Jump to content

Undetectable Virus with varying rapid clicking (sewing machine) noise


Recommended Posts

Malwarebytes Premium never detected this after multiple scans.

Just bought a new HP ProBook and first thing I installed was malwarebytes premium after updating windows 10 then reinstalled my backups from Chrome, Google, USB hard drive, Personal (IMAP) and was in the process of adding my Outlook365 email account then the clicking began again. Attempted a "Reset this PC" but could not select remove all apps so suspect it is still infected. What do I do next?

I first had this on an older computer with Malwarebytes on it and it kept getting worse to the point I could no longer fight it. It would start as soon as I reboot. Including when I use the paper click and hit the master reset by the power button. Attempted to remove the battery but damaged the laptop beyond repair opening it up.

Link to post
Share on other sites

Please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

 

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thanks

Link to post
Share on other sites

Just now, Swamptromper said:

FRSTEnglish is the unexpected name of the download

That is not unexpected. It is part of the Support tool gathering logs.

Do not post any more until you are addressed by a malware removal expert. Numerous replys make it look like you are being assisted already and you may be overlooked.

Link to post
Share on other sites

Hello :welcome: @Swamptromper

I will guide you along on looking for remaining malware. Lets keep these principles as we go along.

  • Removing malware can be unpredictable
  • Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • Only run the tools I guide you to.
  • Do not run online games while case is on-going. Do not do any free-wheeling web-surfing.
  • The removal of malware isn't instantaneous, please be patient.
  • Cracked or or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure.
  • Please stick with me until I give you the "all clear".
  • If your system is running Discord, please be sure to Exit out of it while this case is on-going.

Know that FRSTENGLISH is the Farbar FRST tool that is provided along with the Malwarebytes support tool. It helps us to be able to diagnose the system. This is normal and expected. This is no reason to fret. Also, please, do not try to self-diagnose the pc, while I am helping you.

DO tell me just how new is this computer ?

Do allow me some time to pore over the reports you provided.

Link to post
Share on other sites

Please really slow down, as far as any prior conclusions.
It does seem that the "Reset this pc" did take effect. The Windows system is very lightly populated as far as applications.
There is no sign of Chrome, no sign of a installed Malwarebytes.
Microsoft Defender antivirus is present; HOWEVER it has failing update issues.  I will guide you on that later. Just HOLD OFF on any "self-fixing".

Here are the only installed applications ( reported by Windows 10_.
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.239.70 - Conexant)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-285765619-1030454603-3267796744-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.27 - Synaptics Incorporated)

Packages:
=========
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2023-01-14] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-01-14] (INTEL CORP) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-14] (Microsoft Studios) [MS Ad]

I will custom guide you. We will be doing several things, over a few different passes. Please have lots of patience.
This next part is just the first pass. It will not take a whole lot of time. It should be under 15 minutes or even less.
Just only do this, and report back with the log, and kindly, please, wait for next reply from me.

Let's do one special run  with Malwarebytes Adwcleaner. 
 
It will not take much time, Read over all lines before starting so that you have a good understanding of the whole method. Take your time and go careful. I ant to make sure you select all of what I list below - before- pressing the "scan" button.
 
First download & save it
 
Then be sure to close all web browsers after the download & before launching the tool.
 
Then go to where the EXE file is saved. Start Adwcleaner.
 
Reply YES at the Windows prompt to allow the program to proceed and make changes. That is the usual Windows security prompt.
 
When AdwCleaner starts, on the left side of the window, click on “Settings” and then enable these repair actions on that tab-window
by clicking their button to the far-right for ON status
Delete IFEO keys
Delete tracing keys
Delete Prefetch files
Reset Proxy
Reset IE Policies
Reset Chrome policies
Reset Winsock
Reset HOSTS file
 
ADW-s-1.png.c32838f45f840beb2b835ad51f0a1b7c.png
 
 
Now On the left side of the AdwCleaner window, click on “Dashboard” and then click “Scan” to perform a computer scan.
 
 
 
This can take several minutes.
When the AdwCleaner scan is completed it will display all of the items it has found. Click on the “Quarantine” button To remove what it found.
 
AdwCleaner will now prompt you to save any open files or data as the program will need to close any open programs before it starts to clean.
Click on the “Continue” button to finish the removal process.
 
 
 
Attach the clean log from Adwcleaner when all completed.
Edited by Maurice Naggar
Link to post
Share on other sites

I was hoping to have the log file from Adwcleaner. I like to look at logs ( of tools I ask to be run). So I can review.

You can find them  in the Log Files tab.

Guide article

I have to make some remarks about your initial first post. Hardware noises that sound anything like "sewing machine" or anything near that are way abnormal. It may indicate failing or damaged disc. Also, no call to automatically assume or presume "undetectable virus". We do actual security checks to actually check for virus, or trojan, or malware.

Link to post
Share on other sites

Thank you. Relieved to know that the sounds are due to the speaker. That is a relief.

Please run the following custom script. Read all of this before you start. Please Close all open work.

Once the script-run has been completed, please attach the file FIXLOG.TXT to your next reply

 

Farbar program location:   C:\Users\Jeff\Downloads\FRSTEnglish.exe

 

Please download the attached fixlist.txt file and save it to C:\Users\Jeff\Downloads

Fixlist.txt

 

NOTE. It's important that both files, FRSTENGLISH, and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run  FRSTENGLISH and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Downloads folder (Fixlog.txt) . Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files.  It will also run scans with MS Defender antivirus. It will cleanup the work areas for MS Windows Update ( this machine appears to have problem with updates for Defender). It will queue up a CHKDSK of drive C at the next Reboot, so be sure to not interfere with that, and have Lots of Patience.

Depending on the speed of your computer this fix may take 40 minutes or more.

The system will be rebooted after the fix has run. Attach FIXLOG.txt with next reply.

Link to post
Share on other sites

The run is good. Windows System File Checker found no corruption / no issue.
The Microsoft Defender antivirus is in good shape and is running & up-to-date.
 
I would highly suggest to insure that this pc is all up-to-date with security updates & cumulative updates on Windows. select the Windows Start  button, and then go to Settings  > Update & Security  > Windows Update . and click Check for Updates.
Have much patience.

[  2   Do a custom scan with Microsoft Defender Antivirus ]

Just want to do a visual check in Windows Security to see (visually) that Microsoft Defender is on , and to do a Custom scan.

From the Windows Start menu, select Settings, then select Update and Security.

Next, look at the left-side menu & select Windows Security

Next, In Windows Security section: Click on the grey button Open Windows Security

Now, click on the shield Virus and threat protection

Look to see that Microsoft Defender is shown & available for use.

On the next display, look at all the options.  Look down the list and see "Check for Updates" .

You should click on that to have the system check for updates for Windows Defender.  Watch & wait for that to complete.

Please also note that the Scan options (all) can be displayed by clicking on Scan options.   Click that & select CUSTOM scan & then pick the C drive  & have it go forward.

Once it has started the scan phase, you can go take a long break.   Let me know the results.

Link to post
Share on other sites

windows is up to date

last security intelligence update was 10:12am today

Microsoft Defender is not shown as available, only option I see under "Help from the Web" is "Turn on Microsoft Defender Firewall". I will wait on your response before doing anything else.

Link to post
Share on other sites

According to the last FRST run Microsoft Defender is definitely on.
This is one way to do a manual scan using the Microsoft Defender antivirus, as well as to visually check protection status.

From the Start menu, select Settings, then select Update and Security.

Next, look at the left-side menu & select Windows Security

image.png.53b8290f51fb52ad1f67f2be5d1a7198.png

 

Next, In Windows Security section: Click on the grey button Open Windows Security

image.thumb.png.770ff10e37da546f33963da571bd3378.png

Now, click on the shield Virus and threat protection

By the way, when you see a green check-mark on your display, it means a good status and that protection is on.

 

image.thumb.png.d3c40d161bda6630f463e83ce53f9782.png 

On the next display, look at all the options.  Look down the list and see "Check for Updates" which I have highlighted with a blue icon.

You can click on that to have the system check for updates for Windows Defender.

Please also note that the Scan options (all) can be displayed by clicking on Scan options. ( You can do Quick, Full, or Custom).

NOTE: If you have the time / opportunity, select a Custom scan & scan the C drive   ( one time as a safety check ).

 

image.thumb.png.1bfbd5b3023eeabe0dbea2025a5fa556.png

 

Link to post
Share on other sites

I am very happy to know that Microsoft Defender has checked, and it reports no virus, no trojan, no malware.
Microsoft Defender antivirus has been its name for a few years. The older name was "Windows Defender".

When you have some quiet time, take a look on the HP tag on the outside of computer housing.
I would like to know the full model of this HP machine.
and let me know if this machine is a notebook or laptop, or, a small tower, or, a desktop-type hardware.

The Windows is reporting that it is a HP 82AB system board.
The Intel microprocessor is Intel Core i7-7820HQ CPU @ 2.90GHz  which meets the rquirements for the Windows 11 Operating system
and the pysical RAM is 16 GB
I am going to encourage you to upgrade to Windows 11 ( for free). That will extend out the Microsoft support for the Operating System. 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.