Jump to content

Recommended Posts

Hello,

I started a topic in the general forum "Can't click on anything" regarding my laptop running on Windows 10 and was suggested I contact you here to explore possible infection. Unfortunately, my computer is getting slower and slower, not letting me get the logs you may need, however they suggested I send what I have and see where we can go from there. I am having to do a majority of my communication with you via my phone for now, however I was able to attach a log file in the forum from my computer, so hopefully you can access & possibly have something to start with until I can get you more here.

It's possible an issue with my Logitech mouse either started the issue or exacerbated /revealed another issue. I keep running into obstacles when I try to take recommended action. I am having to do everything in safe mode for now. I was able to load FRST, however Windows Defender got in the way, then it gave me a message that the version I had wasn't compatible & needed a different version. I have an old version of FRST64 from the last time I was here... it's probably ~3 yrs old, but if there's a chance it may get us further, I can try to run it & send your way. 

I've had success with you all helping me bring computers backfrom the extreme edge in the past, I'm hoping we can do it again!

I appreciate any assistance you are able to provide. Thank you! 

Pcemkr

Link to post
Share on other sites
  • Replies 92
  • Created
  • Last Reply

Top Posters In This Topic

Hello Kevin,

Yes, I can get to system restore.I tried running it on Sunday when I first started having issues, however it wasn't able to complete. I just checked it & the restore point is 11/18. Checking before I run it again... is it beneficial to restore even if restore point is during all these issues?

*An additional note as an FYI to assist in our communication... I am computer literate, just not saavy. I am good at "hunting & pecking" & have some IT experience from years ago, so I can follow instructions well and hopefully communicate effectively. Most of the time I can do b or find what I need in real time, but move on once I'm done. Lol. I hope that is helpful. 

Thanks! 

Pcemkr

Link to post
Share on other sites

Ok, so responding again sooner than expected...

I went ahead and tried running system restore. Found another restore point from 11/13/20, it is an automatic restore point. Here's the message I received when trying to run:

"System Restore did not complete successfully. Your computer'ssystem files and settings were not changed. 

Details: The specified restore point is missing or corrupt. Try again using another restore point. (0x81000201)"

I am going to try the 11/18 restore point, it appears to be from a Windows update. I'll let you know how it goes.

Link to post
Share on other sites

Hiya pcemkr,

Thanks for the update. The only restore point showing in the logs you posted at the other forum was: 13-11-2020 15:49:15 Scheduled Checkpoint

There was no difinite signes of Malware or Infection in those logs. yes please let me know how you progress...

Thank you,

Kevin..

Link to post
Share on other sites

Hi Kevin, 

No, not much, if any, difference with the restore. Still a lag getting to login or Internet (in safe mode). Sometimes it looks promising, like things are moving more smoothly and opening quickly.  I can get Chrome to come up, but it hangs for a really really long time before I can try to do a search, but even then it usually hangs and doesn't go further (usually a page unresponsive message). 

When I did a scan flies on the system restore for 13-11-2020, I did see Chrome on the list. Not sure if that means anything. I don't remember seeing it on Sunday, but I don't recall if I ran the scan before attempting to restore.

I did see that Chrome did an update for cell phones recently and which is causing lots of issues for folks (I'm waiting to update mine)... could there be a similar Chrome update for computers causing issues? 

Thanks, 

Pcemkr 

Link to post
Share on other sites

Hello Kevin,

Clean boot went well. System came up quickly in regular mode. The first thing that popped up on the screen is a box about a Google update. Not comfortable making any changes until I hear back from you what to do next. 

I selected No to the update & opened Chrome to see how that's working. It appears to have a lag & moving slowly/ hanging  (though a tiny bit faster than before)... realistically not able to use it for anything at the moment.

I'll await word from you on next steps 

Thanks, 

Pcemkr 

Link to post
Share on other sites

Hello Pcemkr,

Personally i do not use Chrome, it is installed but only for testing against thread problems. As you suspect there is a problem with Chrome I would go for a fresh clean install of Chrome... I can give you my procedure for that step...

Obviously your system seems to load better in Clean Boot we need to find out why...

As clean boot makes your system faster and more responsive it is now a process of elimination to find which non MS service(s) was affecting your system...

Go through the process again, this time with all MS services hidden again enable the top half of non MS services, re-boot and see how your system responds, if still ok the top half can be left enabled.

Repeat again, enable so many of the bottom half then re-boot. Continue until you locate the problem service(s). A process of elimination, a bit long winded but worth the effort. Let me know the outcome...

Next,

For a fresh install of Chrome us the following instructions...

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

For your Passwords go here:

https://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/

Continue for a clean install:

Download Chrome installer and save to install later:

https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html

https://www.google.com/intl/en_usa/chrome/browser/desktop/index.html

Next,

Open Chrome and sign into your account, open a new tab and type or copy paste chrome://settings hit enter...


user posted image


In the new window that opens "Turn Off" option will show, select that option.


user posted image


You will then be given notice of what will be cleared. Checkmark the box that gives an option to clear bookmarks, passwords, history etc. Confirm that action by selecting "Turn Off" tab


user posted image


Next.

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Navigate to C:\Users\Your user name\Appdata\Local from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata)

How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/


user posted image


If you use Google Drive, open the Google folder, right click on Drive and select "Copy" then right click on your Desktop or a folder of choice and select "Paste" to save that folder and its contents.


user posted image


When you successfully saved Google drive go back to Local folder, delete the folder named Google


user posted image


Next,

Install Google Chrome :

Next,

Import your Bookmarks... (instructions in the first step)

Import Passwords... (instructions in second step above)

Next,

Install Malwarebytes Browser Extension (Free) https://chrome.google.com/webstore/detail/malwarebytes-browser-exte/ihcjicgdanjaechkgeegckofjjedodee

Next,

Install uBlock Origin for Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

If you previously had Google Drive you will nee to download and install again: https://www.google.com/intl/en_rw/drive/download/

When that is completed transfer the contents of the save google drive folder to the new one...

Does that help...?
 
Its just gone midnight local time for me, will catch up after some sleep..
 
Thank you,
 
Kevin..

 

Link to post
Share on other sites

Hello Kevin,

I've been working on the clean boot check you suggested. I spent over 6 hrs on it yesterday, however I'm not sure I'm making progress, so I have a few questions as I continue the tedious task today.

Yesterday I noticed my laptop taking longer and longer to boot up. Once I started working with the clean boot enable/disable process to narrow down issues, I found it would boot up/restart faster in safe mode. I got to thinking that the goal might be to see what allows it to boot up in regular mode. Should I be watching for effective restart in safe or regular mode? 

I just turned my laptop on and am getting what became a familiar screen yesterday during startup, a blank, black screen with the mouse arrow. The positive side of that is that I do have the mouse cursor which will move when I touch it, so at least it's not frozen. It'll probably sit like this for awhile before I get a screen. 

Should I be watching it to 

 

Link to post
Share on other sites

Sorry, I had a phone gliche andhit submit before I was finished typing...

Should I be watching to see how long each restart takes to monitor progress?

I'll keep at it today... hoping to make progress toward resolution! 

Thanks, 

Pcemkr 

 

Link to post
Share on other sites

*Update: it took about 12+ minutes before I got to the login screen, then about 30 seconds to get to the safe mode restart, another dark screen with movable mouse cursor, it's been 8+ minutes & still waiting for safe mode login screen

Link to post
Share on other sites

Hello again Kevin, 

Eventually was able to login in safe mode & stepped away to give it time to come up.

Came back to error box on screen:

sihost.exercise - System Warning Unknown Hard Error

That's new.

Also thought to mention that I've been booting up in safe mode without Internet access through this. Don't know if it makes a difference or is helpful. 

It feels like there is a slow decline happening here, however keeping the faith for a positive outcome. 

Thank you, 

Pcemkr 

Link to post
Share on other sites

Hiya pcemkr,

I want you to set up for clean boot again, then when ready boot up in Normal mode. Let me know how your PC boots in that mode... I know you`ve alrady done this, but just do it again please...

Thanks,

Kevin...

Link to post
Share on other sites

Hi Kevin, 

I did clean boot. I had the dark screen with miuse cursor for almost 10 min then got the "please wait" screen for about 5 min. I did the usual login when that screen came up.

The next screen had a message saying I needed to Create a PIN. When I hit the next button, a Windows Security box saying Set Up a PIN appeared on the next screen.

I'mnot finding a way around this box/prompt.

Thanks, 

Pcemkr 

Link to post
Share on other sites

Hiya pcemkr,

The error bo you quoted is of major concern, if that critical system file is corrupt then it explains exactly what is wrong with your PC. The following quote explains it better than me...

Quote

The genuine sihost.exe file is a software component of Microsoft Windows by Microsoft.
Microsoft Windows is an operating system. Shell Infrastructure Host is a core Windows component. Sihost.exe runs the Shell Infrastructure Host. This is critical Windows component and should not be removed.

The Windows Shell Infrastructure Host is tasked with handling several graphical elements of the OS interface including taskbar transparency and Start menu. Additionally, this utility displays applications in the Windows interface, and even controls certain functions of background behavior such as changing the wallpaper. This is an essential part of the Windows OS, which if stopped or removed may causes issues with the overall functionality of the operating system.

What you`re experiencing is typical of that file being either corrupt or pssibly exploited...

If you can get your system to boot in safe mode maybe we can get a fix that way... try to boot to safe mode. If successful open an elevated command prompt then run the following command:

sfc /scannow

Let me know if you can run that command...

Thanks,

Kevin

Link to post
Share on other sites

Scan finished, here's what it says:

Windows Resource Protection found corrupt files but was unable to fix some of them. For online repairs, details are included in the CBS log file located at windir\Logs\CBS \CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline repairs, details are included in the log file provided by the /OFFLOGFILE flag.

Cheers!

Pcemkr 

Link to post
Share on other sites

Hiya pcemkr,

Can you attach the produced log from the sfc scan...

Next,

Open an elevated command prompt again, at the prompt type or copy/paste the following commands, hit enter after each one. Let me know the outcome.

DISM.exe /Online /Cleanup-image /Restorehealth

sfc /scannow

Thanks,

Kevin...

Link to post
Share on other sites

Hi Kevin, 

I'm trying to get the Internet to come up to see if I can attach the file. It's taking a very long time, but I'm hoping it will cooperate. 

I'm guessing if I run the additional things you suggested, it may overwrite the first scan file, so I'll keep at it & get it to you if I'm able.

Thanks, 

Pcemkr 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.