Jump to content

I want to check one of my laptops to make sure it doesn't have malware


MHN39
 Share

Recommended Posts

Hi everyone!

The cooling fan in one of my laptops makes funny noises sometimes when it runs. The cooling fan sometimes sounds like it runs really, really hard, even when I don't have anything open on the screen at all. To me, either there's something malicious that is causing it, or it is because the laptop is 9 years old and has only 2 GB of RAM. I'll have the FRST, Addition and latest MBAM logs attached in my next reply, which will be within 20 minutes of the time of this post. I'm currently running a MBAM scan on it right now. Thanks in advance for helping me. :) 

Link to post
Share on other sites

  • Root Admin

I don't see any malware threats but I do see some serious errors you need to track down and fix.

Quote

Error: (10/26/2016 01:20:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

 DETAIL - The process cannot access the file because it is being used by another process.
 for C:\Users\huanmnguyen\ntuser.dat

Error: (10/24/2016 11:40:44 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Details:
    (HRESULT : 0x80040210) (0x80040210)

Error: (10/24/2016 11:40:43 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Details:
    (HRESULT : 0x80040210) (0x80040210)

Error: (10/24/2016 11:40:15 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Details:
    (HRESULT : 0x80040210) (0x80040210)


System errors:
=============
Error: (11/23/2016 07:19:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Store Interface Service service, but this action failed with the following error:
An instance of the service is already running.

Error: (11/23/2016 07:18:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Font Cache Service service, but this action failed with the following error:
An instance of the service is already running.

Error: (11/23/2016 07:17:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/23/2016 07:17:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (11/23/2016 07:17:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Diagnostic Service Host service terminated unexpectedly.  It has done this 1 time(s).

 

etc.

 

Link to post
Share on other sites

  • Root Admin

Hi Michael,

Unfortunately many issues cannot be fixed by just running a fixlist file. I would recommend you open a new topic in this forum and others can assist you in fixing the computer as it does not appear to be due to malware at this time.

https://forums.malwarebytes.org/forum/6-general-windows-pc-help/

Thanks again and good luck

Ron

 

Link to post
Share on other sites

OK Thanks for taking the time to respond to me. This topic can be closed now. I'll try to deal with these issues as soon as I am able to do so. Since it is NOT malware that is the cause, I feel a little better now. :)

Regards,

Michael

Link to post
Share on other sites

Last question: if these errors go unfixed, will these errors pose a serious threat to the laptop, or will it just interfere with the performance of the laptop?

Regards,

Michael :) 

P.S. I apologize for using 3 separate posts when I could have used just one for the last three posts in this topic. Again, thank you very much for helping me. 

Link to post
Share on other sites

Is this PC more at risk to malware threats if these errors are not fixed, or will it just interfere with the performance of the PC? Other than the on-and-off loud noise from the cooling fan, this PC runs normally. Please let me know if there's anything else that needs to be done after looking at the updated logs. If not, you can close this topic and I'll move on to the General PC help section when I have the chance to do so, as this will be my last post here. I will delete FRST and its logs after posting this. I'll PM you if I have any other questions. Again, thank you for your help @AdvancedSetup :)

Regards,

Michael

P.S. I apologize for dragging this topic out 5 posts after I said that it would be my last post here :(

Edited by MHN39
I forgot to add something.
Link to post
Share on other sites

  • Root Admin

I do help out in the PC General forum from time to time but I try to let other members help out first.

In general it's difficult to tell. Sometimes problems can remain and do no other harm. Sometimes they can cause other programs to start to fail. When possible it's best to try to fix the issues if you can so that the computer functions more smoothly.

I'll go ahead and close this topic. Just start a new one with your logs and concerns in the new topic please.

Thank you very much and good luck. If you don't get a response after a couple of days though do let me know.

Cheers

 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.