Richard Schierer
asked on
Windows 10 Pro 64-bit Must be Infected
I loaded CCleaner and ran it. It came back indicating that there was 11,687.339,239,301 MB to be removed. The total of the files shown don't even come close to equaling that. I was able to run CCleaner Registry Cleaner and I did save the registry prior to running the reg cleaner.
I checked Installed applications and there is nothing recent that doesn't belong.
I ran Malwarebytes and selected Scan>Custom Scan> added Rootkit> then selected the C: drive. But it will not put a check in the box. And when I run a quick scan, nothing shows up as being infected.
I ran the client's paid for version of eset Smart Security and let it show the Scan progress. when it is done, there are a lot of 'error opening' files, which when I googled it said that it could not scan them because they were in use. but there are no threats found.
Now I am remoting into this computer using TeamViewer 12.
The client indicates that when she clicks on any icons to run them, that there is a 20 second or so delay. The user of course is impatient and when she has to wait she clicks on it again. By the time the program opens, it locks up because it opens multiple copies of the application.
I don't see anything out the norm in the Event Viewer.
I checked Installed applications and there is nothing recent that doesn't belong.
I ran Malwarebytes and selected Scan>Custom Scan> added Rootkit> then selected the C: drive. But it will not put a check in the box. And when I run a quick scan, nothing shows up as being infected.
I ran the client's paid for version of eset Smart Security and let it show the Scan progress. when it is done, there are a lot of 'error opening' files, which when I googled it said that it could not scan them because they were in use. but there are no threats found.
Now I am remoting into this computer using TeamViewer 12.
The client indicates that when she clicks on any icons to run them, that there is a 20 second or so delay. The user of course is impatient and when she has to wait she clicks on it again. By the time the program opens, it locks up because it opens multiple copies of the application.
I don't see anything out the norm in the Event Viewer.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
masnrock
Have you tried getting the system into Safe Mode with Networking? May be tougher to use some of the remote tools, but you'll probably have considerably more luck that way.
ASKER
All the troubleshooting is being done using TeamViewer 12.
I ran chkdsk using admin; nothing was out of place
McKnife; I am running windows 10 v1607 ; I am using CCleaner Pro Trial Version 5.29.6033 and it shows it as being the very latest version. can I tell CCleaner to clean it when it shows that much space to clean? Or should I wait till I am in front of the computer to run it and Malwarebytes and the other tips that everyone has mentioned?
I am also showing in the Microsoft windows updates that ther eis an update for MS Windows (KB3150513) which was installed on 4/22/17. I googled this KB and it says that it an update that is there to make sure that all the hardware and software is ready and compatible for an windows 10 upgrade. This computer already went thru that and why was it downloaded on the same day that the user started experiencing problems?
Can I uninstall this update? I still can't do a restore point and there are about 6 of them with all different dates all indicating that they were done for a windows update over the past 2 months.
NOBUS, thanks for the info. but I will have to be onsite to perform them. and the way things are going that will be tomorrow!
JOHN HURST thanks for the tip on where to go for the windows 10 downloads. I burned it and will use it when I go on site tomorrow if I need to.
DBRUNTON; the computer has a SAMSUNG MZMTE256HMHP-OOOMV Which means it is a SSD? I ran diagnosics on the entire computer using http://hdd.userbenchmark.com/ and it did not show any problems. Middle of the road performance.
I ran chkdsk using admin; nothing was out of place
McKnife; I am running windows 10 v1607 ; I am using CCleaner Pro Trial Version 5.29.6033 and it shows it as being the very latest version. can I tell CCleaner to clean it when it shows that much space to clean? Or should I wait till I am in front of the computer to run it and Malwarebytes and the other tips that everyone has mentioned?
I am also showing in the Microsoft windows updates that ther eis an update for MS Windows (KB3150513) which was installed on 4/22/17. I googled this KB and it says that it an update that is there to make sure that all the hardware and software is ready and compatible for an windows 10 upgrade. This computer already went thru that and why was it downloaded on the same day that the user started experiencing problems?
Can I uninstall this update? I still can't do a restore point and there are about 6 of them with all different dates all indicating that they were done for a windows update over the past 2 months.
NOBUS, thanks for the info. but I will have to be onsite to perform them. and the way things are going that will be tomorrow!
JOHN HURST thanks for the tip on where to go for the windows 10 downloads. I burned it and will use it when I go on site tomorrow if I need to.
DBRUNTON; the computer has a SAMSUNG MZMTE256HMHP-OOOMV Which means it is a SSD? I ran diagnosics on the entire computer using http://hdd.userbenchmark.com/ and it did not show any problems. Middle of the road performance.
"can I tell CCleaner to clean it when it shows that much space to clean?" - I only know that when windows 1607's own disk cleanup wizard showed several TBs could be freed by setting a checkbox somewhere and you did that - nothing bad happens. I assume, the same will hold true for CCleaner, it's the same calculatory error, I guess.
>> Which means it is a SSD?
Yep. If it is taking 20 seconds to load an application from an SSD then something is amiss somewhere.
You can check her browser(s) for unwanted extensions. Also try AdwCleaner https://www.bleepingcomputer.com/download/adwcleaner/ for this purpose and other unwanted apps that *might* be installed on this machine.
Yep. If it is taking 20 seconds to load an application from an SSD then something is amiss somewhere.
You can check her browser(s) for unwanted extensions. Also try AdwCleaner https://www.bleepingcomputer.com/download/adwcleaner/ for this purpose and other unwanted apps that *might* be installed on this machine.
use the samsung Magician software to test the SSD : http://www.samsung.com/semiconductor/minisite/ssd/download/tools.html
ASKER
I ran windows disk cleanup on the C: drive and found that the recycle bin had -977632097 bytes of data! I checked the actual recycle bin and found a ton of files, guess the user never ran disk clean up nor emptied their recycle bin since they got the computer. I deleted all of it. I then ran CCleaner and it didn't show the previous number of space available to cleanup, so that was good.
I uninstalled the MS Windows (KB3150513) update which was installed on 4/22/17. Rebooted and no harm done.
Right now I have Malwarebytes finally running a custom scan on the C: drive. As an FYI I couldn't select the C: drive in the custom scan section, so it would only do a fast scan. I checked out another forum and it said:
I am having this issue with a Surface Pro 2. My installation was an upgrade from MBAM to MB3. I cannot select the drive using the touchscreen, touchpad, pen, or mouse. However, if I click an empty area of the box that contains a list of all drives, that box is highlighted with a green border. From there, every time I press the down arrow on the keyboard it will select a drive. My Surface Pro 2 just has two drives: the default and an SD Card used for File History.
Hope this information is helpful.
THANK YOU EVERYONE FOR YOUR SUBMISSIONS AND STICKING IT OUT TO THE END!! The PC seems to be running much better. Only time and the user will tell!
Rich
I uninstalled the MS Windows (KB3150513) update which was installed on 4/22/17. Rebooted and no harm done.
Right now I have Malwarebytes finally running a custom scan on the C: drive. As an FYI I couldn't select the C: drive in the custom scan section, so it would only do a fast scan. I checked out another forum and it said:
I am having this issue with a Surface Pro 2. My installation was an upgrade from MBAM to MB3. I cannot select the drive using the touchscreen, touchpad, pen, or mouse. However, if I click an empty area of the box that contains a list of all drives, that box is highlighted with a green border. From there, every time I press the down arrow on the keyboard it will select a drive. My Surface Pro 2 just has two drives: the default and an SD Card used for File History.
Hope this information is helpful.
THANK YOU EVERYONE FOR YOUR SUBMISSIONS AND STICKING IT OUT TO THE END!! The PC seems to be running much better. Only time and the user will tell!
Rich
ASKER
Great job everyone!
if you don't need more help - don't forget to close this Q
Author was happy with the comments and solutions provided.