Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange issues, probably infected.


  • Please log in to reply
8 replies to this topic

#1 Heysup

Heysup

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 22 December 2017 - 02:22 PM

Ever since windows10 did an update a while back I've been having some random issues.

 

 

1) I've noticed I see runtime broker running under many applications like Skype, etc... and multiple com surgents will show in task manager. Sometimes when I close some of these, my text / buttons in task manager will become invisible and windows will have issues in general. Even when restarting explorer it doesn't fix these issues, and they can vary / range from disappearing text, to window being cut off, etc.. Fixes it's self over time.

 

2) Sometimes my icons / explorer will start to glitch. For example icons will disappear, or when trying to drag pictures from webbrowser to windows will freeze explorer. Using 7zip to extract files when dragging them will sometimes freeze explorer. 

 

3) Webbrowsers started to act funky. Originally started with firefox shooting my GPU temps up when watching videos (absurdly), so I started using Chrome, then that started giving me infinite mouse loading when navigating web pages. Now I'm using opera, which certain images / avatars cannot be dragged to desktop or it'll freeze explorer. 

 

4) When opening Settings, and trying to navigate to Account/settings it will freeze settings/explorer.

 

 

 

Any help will be appreciated. As a last resort I'll just wipe my C drive, would hope to avoid that. 



BC AdBot (Login to Remove)

 


#2 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:12:01 PM

Posted 22 December 2017 - 09:24 PM

G'day and Welcome Heysup,

 

 

 

I need to advise you that I am a Standard Member, like you. I am NOT a Trained Malware Removal Expert. If anything I suggest concerns you, please contact me or a Moderator before actioning it. I have been working on and with computers since the 1970s.

 

 

 

 

Let's start at O/S level before we start pulling the tools out.

 

  • Please open an Administrator Command Prompt.
  • To do this, type CMD into the search box at the Start Button.
  • When CMD.exe comes up, Right Click and Select "Run as Administrator."
  • (It's very important not to interrupt these scans as it could result in System Corruption or Failure.)
  • The Scans I'm listing will take quite some time depending on your Hardware.
  • Once you have that open, please type the following:

 

SFC /Scannow

 

  • Hit Enter
  • Don't use the computer while this scan is running.
  • Once it has completed it should advise you whether any problems were found.
  • Please copy the result into Notepad IF the result was other than "No Integrity Violations Found."

 

If no Violations were found, please keep the Admin Command Prompt open.

 

  • Ensure you have an Internet Connection
  • Again, don't use the computer whilst the scan is running.
  • At the prompt C:\....etc
  • Type in or copy and paste the following:

 

DISM /Online /Cleanup-Image /RestoreHealth

 

  • Hit Enter
  • Go and get a drink while this scan runs.
  • Please Paste In any Onscreen Result once the scan completes.

 

Now please close down the Command Prompt.

Reboot your computer.

 

Please post back and advise how your computer is running now.

 

If you encounter any problems or issues, please post back here for advice.

 

 

Have a Great Christmas!

 

 

 

Kilt :thumbup2: 

 

 

 

:santa: I'd like to wish all Bleeping Computer Members a Very Merry Christmas and a Happy New Year! :santa:


Edited by Unworn_Kilt, 23 December 2017 - 12:17 AM.

PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 


#3 Heysup

Heysup
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 22 December 2017 - 11:29 PM

G'day and Welcome Heysup,

 

 

 

I need to advise you that I am a Standard Member, like you. I am NOT a Trained Malware Removal Expert. If anything I suggest concerns you, please contact me or a Moderator before actioning it. I have been working on and with computers since the 1970s.

 

 

 

 

Let's start at O/S level before we start pulling the tools out.

 

  • Please open an Administrator Command Prompt.
  • To do this, type CMD into the search box at the Start Button.
  • When CMD.exe comes up, Right Click and Select "Run as Administrator."
  • (It's very important not to interrupt these scans as it could result in System Corruption or Failure.)
  • The Scans I'm listing will take quite some time depending on your Hardware.
  • Once you have that open, please type the following:

 

SFC /Scannow

 

  • Hit Enter
  • Don't use the computer while this scan is running.
  • Once it has completed it should advise you whether any problems were found.
  • Please copy the result into Notepad IF the result was other than "No Integrity Violations Found."

 

If no Violations were found, please keep the Admin Command Prompt open.

 

  • Ensure you have an Internet Connection
  • Again, don't use the computer whilst the scan is running.
  • At the prompt C:\....etc
  • Type in or copy and paste the following:

 

DISM /Online /CleanupImage /RestoreHealth

 

  • Hit Enter
  • Go and get a drink while this scan runs.
  • Please Paste In any Onscreen Result once the scan completes.

 

Now please close down the Command Prompt.

Reboot your computer.

 

Please post back and advise how your computer is running now.

 

If you encounter any problems or issues, please post back here for advice.

 

 

Have a Great Christmas!

 

 

 

Kilt :thumbup2: 

 

 

 

:santa: I'd like to wish all Bleeping Computer Members a Very Merry Christmas and a Happy New Year! :santa:

 

No problems with SFC but dism doesnt work

 

mRFNZc7.png



#4 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:12:01 PM

Posted 22 December 2017 - 11:34 PM

Thanks for getting back to me.

 

You did say you're running Windows 10 and that's what's reflected in your screenshot.

 

Was Windows 10 Pre-Installed or did you Upgrade to it?


PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 


#5 Heysup

Heysup
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 22 December 2017 - 11:39 PM

Thanks for getting back to me.

 

You did say you're running Windows 10 and that's what's reflected in your screenshot.

 

Was Windows 10 Pre-Installed or did you Upgrade to it?

 

You know what, I remember being drunk one day and deleting some files that I believe were associated with reverting back to Windows 7.

 

I had windows 7 on this computer a year or 2 ago, upgraded to windows 10 for free. I've reinstalled windows10 once though with the ISO on CD. These problems have only started happening (and are getting worst, now image icons do not show despite the setting being turned on and open with option freezes explorer) after windows updated after not updating in a while. 



#6 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:12:01 PM

Posted 22 December 2017 - 11:44 PM

Ok,

 

It's possible Windows may be corrupt. I'm not an expert on that.

 

I'm happy to run a few basic scans if you'd like to proceed.

 

It's going to take me a little while to get things together and I'll get back to you.

 

 

Cheers,

 

 

Kilt    :thumbup2: 


PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 


#7 Heysup

Heysup
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 22 December 2017 - 11:45 PM

Ok,

 

It's possible Windows may be corrupt. I'm not an expert on that.

 

I'm happy to run a few basic scans if you'd like to proceed.

 

It's going to take me a little while to get things together and I'll get back to you.

 

 

Cheers,

 

 

Kilt    :thumbup2:

 

Alright. I'm upgrading to the Ryzen (upgrading to AM4 and DDR4) on chrismas so if push comes ot shove I'll just reset windows. That's been my go to option since I was a kid, and windows 10 makes things a lot faster and easier. 

 

 

Edit: Now I cannot delete any files, when I open my recyle bin the icon disappears.


Edited by Heysup, 22 December 2017 - 11:53 PM.


#8 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:12:01 PM

Posted 23 December 2017 - 12:08 AM

Ok, here we go.

 

Just so you're aware my own computer has just started acting up.

I'm letting you know in case I'm unable to respond reasonably quickly.

 

 

Let's lift the hood.

 

 

We'll take a quick look at your P.C.

 

 

 

Do Not Enclose Reports In Quotes or Delete or Insert Any Characters - No Redaction!

Please Post All Reports in Plain Text. Ensure You Include All Report Headers.

Please Press the Return Key 3 Times Between Reports.

Don't Attach them either.....Pleeeez!

 

 

Please make sure you have Backed Up your Files and Save any Work you have Open before proceeding!

You can find Free Back Up Software available on the Web.

(It's unlikely that anything I ask you to do will wipe your data, but better to be safe than sorry.)

 

 

Some Tools May Close Down Any Open Windows or Programs, Please Be Aware of This!

 

 

 

Remember that there is no such thing as a "Stupid Question." If you encounter ANY problems or difficulties along the way, STOP and Message Me!!

 

 

 

**Read All Notes Under Individual Instructions BEFORE Running the Tools.**

 

You might find it useful to print these instructions for reference.

 

 

 

 

 

Let's start relatively simply.....

 

 

 

 

(1)

Download a copy of a program called RKill (Courtesy of Grinler at Bleeping Computer) which is available at the links below:

(This program attempts to stop any running malware processes so other tools may function efficiently, plus a few other things.)

 

Save it to your Desktop so you can easily locate it.

 

(If one won't run, download the other. Malware sometimes recognises RKill.exe and tries to interfere with it.)

 

 

RKill.exe                              <<== Try this first.

 

RKill as iExplore.exe         <<== Try this one if option one doesn't work.

 

  • Right Click RKill and Select "Run As Administrator."
  • Soon after a Black Box will appear while RKill Runs. (This is normal. RKill may appear to hang. It's just working.)
  • When RKill has finished it will Open a Report in Notepad.
  • RKill will also save a copy of its log to your Desktop called "RKill.log"
  • After RKill has run successfully Don't Restart your computer until the other tool(s) have run.
  • Please Copy and Paste the contents of the Report into your Next Reply.
  • If the RKill will not run in Normal Windows Mode, Restart in Safe Mode and Repeat the above Steps.

 

NOTES:

 

Please Ignore any warnings from about RKill containing Viruses or Trojans etc. If necessary, shut down or temporarily disable your Antivirus while RKill runs. Don't forget to Re-enable your Anti-Virus once RKill completes, unless I ask otherwise.

 

If RKill still won't run, please Post back here and advise me.(After trying both versions and Safe Mode.) Please note any Error messages or other useful information and Include it in your Reply.

 

 

Then.......

 

(2)

Please download Security Check (by screen317) from HERE & save it to your Desktop.

 

 

  • Right Click SecurityCheck and Select "Run As Administrator."
  • Follow the Prompts in the Black Box which opens on your screen.
  • When the program is complete a Notepad Document called Checkup.txt should open Automatically in Notepad.
  • Please Copy & Paste the Contents of Checkup.txt into your Next Reply.

 

Please Note the Following:

 

If you receive an "UNSUPPORTED OPERATING SYSTEM! ABORTED!," please Restart Windows and Security Check should Run Fine.

Should a problem persist, please Post Back Here and include any Error Messages & Other Useful Information.

 

Security Check may require you to permit "Dig.exe" to access the internet. Please allow access through your Firewall if necessary.

It is not uncommon for Security Check to generate "false positives" from  some Anti-Virus/Anti-Malware Programs. Please Ignore These if They Occur.

 

Then....

 

(3)

Now I'd like you to download the JRT (Junkware Removal Tool)HERE

Save it to your Desktop so it's handy.

 

  • Right click on the JRT.exe Icon and select "Run as Administrator."
  • A black box will open and ask you if you want to continue. Do so. (Hit Enter I believe.)
  • The tool will do some work. Just be patient please.
  • When it's finished, a report should pop up in Notepad.
  • Please copy and paste the contents of the report into your Reply.

 

Ignore any warnings about the tool containing viruses etc.

 

 

Then.......

 

 

(4)

Download and run the ESET Free Online Virus Scanner from:  HERE

​(If you had to restart for any reason between running RKill and this step,

​Please re-run Rkill.1)

 

  • Turn off your antivirus program. See here how to do this.
  • Accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
    • Enable detection of potentially unsafe applications
    • Enable detection of suspicious applications
    • Scan archives
    • Enable Anti-Stealth Technology
    • Click on the Change button and select only Operating Memory, Autostart Locations and drive(s) C:\ D:\ etc., to be scanned
    • Click Start to begin the Scan.
  • The ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
  • Push the SAVE to TEXT FILE button and save the file to your desktop using a unique name, such as ESETScan+Date.txt. Include the contents of this report in your next reply.
  • CLEAN any THREATS found.
  • Click Back, then Finish to exit ESET Online Scanner.
  • ​Do NOT delete the ESET scanner at this stage please.
  • ​KEEP THIS TOOL FOR NOW YOU WILL NEED TO SCAN ALL USB DRIVES!!

Please re-enable your antivirus when the scan is complete.

 

Let me know if you encounter any problems.

 

 

After you've finished the ESET Online scan:

  • Please ensure you've saved the Log File to your desktop.
  • Post the Log File contents in your Reply, assuming there was one.
  • Close down any other open programs.
  • Reboot.

 

 

Then.......

 

(5)

 

 

Download AdwCleaner(from Xplode.

(As you had to Reboot after Running ESET

re-run RKill - That was Step 1

 

From here: AdwCleaner.exe

 

 

Save to your Desktop so you can easily locate it.

 

  • Before Starting Ensure You've Saved Anything You Have Open that you Wish to Keep!!
  • Right Click AdwCleaner.exe & Select "Run As Administrator"
  • Please Click on the Tools Menu. There should be 2 Tabs: Options & Advanced.
  • In Options under DeleteSelect Tracing Keys(Usually pre-selected,) and, under RESET select all Options on the Right Hand Side.
  • Do Not select any other Options with Square Boxes.
  • There should be Options for Mode and Debug. You can leave these at their Defaults. Press OK.
  • Next, you should see Two main Buttons, Scan and Logfiles. Please Press Scan.
  • AdwCleaner will Start to Update the Database if required. This may take a little while.
  • The Progress Bar will gradually move to the right as the scan progresses. It can take a while.
  • Next you should receive a Popup Notification advising of the Scan Result.
  • Select any Items AdwCleaner may have found for DeletionorDeselect anything you may wish to keep.
  • Under the Popup there will be a Log. Please Copy and Paste the Contents into your next Reply.
  • NextClick Clean. Even if nothing was detected. This will require you to reboot the machine. Please do so.
  • Once the computer has rebooted,second Log should appear. Please Paste into your Reply as well.

 

  • If you need to access Logs again, Open the Tool and Click the LogFiles Button. They are stored there.

 

The Logs can be a tad confusing at first. They all contain a number such as [S0] which is Log One. They are also accompanied by a date to the left side column. The lower the number in the square brackets, the earlier the Log. For example, I may have Logs; AdwCleaner[S0].txt (Earliest) to AdwCleaner[S27].txt (Most Recent.) Double Click a Log to Open it.

 

 

 

​I'll look over your log file(s.)

 

Log back in to your thread for further instructions please.

 

We're in different time zones, so there may be a delay.

If I don't respond in 48 hours Please Personally Message Me.

If you don't hear back after 3 days, please post: HERE

 

I am a Volunteer and do my best to be here. This is sometimes interrupted by sleep, eating, outages.......

 

 

 

Cheers,

 

 

 

Kilt :thumbup2: 

 

 

 

:santa: I'd like to wish all Bleeping Computer Members a Very Merry Christmas and a Happy New Year! :santa:


PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 


#9 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:12:01 PM

Posted 23 December 2017 - 12:15 AM

Just one thing.

 

I wrote out that DISM command incorrectly.

 

It should read:

 

DISM /Online /Cleanup-Image /RestoreHealth

 

 

My apologies.

 

You can continue to run the tools, then run the DISM scan, or, vice-versa.

 

 

Your call.

 

EDIT: Original post edited to avoid problems for other users.


Edited by Unworn_Kilt, 23 December 2017 - 12:19 AM.

PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users