Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help please, think I'm infected [Solved]


  • This topic is locked This topic is locked

#31
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,269 posts

Try to uninstall Dell Support Assist in Safe mode. Let me know if you are getting the same error.

 

To get in Safe mode:

  • Press the Windows icon on the keyboard together with the letter I, to get into the Settings.
  • Choose Update and Security.
  • From the menu at the left, choose Recovery.
  • Under the title Advanced startup at the right, choose Restart now.
  • From the window that will appear choose Troubleshoot and then Advanced options.
  • Choose Startup Settings and then Restart.
  • Press number 5, for choosing Safe mode with networking.
  • You will know that you are in Safe mode, if the background is black and Safe mode is written at the four corners of the screen.

  • 0

Advertisements


#32
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

No, it still wont unstall. I have attached a screen shot I got while in safe mode ,,,


  • 0

#33
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

this is what i get

Attached Thumbnails

  • Untitled-1.jpg

  • 0

#34
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

OK, I found a program called Geek Uninstaller and was able to uninstall Dell Support Assist in Safe Mode. I hope this way OK. Here are the new FRST logs

Attached Files


  • 0

#35
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,269 posts

Hi, mpmm.
 
I don't see any other sign of infection in your system. 
 
We are going to do some additional checks, in order to find out more about the system's slowness.
 
1. Question
 
This error appears in your logs:
 

This computer was not able to set up a secure session with a domain controller in domain MCL due to the following: 
We can't sign you in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try again. If you previously signed in on this device with another credential, you can sign in with that credential. This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists, please contact your domain administrator.

 
The computer is belonged to a domain, right? Other than the above error, are you experiencing any other problem regarding sign in?
 
 
2. Run Deployment Image Servicing and Management (DISM)

  • Click on the Start button and in the search box, type Command Prompt
  • When you see Command Prompt on the list, right-click on it and select Run as administrator
  • Enter the command below and press on Enter;
DISM /Online /Cleanup-Image /RestoreHealth
  • Let the scan run until the end (100%). Depending on your system, it can take some time.
  • Please post here the result you got (screenshot)

 

3. When DISM finishes, you can then run SFC from the same command prompt window, but full instructions as if starting fresh

  • Click on the Start button and in the search box, type Command Prompt
  • When you see Command Prompt on the list, right-click on it and select Run as administrator
  • Enter the command below and press on Enter
sfc /scannow
  • Let the scan finish.
  • You will normally get one of the following results:
    Windows Resource Protection did not find any integrity violations
    Windows Resource Protection found corrupt files and successfully repaired them
    Windows Resource Protection found corrupt files but was unable to fix some of them
    Windows Resource Protection could not perform the requested operation
    
    Please post the result you got (screenshot)

 

4. Check disk

  • Click on the Start button and in the search box, type Command Prompt.
  • When you see Command Prompt on the list, right-click on it and select Run as administrator.
  • Enter the command below and press on Enter and wait for it to finish (~15 minutes).
       chkdsk C: /r
    
  • You will receive a message that the operation cannot be performed while the system is in use and ask if you want to check when you restart your computer. Choose Yes, and then restart the computer, allowing disk check to run at startup.
  • The process will take some time, depending on the disk condition.
  • Download ListChkdskResult by SleepyDude and save it on your Desktop.
  • Double click on the created icon.
  • A notepad file will open. Copy its content and paste it in your next reply.

  • 0

#36
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,269 posts

Are you still with me, mpmm?


  • 0

#37
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

yes sir, sorry for the delay


  • 0

#38
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

1)

Attached Thumbnails

  • Untitled-2.jpg

  • 0

#39
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

3) I got this message: Windows Resource Protection found corrupt files and successfully repaired them


  • 0

#40
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013

------< Log generate on 8/31/2021 7:07:27 PM >------
Category: 0
Computer Name: MPMM1.MCL.local
Event Code: 1001
Record Number: 26713
Source Name: Microsoft-Windows-Wininit
Time Written: 09-01-2021 @ 00:02:53
Event Type: Information
User:
Message:

Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.                         

Stage 1: Examining basic file system structure ...
  1112064 file records processed.                                                        


File verification completed.
 Phase duration (File record verification): 35.08 seconds.
  19872 large file records processed.                                   


 Phase duration (Orphan file record recovery): 0.00 milliseconds.
  0 bad file records processed.                                     


 Phase duration (Bad file record checking): 0.53 milliseconds.

Stage 2: Examining file name linkage ...
  93031 reparse records processed.                                      


  1586512 index entries processed.                                                       


Index verification completed.
 Phase duration (Index verification): 2.41 minutes.
  0 unindexed files scanned.                                        


 Phase duration (Orphan reconnection): 8.85 seconds.
  0 unindexed files recovered to lost and found.                    


 Phase duration (Orphan recovery to lost and found): 9.24 seconds.
  93031 reparse records processed.                                      


 Phase duration (Reparse point and Object ID verification): 158.09 milliseconds.

Stage 3: Examining security descriptors ...
Cleaning up 4149 unused index entries from index $SII of file 0x9.
Cleaning up 4149 unused index entries from index $SDH of file 0x9.
Cleaning up 4149 unused security descriptors.
Security descriptor verification completed.
 Phase duration (Security descriptor verification): 129.89 milliseconds.
  237225 data files processed.                                           


 Phase duration (Data attribute verification): 0.65 milliseconds.
CHKDSK is verifying Usn Journal...
  34279056 USN bytes processed.                                                           


Usn Journal verification completed.
 Phase duration (USN journal verification): 850.13 milliseconds.

Stage 4: Looking for bad clusters in user file data ...
  1112048 files processed.                                                               


File data verification completed.
 Phase duration (User file recovery): 1.95 hours.

Stage 5: Looking for bad, free clusters ...
  92856222 free clusters processed.                                                       


Free space verification is complete.
 Phase duration (Free space recovery): 0.00 milliseconds.

Windows has scanned the file system and found no problems.
No further action is required.

 955975679 KB total disk space.
 582940056 KB in 728842 files.
    358148 KB in 237226 indexes.
         0 KB in bad sectors.
   1252583 KB in use by the system.
     65536 KB occupied by the log file.
 371424892 KB available on disk.

      4096 bytes in each allocation unit.
 238993919 total allocation units on disk.
  92856223 allocation units available on disk.
Total duration: 2.01 hours (7247342 ms).

Internal Info:
00 f8 10 00 bc bd 0e 00 f3 5f 11 00 00 00 00 00  ........._......
53 07 00 00 14 64 01 00 00 00 00 00 00 00 00 00  S....d..........

-----------------------------------------------------------------------
Category: 0
Computer Name: MPMM1.MCL.local
Event Code: 26212
Record Number: 15682
Source Name: Chkdsk
Time Written: 06-23-2021 @ 21:34:03
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
Volume label is OS.

Stage 1: Examining basic file system structure ...
  1009664 file records processed.                                                        

File verification completed.
 Phase duration (File record verification): 8.28 minutes.
  20701 large file records processed.                                   

 Phase duration (Orphan file record recovery): 0.00 milliseconds.
  0 bad file records processed.                                     

 Phase duration (Bad file record checking): 0.50 milliseconds.

Stage 2: Examining file name linkage ...
  74184 reparse records processed.                                      

  1452088 index entries processed.                                                       

Index verification completed.
 Phase duration (Index verification): 2.80 minutes.

 Phase duration (Orphan reconnection): 11.27 seconds.

 Phase duration (Orphan recovery to lost and found): 0.61 milliseconds.
  74184 reparse records processed.                                      

 Phase duration (Reparse point and Object ID verification): 165.12 milliseconds.

Stage 3: Examining security descriptors ...
Security descriptor verification completed.
 Phase duration (Security descriptor verification): 119.98 milliseconds.
  221213 data files processed.                                           

 Phase duration (Data attribute verification): 0.69 milliseconds.
CHKDSK is verifying Usn Journal...
  37410976 USN bytes processed.                                                           

Usn Journal verification completed.
 Phase duration (USN journal verification): 1.19 seconds.

Windows has scanned the file system and found no problems.
No further action is required.

 955975679 KB total disk space.
 602641056 KB in 667025 files.
    344912 KB in 221214 indexes.
   1151295 KB in use by the system.
     65536 KB occupied by the log file.
 351838416 KB available on disk.

      4096 bytes in each allocation unit.
 238993919 total allocation units on disk.
  87959604 allocation units available on disk.
Total duration: 11.30 minutes (678595 ms).

-----------------------------------------------------------------------
Category: 0
Computer Name: MPMM1.MCL.local
Event Code: 26212
Record Number: 14831
Source Name: Chkdsk
Time Written: 06-20-2021 @ 20:01:50
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
Volume label is OS.

Stage 1: Examining basic file system structure ...
  921856 file records processed.                                                        

File verification completed.
 Phase duration (File record verification): 15.48 minutes.
  18430 large file records processed.                                   

 Phase duration (Orphan file record recovery): 0.00 milliseconds.
  0 bad file records processed.                                     

 Phase duration (Bad file record checking): 2.14 milliseconds.

Stage 2: Examining file name linkage ...
  84433 reparse records processed.                                      

  1370190 index entries processed.                                                       

Index verification completed.
 Phase duration (Index verification): 16.86 minutes.

 Phase duration (Orphan reconnection): 9.26 seconds.

 Phase duration (Orphan recovery to lost and found): 2.39 milliseconds.
  84433 reparse records processed.                                      

 Phase duration (Reparse point and Object ID verification): 259.63 milliseconds.

Stage 3: Examining security descriptors ...
Security descriptor verification completed.
 Phase duration (Security descriptor verification): 255.06 milliseconds.
  224168 data files processed.                                           

 Phase duration (Data attribute verification): 2.41 milliseconds.
CHKDSK is verifying Usn Journal...
  34278648 USN bytes processed.                                                           

Usn Journal verification completed.
 Phase duration (USN journal verification): 3.95 seconds.

Windows has scanned the file system and found no problems.
No further action is required.

 955975679 KB total disk space.
 601006832 KB in 678731 files.
    352896 KB in 224169 indexes.
   1059947 KB in use by the system.
     65536 KB occupied by the log file.
 353556004 KB available on disk.

      4096 bytes in each allocation unit.
 238993919 total allocation units on disk.
  88389001 allocation units available on disk.
Total duration: 32.58 minutes (1955086 ms).

-----------------------------------------------------------------------
Category: 0
Computer Name: MPMM1.MCL.local
Event Code: 26212
Record Number: 14082
Source Name: Chkdsk
Time Written: 02-01-2021 @ 09:41:46
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
Volume label is OS.

Stage 1: Examining basic file system structure ...
  842496 file records processed.                                                        

File verification completed.
 Phase duration (File record verification): 1.15 minutes.
  20218 large file records processed.                                   

 Phase duration (Orphan file record recovery): 0.00 milliseconds.
  0 bad file records processed.                                     

 Phase duration (Bad file record checking): 11.65 milliseconds.

Stage 2: Examining file name linkage ...
  52063 reparse records processed.                                      

  1222786 index entries processed.                                                       

Index verification completed.
 Phase duration (Index verification): 4.72 minutes.

 Phase duration (Orphan reconnection): 6.33 seconds.

 Phase duration (Orphan recovery to lost and found): 6.61 milliseconds.
  52063 reparse records processed.                                      

 Phase duration (Reparse point and Object ID verification): 180.36 milliseconds.

Stage 3: Examining security descriptors ...
Security descriptor verification completed.
 Phase duration (Security descriptor verification): 109.27 milliseconds.
  190146 data files processed.                                           

 Phase duration (Data attribute verification): 6.14 milliseconds.
CHKDSK is verifying Usn Journal...
  35804032 USN bytes processed.                                                           

Usn Journal verification completed.
 Phase duration (USN journal verification): 517.29 milliseconds.

Windows has scanned the file system and found no problems.
No further action is required.

 955975679 KB total disk space.
 636938748 KB in 586837 files.
    302476 KB in 190147 indexes.
    982799 KB in use by the system.
     65536 KB occupied by the log file.
 317751656 KB available on disk.

      4096 bytes in each allocation unit.
 238993919 total allocation units on disk.
  79437914 allocation units available on disk.
Total duration: 6.00 minutes (360378 ms).

-----------------------------------------------------------------------


  • 0

Advertisements


#41
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,269 posts

Windows Resource Protection found corrupt files and successfully repaired them.

 

How is the computer running now? Are you still experiencing any issues? If yes, please, describe them in details.

 

Also, please give me fresh FRST logs (Addition and FRST). It will be easier for me to review them if you attach them for me (To attach the files, click on the More Reply Options at the bottom right of the reply area, and then choose Attach File).


  • 0

#42
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

FRST still gives error message when you launch it that it is unable to update, I don't know if that is indicitive of a network error still or not.

1) I still have video issues. When I look at the video card it has a ton of drivers loaded, and the video performance seems degraded

2) network performance still seems off, and there is a virtual ethernet adapter that shouldn't be there (vEthernet)

3) several processes running that I am not familiar with, they may be normal but I don't know

4) wifi activity, when I view in task manager, still seems like it's got a ton of activity going on in the background, like way too much network activity (see attached)

5) FRST logs attached.

6) Again, thank you very much!

Attached Thumbnails

  • network.jpg

Attached Files


  • 0

#43
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

more weird networking

Attached Thumbnails

  • network2.jpg

  • 0

#44
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,269 posts
Hi, mpmm.
 
As I already said, I don't see any sign of infection right now in the computer. 
 
However, you have done several things/changes and used so many programs in order to secure the system. As a result, there are errors and warnings which probably cause the bad experience you are having.
 
I will provide you a last fix to do now. After that, I suggest you to post at the Windows 10 Forum describing the remaining issues (network connection and video issues), mentioning that you checked your computer for malware here.
 
I would also suggest you to uninstall PuTTY release.
 
 
FRST fix
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
FF NetworkProxy: Mozilla\Firefox\Profiles\hi4lo88b.default-1543873865624 -> type", 0
S3 SupportAssistAgent; "C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe" [X]
Removeproxy: 
EmptyTemp: 
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.
Let me know about your next steps.
  • 0

#45
mpmm

mpmm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

attached, thank you again


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP