Solved I suspect a rootkit may be installed on my laptop

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,240
Hello, James.

I'm surprised that the scan (see my last post containing the eset.txt file) revealed that malware/adware could be contained within my security software itself.
You are certainly right about that. However, nothing to worry about, since the detection is a false-positive, and you can restore the file following the instructions here.

From the Eset's site:
The tool is detected as a potentially unsafe application. It's not detected with default settings. Potentially unsafe applications cover legit tools that can be misused in the wrong hands. We recommend creating a detection exclusion.

The computer is clean. There is nothing to indicate an infection. The issues you are dealing with (shutdown, wifi, camera/microphone etc.) are not related to malware. I recommend you, if all these make your work on the computer difficult, to open a thread in the Windows 10 Forum, saying that you have already checked the computer for malware.

The only remaining thing, is your computer's upgrade. You are still running version 20H2, while the latest one is 21H1. It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

To upgrade now:
  • Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
  • Save the tool on your Desktop and double click to run it.
  • On the License terms page, if you accept the license terms, select Accept.
  • On the What do you want to do page, select Upgrade this PC now, and then select Next.
  • Follow the instructions and select Keep personal files and apps, when you are asked to.
  • It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
  • After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

In case you don't want to upgrade now, let me know to give you the finale instructions, including the tools removal and creating a restore point.
 

James321

Thread Starter
Joined
Apr 10, 2013
Messages
385
You are certainly right about that. However, nothing to worry about, since the detection is a false-positive, and you can restore the file following the instructions here.

To upgrade now:
  • Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
  • Save the tool on your Desktop and double click to run it.
  • On the License terms page, if you accept the license terms, select Accept.
  • On the What do you want to do page, select Upgrade this PC now, and then select Next.
  • Follow the instructions and select Keep personal files and apps, when you are asked to.
  • It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
  • After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

In case you don't want to upgrade now, let me know to give you the finale instructions, including the tools removal and creating a restore point.
Wasn't able to restore the quarantined ESET file, even while running as administrator.

Upgraded to 21H1. It took almost all day.
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,240
Hi, James.

What happened when you tried to follow the steps to restore the file?

Even if the specific file stays in quarantine, your general security is not affected anyway.

Upgraded to 21H1. It took almost all day.
Yes, this is usual when you are applying major/critical updates. Well done! Good job!

By the way, now you got the latest upgrade, is the performance better than before? Any of your issues solved?
 

James321

Thread Starter
Joined
Apr 10, 2013
Messages
385
Hi, James.

What happened when you tried to follow the steps to restore the file?

Even if the specific file stays in quarantine, your general security is not affected anyway.

Yes, this is usual when you are applying major/critical updates. Well done! Good job!

By the way, now you got the latest upgrade, is the performance better than before? Any of your issues solved?
It appears I can still not run my internal camera and microphone. Also there still does not appear to be a direct method available in the OS under Settings for turning off Auto-Shutdown. I'll have to keep an eye on over time on the other issues such as various status indicator lights being on when they shouldn't be.

I ran ESET as administrator but it still didn't allow me to restore the quarantined file. Here's a screenshot:

screenshot1.png
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,240
Leave the Norton file there. It won't affect your security.

Now we know the computer is clean and updated, let's check some things about your other issues.

Auto Shut-down

What do you mean exactly? The computer shuts down suddenly? Or sleep> Or hibernate?

In the Search area type Power & Sleep options and choose it from the list..

Check what are the option there and make the changes you want.

You can also choose Additional power settings from the right column and see also what options are there.
 

James321

Thread Starter
Joined
Apr 10, 2013
Messages
385
Leave the Norton file there. It won't affect your security.

Now we know the computer is clean and updated, let's check some things about your other issues.

Auto Shut-down

What do you mean exactly? The computer shuts down suddenly? Or sleep> Or hibernate?

In the Search area type Power & Sleep options and choose it from the list..

Check what are the option there and make the changes you want.

You can also choose Additional power settings from the right column and see also what options are there.
This is what I can see at my end. See two screenshots::


shot1.png


shot2.png
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,240
James,

In order to reply without my replies in your post, please do not click on the Reply button. Instead, write your reply in the Reply area at the end of the topic and then click on the Post reply button.

You didn't tell me: What do you mean by auto shut down? The computer shuts down suddenly? Or sleep? Or hibernate?
 

James321

Thread Starter
Joined
Apr 10, 2013
Messages
385
You didn't tell me: What do you mean by auto shut down? The computer shuts down suddenly? Or sleep? Or hibernate?
The laptop automatically goes into shutdown after about 3 hours and the various methods given online for switching off auto-shutdown don't seem to work.
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,240
It would be useful to mention what have you already tried.

This usually cancels the auto-shutdown:
  • Press the Windows logo key on the keyboard, together with the letter R, to open the RUN window.
  • In the empty space copy and paste shutdown -a and OK.
  • After clicking on the OK button or pressing the enter key, the auto-shutdown schedule or task will be canceled automatically.
 

James321

Thread Starter
Joined
Apr 10, 2013
Messages
385
It would be useful to mention what have you already tried.

This usually cancels the auto-shutdown:
  • Press the Windows logo key on the keyboard, together with the letter R, to open the RUN window.
  • In the empty space copy and paste shutdown -a and OK.
  • After clicking on the OK button or pressing the enter key, the auto-shutdown schedule or task will be canceled automatically.
This was one of the recommended fixes given online. There are other variations of this one as well.

However I'll try it again and see what happens.
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,240
Yes, there are options to use the above command via Command prompt or PowerShell. Let me know about the result of your new effort.
 

James321

Thread Starter
Joined
Apr 10, 2013
Messages
385
Yes, there are options to use the above command via Command prompt or PowerShell. Let me know about the result of your new effort.
As before, it didn't work.

You would have thought that Windows 10 would have some handy feature where you could switch off auto-shutdown at the click of a button. However I can't see one.
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,240
Hi, James.

Here it is an article which can give some light into your issue: Why does my computer turn off without warning?

As you can see, many reasons can cause the auto-shut down, and since the command we used didn't work, I think that the issue has nothing to do with an actual auto-shut-down enabled option.

If you want, you can ask for help in the Windows 10 Forum. Perhaps someone there can assist you more effectively on that.

Since the computer is clean, let's finish the procedure here.

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.
  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.
 

James321

Thread Starter
Joined
Apr 10, 2013
Messages
385
Here it is an article which can give some light into your issue: Why does my computer turn off without warning?

As you can see, many reasons can cause the auto-shut down, and since the command we used didn't work, I think that the issue has nothing to do with an actual auto-shut-down enabled option.

If you want, you can ask for help in the Windows 10 Forum. Perhaps someone there can assist you more effectively on that.
The webpage you quote doesn't really cover the issue I have. The webpage in question covers sudden shutdowns while you are actually using your laptop, not shutdowns that occur when the laptop has been idle for say three hours.

However the webpage also says the following about unscheduled shutdowns:

Your computer may be infected with a virus or other malware that is designed to shut down your computer upon certain conditions. If your computer seems to be turning off when executing a certain program at specific times of the day, it could be infected.

If you believe your computer may be infected with a virus, download a free scanner. If you already have one installed, make sure your virus scanner definitions are up-to-date, then run a full scan.
I have in fact already raised this issue on the Windows 10 Forum. Here is the link:

Couple of annoying problems on Windows 10
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top