Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Is my PC infected? [Solved]


  • This topic is locked This topic is locked

#31
BerDov

BerDov

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 232 posts

Done. Please see below.

 

====================================

Farbar Service Scanner Version: 13-08-2022 01
Ran by DovBer (administrator) on 12-01-2023 at 11:15:00
Running from "C:\Users\DovBer\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============


Firewall Disabled Policy:
==================


System Restore:
============


System Restore Policy:
========================


Action Center:
============


Windows Update:
============


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK (ImagePath=%SystemRoot%\System32\svchost.exe -k secsvcs).
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\Drivers\netbt.sys => File is digitally signed
C:\Windows\System32\Drivers\tdx.sys => File is digitally signed
C:\Windows\System32\dhcpcsvc.dll => File is digitally signed
C:\Windows\System32\Drivers\afd.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****


  • 0

Advertisements


#32
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,232 posts

Thank you. 

 

The computer is clean now, but as I said earlier, this doesn't assure that it will stay clean, since it is being used online. 

 

Issues I see:

 

1. No antivirus

 

You said you had Avast. If you stay with Windows 7, you can use it if you were happy with it. This is the official Avast site, from where you can download and install: Download Free Antivirus Software | Avast 2023 PC Protection

 

For now, you can enable Windows Defender antispyware which is now disabled. See here how, for Windows 7. 

 

In case you upgrade to 10, no need for a 3rd party antivirus. Microsoft Defender, is an integrated security platform, and it can keep you safe. 

 

 

2. RAM

 

These lines are from your last FRST logs:

 

Percentage of memory in use: 89%
Total physical RAM: 8057.43 MB
Available physical RAM: 855.59 MB

 

That confirms a lack of sufficient recourses to use your programs. Since you decided to upgrade to Windows 10, have in mind that you will need extra memory. Here you can run a free RAM wizard to determine which RAM is compatible with your motherboard. You download and run a small program, which will scan your computer and then recommend compatible RAM. You don't have to buy from them, but you can find out how much RAM the computer can accept. 

 

 

===========================

 

Having said the above, we can try the upgrade procedure once more.

 

You said that there was no Update now button in this page, but there is. Click on it, let the upgrade take place and let me know the result.

 

If it fails, there is also the Media Creation Tool option. We tried it before, without any success, but now your system is completely different, since we cleaned it. Here are the instructions from the beginning:

  • Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
  • Save the tool on your Desktop and double click to run it.
  • On the License terms page, if you accept the license terms, select Accept.
  • On the What do you want to do page, select Upgrade this PC now, and then select Next.
  • Follow the instructions and select Keep personal files and apps, when you are asked to.
  • It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
  • After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

 

In any case, if the procedure fails, I'll need the errors you are getting. 


  • 0

#33
BerDov

BerDov

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 232 posts

Thank you kindly, DR M!

 

Just now, I enabled the Win Defender. BTW, a message stated that it has stopped "because of a problem" - whatever that means. I was also prompted to update the s/w. The latest version is dated 1/9/2023.

I do plan to upgrade this OS to Win 10 today or tomorrow, time permitting. Will document all steps in case there is failure, so please don't close the case just yet.

 

Regarding memory, the Task Manager window showed 80% used a minute ago; while I was writing this, it went down to 72%. (CPU usage was 3%). Most memory is used by Firefox. I just quit it, and the memory use went down to 36%. I stopped liking Firefox long ago for this reason, but keep it because I am used to it. Do you have an opinion on Edge vs Firefox?

 

Another memory hog is Photoshop (when open I suppose). It was configured to use 74% of available RAM.

 

Thank you again!


  • 0

#34
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,232 posts

You are very welcome. No, of course I'll not close the topic.

 

Let's see if the upgrade is successful, and then check the Defender issue.

 

I use Edge, but I am using Windows 10 and 11. I'm quite satisfied with it.

 

Programs need RAM to run. If when particular programs run they use 70 or 80 or 90% of RAM, that means you need more RAM. :)

 

See you tomorrow. 


  • 0

#35
BerDov

BerDov

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 232 posts

Hello Dr M,

 

I am having the same problem. When trying to run < MediaCreationTool22H2.exe> either by 2 clicks or as Admin, the same error comes up. Searching for "0x80072F8F - 0x2000", brought me to this page: https://windowsrepor...0000-windows-7/

 

Apparently, there is a conflicting application, but which one? I will go through the list of programs and see what can be uninstalled.

 

There is also this page I came across: https://windowsrepor...dows-7-forever/

 

If I stay with Win 7, I need an anti-virus program, right? I did use Avast before, but a few years ago, it created a conflict when doing ... (I am not a geek, cannot provide the specifics, sorry). I was told by one of your colleagues that Avasts became too pushy offering products and services (again, if I remember it right) and that it's next to impossible to uninstall it. In fact, I was  surprised to see it still in the eset.txt yesterday. If you think it's still the best, I will install it again.


  • 0

#36
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,232 posts

Hi, Dan.

 

We could try several things, with the clean install solution being the most drastic and fast one. If you want to avoid this, I strongly recommend you to open a topic at a forum which is specialized in problems with Windows Updates: Sysnative Forums  In your topic, tell the experts there that the computer was checked and is now clean from malware, mentioning also the link to this topic. 

 

Let me know what do you think. 


  • 0

#37
BerDov

BerDov

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 232 posts

Thank you, DR M,

 

The thought of clean install, i.e. wiping out the C: drive, did occur to me. The truth is, all these "recovery disks" or whatever they are called never worked for me. As I-a simple user-see it, there is no substitute to a real OS installation disk.

I will try the Sysnative Forums, thank you, and thank you again for all your help. I understand now the cleaning process a little better.

 

Have a great weekend!


  • 0

#38
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,232 posts

Hi, BerDov.

 

The clean install procedure is much simpler now. No recovery disk is needed. Instead, we need a bootable USB drive with Windows 10 on it. Actually, you use the Media Creation tool to create it, and then, make your computer boot from it, and install the new operating system.

 

I will be watching your topic at Sysnative. Let me know when you post. :)


  • 0

#39
BerDov

BerDov

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 232 posts

Hi Dr M,

 

Your post reminded me that there were two disks with the computer: Win 7 and Win 10. It was back in 2016 (time flies, I thought it was more recent), and I chose to install Win 7 as it was more stable. Now, I am not sure if that disk can/should be used. Will follow advice of the gurus at Sysnative. Taking a weekend break.


Edited by BerDov, 13 January 2023 - 03:25 PM.

  • 0

#40
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,232 posts

Hi Dr M,

 

Your post reminded me that there were two disks with the computer: Win 7 and Win 10. It was back in 2016 (time flies, I thought it was more recent), and I chose to install Win 7 as it was more stable. Now, I am not sure if that disk can/should be used. Will follow advice of the gurus at Sysnative. Taking a weekend break.

 

Hi, BerDov.

 

That disk has the very first version of Windows 10, so you will need to upgrade to the latest version again. Let me know when you are going to post.


  • 0

Advertisements


#41
BerDov

BerDov

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 232 posts

Hi DR M,

 

I registered with sysnative.com, started a new thread, but am unable to post. The only action button visible is [Preview].

 

There is a 'contact us' link; will write there and see what happens.

 

Regards,

 

B.


Edited by BerDov, 16 January 2023 - 10:04 AM.

  • 0

#42
BerDov

BerDov

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 232 posts
Done, thank you!
 
The [New Message] button was confusing to me. I thought it will lead me to composing another new message.
 

  • 0

#43
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,232 posts

Thanks. :)

 

Now, make some patience until someone will assist you there. I'll be around.


  • 0

#44
BerDov

BerDov

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 232 posts

Good morning/evening, DR M,

 

There is a new problem discovered this past weekend, which never existed before. I do not think it is related to malware but since you guided me on checking/cleaning the computer and may have an insight, I wanted to run it by you first.

 

The external microphone stopped working when needed. I use it only with Skype. There is a feature there called "_echo/sound test service".  When I run this test, it does not hear my voice input. When I restart the computer and immediately go to Skype, it works. It happened twice over the weekend and once today, some 10-15 min ago.

 

In the "Microphone setup wizard", the dark blue bar moves, i.e. *something* hears my voice, but the problem is still there

.

Thank you!


  • 0

#45
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,232 posts

Although I would recommend you to wait until upgrading to 10, you can see here some methods regarding microphone's troubleshooting: https://softwarekeep...ng-on-windows-7


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP