Insider Preview Anyone think I should rebuild my System !! ;)

Discussion in 'Windows 10 Help and Support' started by Saltgrass, Apr 22, 2015.

  1. Saltgrass

    Saltgrass Excellent Member
    Microsoft Community Contributor

    Joined:
    Oct 16, 2009
    Messages:
    15,157
    Likes Received:
    393
    I suppose my foray into Torrents ended up causing me a few minor problems. It might be fun to try to remove whatever is actually causing this, but Malware Bytes has found problems prior and these are recent so the problem endures.

    If I wanted to try to remove the problem, any suggestions beside Malwarebytes and Defender to attempt to rid the system of this scourge. I found this stuff because I was looking for what was playing an ad on my desktop, which turned out to be a Skype add-on to IE.

    Thanks...

    Stream Ad_4.JPG
     
  2. MikeHawthorne

    MikeHawthorne Essential Member
    Microsoft Community Contributor

    Joined:
    May 25, 2009
    Messages:
    6,046
    Likes Received:
    300
  3. davehc

    davehc Microsoft MVP
    Premium Supporter Microsoft MVP

    Joined:
    May 1, 2008
    Messages:
    5,116
    Likes Received:
    301
    WOW. With that lot, I would not even think of cleaning - fresh install. (And keep away from the torrents!!!!!!!)
     
  4. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Nice...
    Hey Clark, I've seen worse. Maybe give it a go.....
    These are the programs I use to generally delouse a computer with virus and or malware issues.
    ADWcleaner from here http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
    JRT (Junkware Removal Tool) from here http://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/
    Norton Power Eraser from here https://security.symantec.com/nbrt/npe.aspx
    Malwarebytes from here http://www.malwarebytes.org/mwb-download/confirm/
    Ccleaner from here http://www.piriform.com/ccleaner/download/standard
    TFC.exe (Temporary Files Cleaner) from here http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
    ESET Online Scanner from here http://www.eset.com/us/online-scanner/
    I don't check the links above everyday, so if you have any problem with any one of them then just Google for the program name but use the site names that I have recommended since I'm relatively certain they are free of extraneous garbage.
     
  5. OTT

    OTT Active Member

    Joined:
    Apr 2, 2015
    Messages:
    97
    Likes Received:
    13
    Use the programs Trouble recommended and after that use Kaspersky Security Scan.
    If that comes back with a clean state all should be fine !

    Extra Info :
    "winupd.exe" seems to be related to "MSStartOptimizer" and that is related to an "Adult content dialler"...
    No torrent involved in that... :blow:

    OTT
     
  6. Saltgrass

    Saltgrass Excellent Member
    Microsoft Community Contributor

    Joined:
    Oct 16, 2009
    Messages:
    15,157
    Likes Received:
    393
    Ott, this system has not been messing around with any Adult Content sites. But I remember a time last year when I got something like that when I was looking for Truck Parts. During my Torrent experience, I may have clicked on something I should not have...not that familiar with how the torrents work.

    I will follow some of the suggestions to see if those utilities find anything. Currently I have run Defender in a Full scan and it did not find anything. Malwarebytes has not found anything the second time.. But rebuilding to a clean install will be on the top of the list if I find more items being installed.

    But this got me thinking, since I have been playing with Cortana and Spartan. Cortana asks for permission to have access to your system before it runs. I don't know exactly what or how it accesses the system, but it does open websites, depending on what you ask it to do. I was wondering if it could be used as a conduit for spyware to be placed on your system.

    Also, OneDrive is used to sync between computer systems. If one system had been infected, could it be used to transmit malware to another system?

    I will post back if the suggested utilizes turn up anything... Thanks.
     
  7. Saltgrass

    Saltgrass Excellent Member
    Microsoft Community Contributor

    Joined:
    Oct 16, 2009
    Messages:
    15,157
    Likes Received:
    393
    Well, I tried Mike's Spybot recommendation first and all it found was cookies, none of which showed to be high risk. During the Scan I got a message from something the drive needed to be checked. A reboot resulted in a Blue Screen, so now I am trying the rollback option to see if it even works.

    Could just be coincidence or the scanning put extra stress on the drive. None of this is a problem, since all I have to do is reimage, but if I get the system back I will continue with the other suggestions.

    Well, the rollback seems to have worked and since this install was an 8.1 upgraded directly to build 10049, it put me back in 8.1.... Another test conducted... ;)
     
    #7 Saltgrass, Apr 22, 2015
    Last edited: Apr 22, 2015
  8. OTT

    OTT Active Member

    Joined:
    Apr 2, 2015
    Messages:
    97
    Likes Received:
    13
    First and foremost... it was not my intention to accuse you of something ! ;)
    Everybody (you or someone else) can click on something that's not what it seems to be...

    Second.
    To be sure you should run the programs proposed by Trouble and then the Kaspersky Security Scan.
    If that comes back with a clean state all should be fine !
    Since it is/was a Trojan (dropper/downloader) you should consider changing your passwords !

    OTT
     
  9. Saltgrass

    Saltgrass Excellent Member
    Microsoft Community Contributor

    Joined:
    Oct 16, 2009
    Messages:
    15,157
    Likes Received:
    393
    Good idea about changing passwords. I suppose it is good my Windows 8/10 systems are just test systems and I don't use them as primary systems.

    Since the problem after Spybot, the situation has basically resolved itself. The rollback to 8.1 seemed to work fine and was much faster than I expected. I am now upgrading to 10049 again to see what happens. I am going to start running Malwarebytes more often to see if I can catch something. I will still assume the Torrent download allowed the bad stuff to invade my system, but not completely sure. The Skype IE Browser Helper Object still has me wondering.

    I didn't think you were accusing me of anything, just wanted to point out you can pick up all sorts of things even at sites you might think would be safe. It is also interesting that Defender did not say a peep during the entire situation....

    Thanks for the help.
     
  10. Saltgrass

    Saltgrass Excellent Member
    Microsoft Community Contributor

    Joined:
    Oct 16, 2009
    Messages:
    15,157
    Likes Received:
    393
    Well, change in plans. Since build 10061 is now available, I will just skip 10049...
     
  11. MikeHawthorne

    MikeHawthorne Essential Member
    Microsoft Community Contributor

    Joined:
    May 25, 2009
    Messages:
    6,046
    Likes Received:
    300
    Hi

    I'm surprised that you had issues with Spybot, it a long established program that goes clear back to Windows 95.
    I have it installed now, and use it mostly for the blocking service of identified malicious sites and files.

    My main complaint about it was that it was something of a resource hog on my earlier computers.
    On my present computer I don't see any slowdown when using it.

    I haven't seen any issues running it in Windows 10.

    Mike
     

Share This Page

Loading...