Jump to content

PC recently Infected


SirWho

Recommended Posts

Recently, by PC has been acting up.  I tried to use google chrome as soon as the computer started, but the screen turns black for a few seconds, before returning to the desktop.  I restarted my PC because I noticed that it needed to update, but that did not fix the problem.  When I try to go into updates and security in the settings, I get the following error for SystemSettings.exe: "The system detected an overrun of a stack-based buffer in this application.  This overrun could potentially allow a malicious user to gain control of this application."  This is the first day that I have noticed this problem and I have not had this problem before.

 

I have attached the FRST and Addition files I obtained from the Farbar Recovery Scan Tool.  I ran a threat scan with the free version of Malwarebytes, but it did not detect anything wrong and I cannot find any threat scan logs.

 

I would appreciate any help with this problem.  

 

Thank you.

FRST.txt Addition.txt

Link to post
Share on other sites

  • Root Admin

Hello @SirWho and :welcome:

 

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real time antivirus or security software before running this script. Once completed make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

Link to post
Share on other sites

  • Root Admin

Nope, seems something more is going on with the system.


Windows Resource Protection found corrupt files but was unable to fix some of them.

Please find and attach the following log. If it's too big then zip it up first.

C:\Windows\Logs\CBS\CBS.log

Thanks

 

Link to post
Share on other sites

  • Root Admin

There are some missing files that would seem to indicate that the Store may not be working correctly either.

Let's do a couple of other antivirus scans to make sure the computer is not infected with something

 

STEP 1

Please download and run the following Kaspersky antivirus scanner to remove any found threats

Kaspersky Virus Removal Tool

Let me know if it finds anything or not

 

 

STEP 2

Let me have you run a different scanner to double-check. I don't expect it to find anything, but no harm in checking.

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

  • It will start a download of "esetonlinescanner.exe"
  • Save the file to your system, such as the Downloads folder, or else to the Desktop.
  • Go to the saved file, and double click it to get it started. 
  • When presented with the initial ESET options, click on "Computer Scan".
  • Next, when prompted by Windows, allow it to start by clicking Yes 
  • When prompted for scan type, Click on Full scan 
  • Look at & tick  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on Start scan button.
  • Have patience.  The entire process may take an hour or more. There is an initial update download.
  • There is a progress window display.
  • You should ignore all prompts to get the ESET antivirus software program.   ( e.g.  their standard program).   You do not need to buy or get or install anything else.
  • When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.
  • Click The blue “Save scan log” to save the log.
  • If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at bottom).
  • Press Continue when all done.  You should click to off the offer for “periodic scanning”.

 

Thanks

 

Link to post
Share on other sites

  • Root Admin

Okay, in that case I would suggest the following

How to Do a Repair Install of Windows 10 with an In-place Upgrade
https://www.tenforums.com/tutorials/16397-repair-install-windows-10-place-upgrade.html

In most cases that will more than likely resolve your issue

 

 

Link to post
Share on other sites

I just completed an In-Place Upgrade for windows 10.  Right now, I can open up Google chrome and I can open the updates and security window in the settings menu.  I forgot to mention that before, there were no icons on the taskbar.  After completing the In-Place Upgrade, I have icons on the taskbar.  As far as I can tell, the In-Place Upgrade for windows fixed the issues that I was having.

 

I am currently updating windows and I plan on using malwarebytes to help protect my computer.  Is there anything else that I can do to prevent issues like this from happening again?

 

Thank you for your help!

Link to post
Share on other sites

  • Root Admin

Not really sure at this point what has happened. We should still check it out and see. Once it is cleaned then having good, solid back ups of your system is essential.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Thank you

 

 

Link to post
Share on other sites

  • Root Admin

Actually nothing really seriously wrong in the logs.

I'd recommend you download the following program and check for software updates on your system

Patch My PC Home Updater
https://patchmypc.com/home-updater

 

Then review the following topics about Backing Up your data

Backup Software
https://forums.malwarebytes.org/index.php?/topic/136226-backup-software


Macrium Reflect discussion

 

Then there are tips on keeping it clean and better protected

 

 

If there is anything else I can do to assist you please let me know and thank you for using Malwarebytes

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.