Solved Malware, when online via ethernet, takes my desktop over

flashh4 · Oct 4, 2023

@hoardtrot .......... great that looks really good ! Glad i could help !
Now run the KPRM to remove the programs i had you run along with their reports use the instructions i posted above please !!
Thanks

hoardtrot · Oct 4, 2023

I got a MACHINE_CHECK_EXCEPTION. BSOD
Still having same issues.

flashh4 · Oct 4, 2023

@hoardtrot ........... well you should have a clean machine ! There are some real good people here so maybe one of them will have something for you !

hoardtrot · Oct 4, 2023

Thanks again for all your help.

glasskuter · Oct 4, 2023

If you are able to get into windows gather the information logs as per this article. Zip the logs and upload to any cloud provider.
Post a shared link in this thread.
@zbook or one of the others who specialize in reading bsod logs will analyze them for you.

BSOD - Posting Instructions

BSOD - Posting Instructions This will show you how to help provide needed information about your system and dump files. It will not contain any personal or sensitive information about you or your data. To get better help with your Windows BSOD issue, please read these instructions and follow...

www.elevenforum.com

hoardtrot · Oct 4, 2023

Anyone else have any ideas? Do the executable paths seem right to anyone?

hoardtrot · Oct 5, 2023

@glasskuter Why do I have to put it on cloud service? Rather than attaching file?

flashh4 · Oct 5, 2023

@hoardtrot ..... do you really need this service ? And have you tried removing it then does your desktop get screwy ?
We have ruled out a Malware infection ! So looking for something else ! Maybe @zbook has something !

hoardtrot · Oct 5, 2023

@flashh4 The address is not correct.
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p

hoardtrot · Oct 5, 2023

@flashh4 can I just install a new hard drive?

flashh4 · Oct 5, 2023

So are you wanting to change the address to the executable path ?

flashh4 · Oct 5, 2023

@hsehestedt ......... is really good on these things maybe he has an idea ?

FreeBooter · Oct 5, 2023

hoardtrot said:
@flashh4 The address is not correct.
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p

How do you know that the address of the executable not correct?

glasskuter · Oct 5, 2023

hoardtrot said:
Why do I have to put it on cloud service? Rather than attaching file?

logs are too large to attach here

flashh4 · Oct 5, 2023

@flashh4 can I just install a new hard drive?

That choice i leave up to the user, i always hate to give up on finding a solution to the problem ! But if it's your choice then go for it !

RED17 · Oct 7, 2023

I think you should use Kaspersky internet security trial version and scan the whole system.
Also use autoruns by Technet and check for malicious startup files.
Use adware cleaner and hitmanpro as well.
Trial versions are enough for one-time use.

dacrone · Oct 7, 2023

hoardtrot said:
It stops immediately after I unplug it. I have ran all scans of MS Defender and nothing shows up. When doing the offline scan it only reaches 91% and restarts. While doing the full scan without ethernet connection, all numbers involved, time, items scanned, jump around randomly while my fans hit full speed and Antimalware Service exe_Microsoft defender is at 96% power. Cannot end task. Please help, Thank you

The quick scan results are impossible. I have tried a reset but I can't format drive. If I put a new hard drive in it will that solve it?

a new drive with a fresh install will cure anything.. except this isnt malware. its just a corruption somwhere. run dism offline repair at boot with an installer usb and see if that resolves it.

RED17 · Dec 27, 2023

MS Defender can't catch quite well.
You can try the Kaspersky AV with the cable plugged in.
Use the trial version.

Kaspersky Free Cloud Antivirus Download | Kaspersky

Download free antivirus Kaspersky Security Cloud Free. This advanced cloud antivirus with several smart security features designed to make your life better and more secure. Compatible with PC, Mac, iPhone & iPad, and Android devices.

www.kaspersky.com