Messages

16

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 16, 2019, 04:31:19 am »

Hi, themetallikid

You may have some clues with the windowsupdate.log file : Windows Update log files.

Please keep in mind that you may have to generate it and that it contains many information.
There should be a KB associated to the upgrade, but since I don't follow the Windows 10 lifecycle closely I don't know which one you should look for.

Regards.

17

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 16, 2019, 04:08:50 am »

Hi themetallikid,

Yes, probably : Microsoft is starting to auto-update Windows 10 Home, Pro users on 1803 or older to 1903.
Older builds of Windows 10 Home Edition did not have the option to pause updates.

Regards.

18

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 16, 2019, 03:56:22 am »

Hi themetallikid,

If you didn't experience issues before, corruption of the system may have happened during the upgrade to Windows Version 1903 (19H1). I have seen multiple computers experiencing unexpected behaviour after such upgrades, so it may be the case here.

No, I don't think you will experience catastrophic issues, only erratic behaviour.
However, please be sure to regularly make backup of your personal files on an external hard drive. I was not able to exactly determine what the issue is, so better be safe than sorry.

Thanks for your kind words.

Regards.

19

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 16, 2019, 03:41:47 am »

Hi themetallikid,

It seems the repair was unsuccessful.
I hate to say this, but I'm now out of idea.

So, I advise you to open a new thread describing the issues you are experiencing with your system in a Windows repair specialized forum. You will find there people more qualified than me in this area of expertise. If you do so, please attach the latest CBS and DISM logfiles, it will help them to better understand the state of your system as is it now.

I'm sorry I wasn't able to help you with this.

Regards.

20

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 16, 2019, 02:33:08 am »

Hi themetallikid,

It looks way better.
Could you please try to run FRST again ?

Regards.

21

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 16, 2019, 01:00:29 am »

Hi themetallikid,

Please follow this process carefully.
If you don't understand a point or something went wrong, please let me know.

1) Download Windows 10 1903 ISO file and save it on your desktop
2) Right-click on the file and select "Mount". This will mount the image as a virtual disk. Please take note which letter the system assigned it (D, E, etc.)

3) Launch the command prompt windows (cmd) with admin rights and copy/paste the following command but replace the Z letter by the one assigned by windows to your virtual disk :

Code: [Select]

DISM /Online /Cleanup-Image /RestoreHealth /Source:wim:Z:\sources\install.wim:1 /LimitAccess

Do not close the command prompt ! It may takes a few hours until the command finish.

4) When the repair is finished, please reboot your system.
5) Please attach those two files (if present) with your next reply :

Code: [Select]

C:\Windows\Logs\CBS\CBS.log
C:\Windows\Logs\DISM\Dism.log
How is your computer running now ? Did the 0x800f081f error was displayed at the end of the process like last time ?

Regards.

22

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 16, 2019, 12:32:08 am »

Hi themetallikid,

Your system is not entirely repaired.
Which edition of Windows (Home, Pro, etc.) are you using ?

Regards.

23

RogueKiller / Re: Rogue Killer running VERY slow

« on: August 15, 2019, 11:17:29 pm »

Hi Ray,

That's really strange.
Could you please create a dump file like last time and attach the link with your next reply ?

Regards.

24

RogueKiller / Re: Rogue Killer running VERY slow

« on: August 15, 2019, 10:33:34 pm »

Hi Ray,

The issue was fixed in version 13.4.0, so V13.4.2 contains the fix as well.
Are you, by any chance, using Windows XP ?

Regards.

25

RogueKiller / Re: Rogue Anti-Malware Questions

« on: August 15, 2019, 06:50:18 pm »

Hi Mops21,

Explorer should automatically be restarted at the end of the installation.
Is it not the case here ?

Regards.

26

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 15, 2019, 06:43:30 pm »

Hi themetallikid,

The logs show that DISM was able to repair some corrupted Windows files, but failed to repair all of it.

Error in operation: source for package or file not found, ResolveSource() unsuccessful. (CBS HRESULT=0x800f081f) - CCbsConUIHandler::Error

There is still something we can try, but I need some time and information to make a process.
Which edition of Windows (Home, Pro, etc.) are you using ?

Launch the command prompt windows (cmd) with admin rights and copy/paste the following command :

Code: [Select]

chkdsk C: /r /v /x
Please allow chkdsk to run on next reboot and restart the computer to perform the analysis.

Regards.

27

RogueKiller / Re: Rogue Anti-Malware Questions

« on: August 14, 2019, 06:40:06 pm »

Hi Mops21,

You are very welcome.
Yes, this is normal. Since explorer.exe exits when new RogueKiller updates are installed, your desktop environment will vanish until the end of the installation when the process is restarted.

Regards.

28

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 14, 2019, 05:17:14 pm »

Hi themetallikid,

I believe your system to be really damaged, which prevents FRST to run normally. It also be may the root cause of the issues you described.
Let's try to repair it.

Copy/paste the following command in the admin command prompt :

Code: [Select]

DISM /Online /Cleanup-Image /RestoreHealth

Do not close the command prompt ! It may takes a few hours until the command finish.

When the repair is finished, please reboot your system.
How is your computer running now ?

Please attach those two files (if present) with your next reply :

Code: [Select]

C:\Windows\Logs\CBS\CBS.log
C:\Windows\Logs\DISM\Dism.log
Regards.

29

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 14, 2019, 04:49:37 am »

Hi themetallikid,

Just to make sure, we will be doing a full system investigation.

Please download Farbar Recovery Scan Tool (x64) and save it to your Desktop.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• It will produce a log called FRST.txt in the same directory the tool is run from.
  
• Please attach log back here using the "Attachments and other options > Attach" feature.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also attach that along with the FRST.txt into your reply.
  

Regards.

30

Malware removal help / Re: Proxy Virus - need help eliminating

« on: August 14, 2019, 04:23:34 am »

Hi themetallikid,

The proxy set on port 64550 is only establishing connections with local processes on your system and all these processes are safe. This is probably a proxy used by your antivirus engine to analyse system behaviour. In my opinion, you can be at ease and don't worry about it.

What is really strange is why the command lines using environment variables are failling on your system. It's the first time I observed such behaviour, but I advise you to not worry about it either, if your system is globally running fine.

Regards.