Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Hello, Can you share both scan and clean logs? Thanks
  3. Today
  4. Quarantine folder is used to save removed items. It could easily be the case that removed items are false positives and may have a negative effect on the OS, in that case the item can be restored. I normally leave quarantined items for maybe 3 days, after that I would recommend removal by deletion... If your PC is still slow lets try a clean boot, see if that makes any difference.... Set windows up for "Clean Boot" mode, full instructions here: https://support.microsoft.com/en-gb/kb/929135 Basically all none MS services are disabled, see how your system runs in that mode. If clean boot makes your system faster and more responsive it is now a process of elimination to find which non MS service(s) was affecting your system... Go through the process again, this time with all MS services hidden again enable the top half of non MS services, re-boot and see how your system responds, if still ok the top half can be left enabled. Repeat again, enable so many of the bottom half then re-boot. Continue until you locate the problem service(s). A process of elimination, a bit long winded but worth the effort. Let me know the outcome... Thanks, Kevin
  5. I assume you are making the point that the infection still returns after removal, that seems to indicate possible rootkit issues. Run the following and attach the logs to your reply: Download and save Adiag to your Desktop, https://www.adlice.com/download/diag/ Right click and select "Run as Administrator" on the first window select Scan Make sure all items are checkmarked, then select Start Scan Do not use your PC as the scan progresses If malicious entries are found select Results, if not close our the application. In the reports window select "Malicious Only" then "Report" In the new window select "Export" then "Text File" name that file Adiag1 and save to your desktop. Close that window. You will be back to main interface, select "Display all" then "Report" In the new window select "Export" then "Text File" name that file Adiag2 and save to your desktop. Close that window, then close out Adiag Attach Adiag 1 and 2 to your reply. Next, Please read carefully and follow these steps. Download TDSSKiller from here http://support.kaspersky.com/downloads/utils/tdsskiller.exe and save it to your Desktop. Doubleclick on to run the application. The "Ready to scan" window will open, Click on "Change parameters" Ensure all entries are Checkmarked under Additionl Options, Ensure all entries are Checkmarked under Objects to scan When Loaded Modules is checkmarked a re-boot will be offered, allow that to happen... Continue after reboot select "Change Parameters" make sure entries are checkmarked and then Select "Start Scan" If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here. If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please attach that log to your reply. Thank you, Kevin
  6. Dashke

    ANSWERED Website Blocked

    Thanks, the block will be removed.
  7. TempLost

    Malwarebytes Keeps Breaking Itself

    Also, it's important to note that the support tool contains its own dedicated uninstaller for Malwarebytes and it's advised that it be run in preference to the Windows Uninstaller. The former is far more thorough.
  8. Instructions you seek at the following link: https://winaero.com/blog/how-to-restore-the-trustedinstaller-ownership-in-windows-10/
  9. Yes C:\ drive is where your system is, that is where we will be making changes. If necessary we may possibly have to reset those changes if any have an adverse effect. The same goes for uninstalling programs, if registry damage occurs we have a restore point to correct that damage.
  10. Greetings, We should be able to get your software back up and running again. I noticed that in your logs it shows a couple of things of concern. First, User Account Control is not set to its default configuration. While this may not be the cause of the problem, Malwarebytes, like the vast majority of modern software, was designed to be fully compliant and compatible with UAC so I would advise re-enabling it/resetting it back to its default setting: UAC Settings: =================== SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA DWORD 1 Status: ON SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin DWORD 0 Status: OFF If you require instructions on how to do so, please refer to the information on this page. Next, it appears that you are running an older version of Malwarebytes 3, so I would recommend you try downloading and installing the latest version from here to see if that resolves the issue. If the problem still persists, then please try performing a clean installation by following the instructions below: Download and run the latest version of the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Please let us know how it goes and if you have any further issues or questions. Thanks
  11. TwinHeadedEagle

    scan found banker.trojan

    Yes, this was a False detection. You can restore that file from quarantine.
  12. the only concerns i have is my computer is slow that he use to be . the seconde thing what should i do with the threat that are in the quarantine in ADWcleaner?? delete them??restore them??? Again million thank you for your assistance.
  13. I hope you are able to help with this. I am getting the same notification each time I open notepad++. I have scanned the program which turned up no problems. -Log Details- Protection Event Date: 12/15/18 Protection Event Time: 9:21 AM Log File: 0594957f-003a-11e9-b30e-9cb6d08e7726.json -Software Information- Version: Components Version: 1.0.482 Update Package Version: 1.0.8331 License: Premium -System Information- OS: Windows 10 (Build 17763.194) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Malware Domain: p0358.cf IP Address: Port: [59023] Type: Outbound File: C:\Program Files\Notepad++\notepad++.exe (end) ======================================================================================================================= I have added exclusions for both the notepad++ file and website but I still get the same notification when I start up notepad++. Thanks for any help you can offer!
  14. cant start mb. i ran the check-tool and it said to post in support forum and attach the zip. Thank you mb-check-results.zip
  15. https://www.yahoo.com/ https://www.yahoo.com/lifestyle/miss-universe-making-history-pageant-133000676.html https://news.google.com/articles/CAIiEJBPUJV-q6xSrowqP5tzN1EqGQgEKhAIACoHCAowocv1CjCSptoCMPrTpgU?hl=en-US&gl=US&ceid=US%3Aen
  16. Testing URL copy/paste https://www.yahoo.com/ https://www.google.com/ https://www.reddit.com/ https://www.reddit.com/r/pics/comments/a6tyeo/fix_our_water_flint/
  17. decided to re-do the steps to avoid report confusion. so first, FRST report then Malwarebytes report ADWCLEANER report and finally, Windows Malware Removal Tool report
  18. miekiemoes

    bxactions from Google play Store

    Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: I verified this file is indeed not malicious. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
  19. Here is the scan log. scan log.txt
  20. Add me to the list of people hoping for a fix soon on this issue on a Windows 7 (64bit) system. I had the same problems as well with the two most recent beta component updates, and really tried to avoid/postpone this "release" update after seeing that others were experiencing the same hard lockups I was with the betas (frozen system, no mouse or keyboard working, but no BSOD or auto-reboot either, so only resolution was reset button or power-off restart). I moved back off the beta channel and onto the older release (stable version) for a couple of weeks and all was OK again. I thought that I had read in the forums that this update was being "withheld" pending resolution of this, but my system finally self-updated to the 1.0.508 component version on Friday (Dec 14th), and I had my first full lockup upon resuming from standby today (Dec 16th). It's been better than the betas (they caused all sorts of lockups), but sadly not bug-free.
  21. AdvancedSetup

    .tmp popup on every startup

    Okay, please temporarily uninstall all iObit software. If you have a license key make sure you have it available to use to reinstall later on. Once all iObit software has been removed please post back new FRST logs. Thanks
  22. I would say go back and follow their directions closely and have the sample unmodified file they say to use. The log indicates the key was not found to decrypt.
  23. Greetings, I believe this was a false positive which has since been corrected. You can find more info about this here. As long as the file that was detected was C:\WINDOWS\SYSTEM32\IASRECST.DLL along with the associated registry keys then you may safely restore them from quarantine, update your Malwarebytes database and scan again and they should no longer be detected.
  24. Yes, that drive shows an average of about 21 Mbps read and 16 Mbps write so it is a pretty slow drive. Opening and closing files with any program would be slow. USB 2.0 clock speed is 480 megabits per second. That's 60 megabytes per second. Given the protocol overhead and the fact that USB 2.0 is half-duplex, the maximum data rate will be 30-40 megabytes per second. The 480 megabits per second limit applies to the USB controller and is shared between the ports attached to it. The number of USB controllers per card or motherboard will vary. Real world speeds for USB 3 would be about 3 times faster than your PNY USB 2 disk. Your drive is also in FAT32 - in theory it would be a little faster if it was formatted in NTFS but not drastically faster. Just FYI if you're thinking of getting a new USB 3 drive. https://www.lifewire.com/best-usb-flash-drives-4141193
  25. No, you shouldn't need to run the "Basic Repair" @MatthewC59 Unless something else was missed or something else has cropped up, we should be done here now. Thank you Ron
  26. Great, glad to hear. Thanks for the follow-up reply @Rupert24
  27. AdvancedSetup

    downloaded "movie"

    Go ahead and let Kaspersky remove what it found. Then you can run the FIX from FRST again but make sure you temporarily disable your antivirus. Then re-enable it when done. Thanks
  1. Load more activity

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.