Author Topic: I don't know if this is the right place but....  (Read 5830 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
I don't know if this is the right place but....
« on: May 04, 2017, 05:16:40 PM »
I have nowhere else to turn and I am really worried. For the last three days, I have been getting an error message regarding sethc.exe

Today I decided to have a look at it since it wasn't a one-off thing. I can navigate around my computer like normal, except for a few very alarming exceptions. I cannot open task manager. I cannot run Malwarebytes. I cannot run Spybot&Destroy. I cannot install a new version of Malwarebytes.
 the error message is as follows:

?HandleUiaPropertyListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVVALUE@2@1@Z in DLL-file C:\WINDOWS\System32\Sethc.exe

Googling Sethc.exe issues is a scary read, given that it is involved in a hack dealing with admin passwords. I have had my computer on standby for the last few days and it requires a log-in password when waking up, which I have not had any issues with. So I'm not sure if that has been hacked and changed.

Regardless, right around now I am very, very, very concerned and I don't even know if I will even get back into the computer if I re-boot. I am at that stage where fear is turning into paranoia and I don't know what to do. Avast is the only program that wants to start a search, but the full system scan is for now stuck at 0%.

Help, please.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: I don't know if this is the right place but....
« Reply #1 on: May 04, 2017, 05:21:33 PM »
Update avast to the latest version and follow these instructions > https://forum.avast.com/index.php?topic=194892.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37526
  • Not a avast user
Re: I don't know if this is the right place but....
« Reply #2 on: May 04, 2017, 05:34:03 PM »
Quote
C:\WINDOWS\System32\Sethc.exe

Upload and scan file (Sethc.exe) here >> www.virustotal.com
If it ask to see latest report, click on rescan button for a fresh result
Post link to scan result


REDACTED

  • Guest
Re: I don't know if this is the right place but....
« Reply #3 on: May 04, 2017, 05:44:10 PM »
This is the link to the scan result

https://www.virustotal.com/sv/file/2deb595b76334beeb3e50afa05f50de9461372069fa7dd05cd033ba03d03567b/analysis/

As for following the standard logs, I can download the latest version of Malwarebytes, but I can't run the program. It doesn't start and the error message I mentioned before shows up.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: I don't know if this is the right place but....
« Reply #4 on: May 04, 2017, 05:45:06 PM »
Skip Malwarebytes and continue with Farbar.

REDACTED

  • Guest
Re: I don't know if this is the right place but....
« Reply #5 on: May 04, 2017, 05:53:50 PM »
Same issue, can't run Farbar either.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: I don't know if this is the right place but....
« Reply #6 on: May 04, 2017, 05:55:32 PM »
Can you roll back to a previous date with Windows ?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37526
  • Not a avast user
Re: I don't know if this is the right place but....
« Reply #7 on: May 04, 2017, 05:59:04 PM »
This is the link to the scan result

https://www.virustotal.com/sv/file/2deb595b76334beeb3e50afa05f50de9461372069fa7dd05cd033ba03d03567b/analysis/

As for following the standard logs, I can download the latest version of Malwarebytes, but I can't run the program. It doesn't start and the error message I mentioned before shows up.
Analysis date:   2017-04-21 05:03:24 UTC ( 1 week, 6 days ago )

You did not click the rescan button.

Anyway it seems not needed
First submission 2015-11-06 17:03:11 UTC ( 1 year, 5 months ago )


« Last Edit: May 04, 2017, 06:00:35 PM by Pondus »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37526
  • Not a avast user
Re: I don't know if this is the right place but....
« Reply #8 on: May 04, 2017, 05:59:55 PM »
Same issue, can't run Farbar either.
Have you tried run it from safe mode?


REDACTED

  • Guest
Re: I don't know if this is the right place but....
« Reply #9 on: May 04, 2017, 06:04:59 PM »
Same issue, can't run Farbar either.
Have you tried run it from safe mode?

I've tried running it normally, and with admin privileges but neither works. I am unsure how to run it in safe mode.

As for rolling back to a previous date, I am not sure.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37526
  • Not a avast user
Re: I don't know if this is the right place but....
« Reply #10 on: May 04, 2017, 06:07:21 PM »
Quote
I am unsure how to run it in safe mode.
Same way, except you start your computer in safe mode first


Offline Michael (alan1998)

  • Massive Poster
  • ****
  • Posts: 2768
  • Volunteer
Re: I don't know if this is the right place but....
« Reply #11 on: May 04, 2017, 06:07:38 PM »
Ah shyte. I was hoping Pondus could edit before you posted. Don't bother Pondus. What version of Windows are you using? 7/8/10?

He may not have ease of access to Safe Mode if he's past Windows 7.
VOLUNTEER

Senior Security Analyst; Sys Admin (Linux); Forensics/Incident Response.

Security is a mindset, not an application. Think BEFORE you click.

REDACTED

  • Guest
Re: I don't know if this is the right place but....
« Reply #12 on: May 04, 2017, 06:10:12 PM »
Windows 10, I upgraded from Win 7 about 2 weeks before the "free upgrade offer" from Windows expired, so I've had it since then


REDACTED

  • Guest
Re: I don't know if this is the right place but....
« Reply #14 on: May 04, 2017, 06:21:03 PM »
Well, here's to hoping I still have access to the computer after I re-boot
*drinks imaginary shot*

I'll be back. Hopefully.

(also, thank you for bearing with my computer-semi-illiteracy and fear-driven paranoia).