If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Any way to get rid of this likely Trojan?
For about two weeks now, exactly once a day my screen goes "half dark" and
a blue box pops up that says the following: "Restart to install the newest Windows features update. With new features and apps,this one could take a little longer than other updates. Ready? Restart now. Not ready? Pick a time that works for you." Then you have a choice of three boxes to click. "Pick a time", "Remind me later" or "Restart". When this is on the screen,the computer functions are frozen for everything bu the three choice boxes. I have been clicking "Remind me later" every time. I obviously do not believe this is from Microsoft at all - I think its a PUP or worse - maybe much worse - if I click "install". Any idea on getting rid of it? My anti-virus scans everything as clean and healthy, My malware program: Ditto. After dismissing the box, everything on the computer works pefectly normal until the next day when it will come up again. Many thanks to anyone who offers any help! Tony |
Ads |
#3
|
|||
|
|||
Any way to get rid of this likely Trojan?
" wrote in
: For about two weeks now, exactly once a day my screen goes "half dark" and a blue box pops up that says the following: "Restart to install the newest Windows features update. With new features and apps,this one could take a little longer than other updates. Ready? Restart now. Not ready? Pick a time that works for you." Then you have a choice of three boxes to click. "Pick a time", "Remind me later" or "Restart". When this is on the screen,the computer functions are frozen for everything bu the three choice boxes. I have been clicking "Remind me later" every time. I obviously do not believe this is from Microsoft at all - I think its a PUP or worse - maybe much worse - if I click "install". Any idea on getting rid of it? My anti-virus scans everything as clean and healthy, My malware program: Ditto. After dismissing the box, everything on the computer works pefectly normal until the next day when it will come up again. Many thanks to anyone who offers any help! Tony scan your system with malwarebytes https://www.malwarebytes.com/mwb-download/ post back with results -- A stupid man's report of what a clever man says can never be accurate, because he unconsciously translates what he hears into something he can understand. -Bertrand Russell Registered Linux User #393236 |
#4
|
|||
|
|||
Any way to get rid of this likely Trojan?
" wrote in message
... For about two weeks now, exactly once a day my screen goes "half dark" and a blue box pops up that says the following: "Restart to install the newest Windows features update. With new features and apps,this one could take a little longer than other updates. Ready? Restart now. Not ready? Pick a time that works for you." Then you have a choice of three boxes to click. "Pick a time", "Remind me later" or "Restart". When this is on the screen,the computer functions are frozen for everything bu the three choice boxes. I have been clicking "Remind me later" every time. I obviously do not believe this is from Microsoft at all - I think its a PUP or worse - maybe much worse - if I click "install". Any idea on getting rid of it? My anti-virus scans everything as clean and healthy, My malware program: Ditto. After dismissing the box, everything on the computer works pefectly normal until the next day when it will come up again. Many thanks to anyone who offers any help! Tony Tony, You didn't state what anti-virus / anti-malware software you're using but I would suggest you download and install the 14 day trial Malwarebytes from: https://www.malwarebytes.com/ If Malwarebytes doesn't come up with anything (be sure to enable Root Kit Scan in the options) then it could be something in the browser that got picked up from an infected site or ad server. Lot's of places for malware to hide and you can go thru looking at services.msc, msconfig.exe, Task Manager and look at Applications and Processes and on and on and on. But do the easy steps first before you go down any rabbit holes that may end up borking your system. -- Bob S. |
#5
|
|||
|
|||
Any way to get rid of this likely Trojan?
"n/a" wrote in :
" wrote in message ... For about two weeks now, exactly once a day my screen goes "half dark" and a blue box pops up that says the following: "Restart to install the newest Windows features update. With new features and apps,this one could take a little longer than other updates. Ready? Restart now. Not ready? Pick a time that works for you." Then you have a choice of three boxes to click. "Pick a time", "Remind me later" or "Restart". When this is on the screen,the computer functions are frozen for everything bu the three choice boxes. I have been clicking "Remind me later" every time. I obviously do not believe this is from Microsoft at all - I think its a PUP or worse - maybe much worse - if I click "install". Any idea on getting rid of it? My anti-virus scans everything as clean and healthy, My malware program: Ditto. After dismissing the box, everything on the computer works pefectly normal until the next day when it will come up again. Many thanks to anyone who offers any help! Tony Tony, You didn't state what anti-virus / anti-malware software you're using but I would suggest you download and install the 14 day trial Malwarebytes from: https://www.malwarebytes.com/ If Malwarebytes doesn't come up with anything (be sure to enable Root Kit Scan in the options) then it could be something in the browser that got picked up from an infected site or ad server. Lot's of places for malware to hide and you can go thru looking at services.msc, msconfig.exe, Task Manager and look at Applications and Processes and on and on and on. But do the easy steps first before you go down any rabbit holes that may end up borking your system. I appreciate the responses I've gotten so far. Malwarebytes found nothing - perfect. I will spend some time exploring the other possibilities offered, and report back tomorrow or Monday. may yet go ahead and install it at the nrext prompt,but I'm not quite ready to go there yet. Tony |
#6
|
|||
|
|||
Any way to get rid of this likely Trojan?
In article ,
" wrote: For about two weeks now, exactly once a day my screen goes "half dark" and a blue box pops up that says the following: "Restart to install the newest Windows features update. With new features and apps,this one could take a little longer than other updates. Ready? Restart now. Not ready? Pick a time that works for you." Then you have a choice of three boxes to click. "Pick a time", "Remind me later" or "Restart". When this is on the screen,the computer functions are frozen for everything bu the three choice boxes. I have been clicking "Remind me later" every time. I obviously do not believe this is from Microsoft at all - I think its a PUP or worse - maybe much worse - if I click "install". Any idea on getting rid of it? My anti-virus scans everything as clean and healthy, My malware program: Ditto. After dismissing the box, everything on the computer works pefectly normal until the next day when it will come up again. Many thanks to anyone who offers any help! I appreciate the responses I've gotten so far. Malwarebytes found nothing - perfect. I will spend some time exploring the other possibilities offered, and report back tomorrow or Monday. may yet go ahead and install it at the nrext prompt,but I'm not quite ready to go there yet. why do you think it's not from microsoft? based on your description, it sounds legitimate. when is the last time you updated win10? what version are you at now? win10 updates often interrupt, which is why i do them at my convenience. |
#7
|
|||
|
|||
Any way to get rid of this likely Trojan?
wrote:
For about two weeks now, exactly once a day my screen goes "half dark" and a blue box pops up that says the following: "Restart to install the newest Windows features update. With new features and apps,this one could take a little longer than other updates. Ready? Restart now. Not ready? Pick a time that works for you." Then you have a choice of three boxes to click. "Pick a time", "Remind me later" or "Restart". When this is on the screen,the computer functions are frozen for everything bu the three choice boxes. I have been clicking "Remind me later" every time. I obviously do not believe this is from Microsoft at all - I think its a PUP or worse - maybe much worse - if I click "install". Any idea on getting rid of it? My anti-virus scans everything as clean and healthy, My malware program: Ditto. After dismissing the box, everything on the computer works pefectly normal until the next day when it will come up again. Many thanks to anyone who offers any help! Tony You could open the Settings wheel on the left of the screen, and select Update and Security. If a security patch or an actual OS related thing is doing it, it will be showing, with a Restart button showing as well. You can look at this article. Apparently Windows Store junk apps are waiting to get into your machine. https://windowsreport.com/windows-10...alert-disable/ Some of the information in that page is laughably wrong. You can't disable Windows Update service, because the Scheduled Task entries for Orchestrator will switch it back on. But deleting the Windows Update service file worked. I have a VM stuck at 16299, where the service is simply "no longer available" because I put an end to it. This is part of a long term experiment to see if the OS has back doors and a sense of humor. And note that Microsoft is making enough changes to the file system, to make deleting that service harder and harder to do. That option isn't always going to be there for us. The size of SoftwareDistribution C:\$WINDOWS.~BT C:\@WINDOWS.~WS hints at how clogged up your system is. If it was an OS Upgrade, those might have been bloated at one time, as it staged the update. A good deal of an OS Upgrade is done before the reboot, to reduce the install time to "only 40 minutes" :-/ I don't really know where else they're hiding that stuff now. An OS upgrade consists of at least a 1000 tiny packages, that when executed and migrated, gives you a new OS version. They no longer work with solid WIM files and ISO-like installation images. You could at least type winver in Start : Run and see what version you're at. A machine which is "Current" in a sense, would be 17763.500 or so. The Insider Edition is at 1903 (19H1) release version, so it won't be too long before the next OS Upgrade comes in. That means a machine at 1803 has to be bumped to 1809 in the next month or so, so that in theory it can go from 1809 to 1903 when 1903 is released. They don't like to get too far behind. The Windows Store stuff, I don't know what "path" it uses in the software stack, as it does not use Windows Update to the best of my knowledge. It's sneaky. You'll see 100MB of crap being downloaded, and may not be able to get TCPView set up in time to determine where it's going or what is going on. Windows has two ingestion mechanisms. The "old" one is BITS. the Background Intelligent Transfer Service. It can open multiple connections at a time, and if you have multiple computers on one home router, it results in "unfair" behavior where the one computer doing a Windows OS Upgrade "hogs" the router box. The second method used, is similar to Torrent. It's called DoSVC and is capable of downloading updates from other peoples computers (the files transferred are all signed). On the machine I was examining a while ago, it started running because I hadn't disabled it. You can actually disable DoSVC and set a "throttling" on BITS, but the OS I did that to, has chosen not to do any significant updates since then. It's "sulking", even though I think Windows Defender and the occasional Security Patch still manage to download. Summary: At least have a look in Settings : Update and Security and report back with your winver value. There might be a "Restart" button waiting for you in the Update thing. Paul |
#8
|
|||
|
|||
Any way to get rid of this likely Trojan?
|
#9
|
|||
|
|||
Any way to get rid of this likely Trojan?
|
#10
|
|||
|
|||
Any way to get rid of this likely Trojan?
On Sun, 17 Feb 2019 10:40:07 +0000, Andy Burns
wrote: wrote: For about two weeks now, exactly once a day my screen goes "half dark" and a blue box pops up I obviously do not believe this is from Microsoft at all It sounds *exactly* like the standard Microsoft message for a 'major' Win10 upgrade ... +1 |
#11
|
|||
|
|||
ping Paul Any way to get rid of this likely Trojan?
Paul wrote in :
You could open the Settings wheel on the left of the screen, and select Update and Security. If a security patch or an actual OS related thing is doing it, it will be showing, with a Restart button showing as well. That was it. It showed up in Update and Security exactly as described by you, and I did the reboot. It came back up quicker than I though it would, and a check of WinVer shows that I am still running Windows 10 version 1803(17134.523). I really apreciated your in-depth post, Paul. Tony |
#12
|
|||
|
|||
ping Paul Any way to get rid of this likely Trojan?
|
#13
|
|||
|
|||
Any way to get rid of this likely Trojan?
Screen capture and show us please.
wrote: For about two weeks now, exactly once a day my screen goes "half dark" and a blue box pops up that says the following: "Restart to install the newest Windows features update. With new features and apps,this one could take a little longer than other updates. Ready? Restart now. Not ready? Pick a time that works for you." Then you have a choice of three boxes to click. "Pick a time", "Remind me later" or "Restart". When this is on the screen,the computer functions are frozen for everything bu the three choice boxes. I have been clicking "Remind me later" every time. I obviously do not believe this is from Microsoft at all - I think its a PUP or worse - maybe much worse - if I click "install". Any idea on getting rid of it? My anti-virus scans everything as clean and healthy, My malware program: Ditto. After dismissing the box, everything on the computer works pefectly normal until the next day when it will come up again. Many thanks to anyone who offers any help! Tony -- Quote of the Week: "As a thinker and planner, the ant is the equal of any savage race of men; as a self-educated specialist in several arts she is the superior of any savage race of men; and in one or two high mental qualities she is above the reach of any man..." --Mark Twain Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly. /\___/\ Ant(Dude) @ http://aqfl.net & http://antfarm.home.dhs.org / / /\ /\ \ http://antfarm.ma.cx. Please nuke ANT if replying by e-mail. | |o o| | \ _ / ( ) |
#14
|
|||
|
|||
Any way to get rid of this likely Trojan?
On 17/02/2019 19:49, Ant wrote:
Screen capture and show us please. The pumpkin won't know how to do this so please refrain from asking something that posters can't do. You are embarrassing them.. -- With over 950 million devices now running Windows 10, customer satisfaction is higher than any previous version of windows. |
#15
|
|||
|
|||
Any way to get rid of this likely Trojan?
On 17/02/2019 07:18, pjp wrote:
I suspect almost to belief it's just MS's way of informing you to reboot. The idiot has found a new way to smash up a computer. BOOT IT HARD UNTIL IT SMASHES. .. -- With over 950 million devices now running Windows 10, customer satisfaction is higher than any previous version of windows. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|