctlr+alt+delete, a window flashes, in the exact aesthetic of Windows 10, that says "PREPARING SECURITY OPTIONS". This was not here before, and many people say it is a virus or some such.

 

I tried Anti-Malwarebytes and CCleaner (my 2 favorites) but they came up with nothing. (So - not malware?)

 

No issue, it was a new computer, few days old, so I did a clean install.

 

Still affecting me.

 

I looked at forums, even this one, and many people with the issue try virus-removal program after virus-removal program to no luck. I just want to ask if anyone has any starting points here, or any updates on this issue.

 

I miss my fast computer! (even just normal speed!?)

 

Thanks!

 



BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:08:58 AM

Posted 02 November 2016 - 12:20 PM


It seems that your pc has a problem or could be infected with malware which is going to take some more work and a deeper look. No sense running a bunch of tools here.
Please follow this Preparation Guide. If have already done a step or you cannot complete a step, skip it and continue.
Pease include a link to this thread.

Let me know if all went well.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:58 AM

Posted 04 November 2016 - 01:39 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-10-28]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
Task: {154FE0ED-0AAB-41AF-BB6D-71D51EEE8CC7} - System32\Tasks\{6D64B878-7BD0-4719-9E8C-9CE9A9C99A5E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
Task: {399E0B32-95B9-4231-82EA-9F6369124374} - System32\Tasks\{D984EF07-73A4-4D3D-9D78-162EC566EAA8} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
AlternateDataStreams: C:\Users\Love\Documents\36 Writing Craft Essays by Chuck Palahniuk.pdf:com.dropbox.attributes [168]

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Let me know if the problem is persisting.

#4 cathedral_pines

cathedral_pines
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 AM

Posted 04 November 2016 - 04:03 PM

Problem persists. Here is the log:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by Love (04-11-2016 16:53:41) Run:1
Running from C:\Users\Love\Downloads
Loaded Profiles: Love (Available Profiles: Love)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-10-28]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
Task: {154FE0ED-0AAB-41AF-BB6D-71D51EEE8CC7} - System32\Tasks\{6D64B878-7BD0-4719-9E8C-9CE9A9C99A5E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
Task: {399E0B32-95B9-4231-82EA-9F6369124374} - System32\Tasks\{D984EF07-73A4-4D3D-9D78-162EC566EAA8} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
AlternateDataStreams: C:\Users\Love\Documents\36 Writing Craft Essays by Chuck Palahniuk.pdf:com.dropbox.attributes [168]

End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => moved successfully
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File) => not found.
ibtsiva => Unable to stop service.
ibtsiva => service removed successfully
dbx => service removed successfully
mfeaack => Unable to stop service.
mfeaack => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{154FE0ED-0AAB-41AF-BB6D-71D51EEE8CC7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{154FE0ED-0AAB-41AF-BB6D-71D51EEE8CC7}" => key removed successfully
C:\WINDOWS\System32\Tasks\{6D64B878-7BD0-4719-9E8C-9CE9A9C99A5E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6D64B878-7BD0-4719-9E8C-9CE9A9C99A5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{399E0B32-95B9-4231-82EA-9F6369124374}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{399E0B32-95B9-4231-82EA-9F6369124374}" => key removed successfully
C:\WINDOWS\System32\Tasks\{D984EF07-73A4-4D3D-9D78-162EC566EAA8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D984EF07-73A4-4D3D-9D78-162EC566EAA8}" => key removed successfully
C:\Users\Love\Documents\36 Writing Craft Essays by Chuck Palahniuk.pdf => ":com.dropbox.attributes" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43375096 B
Java, Flash, Steam htmlcache => 234822319 B
Windows/system/drivers => 9896132 B
Edge => 668 B
Chrome => 0 B
Firefox => 393382584 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13312 B
NetworkService => 19884 B
Love => 341965454 B

RecycleBin => 419613608 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:56:02 ====






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users