Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. I agree with Dave. My test system's context menu MB3 entry was missing after the v3.8.2.2960 - 1.0.612 Beta2 update and was immediately corrected by toggling the Settings -> Applications -> Windows Context Menu Off & On again.
  3. Hi, Thank you for the 2 report files. I will review. I will be providing some tips on possible recovery of your user files, after we make sure there is nothing malicious around. These are the next things we need to cover. Ransomwares will turn off the Windows System Restore service. So please make time & review this link on how to get that turned back on. https://www.thewindowsclub.com/system-restore-disabled-turn-on-system-restore-windows I have listed below a couple of other tasks, that will not take a lot of time. [ 1 ] Please delete the MBAR.exe that I had you use before. We will be using a more recent version of this tool. Please read all of these lines first so that it is all clear to you about our plan. I need a one time run of MBAR like listed here, please. This here all total should maybe take 10 minutes overall. Please download Malwarebytes Anti-Rootkit (MBAR) from here this link and save it to your desktop. Doubleclick on the MBAR file and allow it to run. •Click OK on the next screen, to allow the package to extract the contents of the file to its own folder named mbar. •mbar.exe will launch automatically. On some systems, this may take a few extra seconds. Please be patient and wait for the program to open. •After reading the Introduction, click 'Next' if you agree. •On the Update Database screen, click on the 'Update' button. •Once you see 'Success: Database was successfully updated' click on 'Next', then click the Scan button. With some infections, you may see two messages boxes: 1.'Could not load protection driver'. Click 'OK'. 2.'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions. •If malware is found, press the Cleanup button when the scan completes. . Please attach the log it produces, you'll find the log in that mbar folder as MBAR-log-<date and time>***.txt . Please attach that to your next reply. Just please keep going and also do step 2 below. [ 2 ] This is a special run with the Malwarebytes for Windows. This may take an hour or 2 or several hours, depending on speed of your hardware & also number of files on the disc. It is worth doing so that we have a new check on the whole drive. Let me suggest you do a CUSTOM scan on the whole C drive ! Open Malwarebytes Click the Settings menu followed by the Protection tab. Scroll down to Scan Options and turn the Scan for rootkits setting on. Next, click the icon button at left marked SCAN Then, from the 3 panel choices, click on the middle one marked CUSTOM ( IF you see a summary white screen with a green check, click on the Close X spot on the right side so you get to that out of the way & then click Scan button on the left & then Custom scan on the middle selected .) Then click on Configure Scan button be sure the Scan for rootkit on left is ticked Be sure to click on the box marked C on the right. You want to scan the whole C drive. Then click Scan Now button. Then see what the result is. This scan will be the one that takes the most time. Let it run overnight and then check on it tomorrow. I believe you are some 6 hours ahead of me & it must be nearly midnight. Very sincerely,
  4. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  5. Hello all... OK - I've been a long time Malwarebytes Anti-Malware registered user. Purchased it years ago under a lifetime promotion price. The only PC I've ever had it on was my one desktop system. Sure, periodically, I had to have repairs done, resulting in complete reloading of the OS at that time. And in each case, my previous login ID and registration number were no longer recognized. It happened again - I just updated my Windows 10 OS from version 1809 to version 1903 - all went well OS-wise, but as usual, when it comes to Malwarebytes, it would (again) no longer recognise my ID and registration information - telling me, "I've exceeded the number of devices I have it on" - huhhhhhhhhhhhh? Malwarebytes Anti-Malware has been on my system with the current registration information and working just fine - but after the upgrade to Windows 10 version 1903, it has now become a trial version. I tried reentering the registration info that I had, but now... So I filled out 3 different support tickets beginning last week and nobody has gotten back with me on this matter. I was starting to wonder if Malwarebytes was going out of business because of the quiet. Previously, the responses were quick, but now I wonder what happened. All I need is a new ID code and registration information - the old ones of which I sent to the help desk. Anybody else having this issue with malwarebytes (all of a sudden) not taking your registration information. Thanks, Ben Herrmann
  6. Hello Maurice, Thank you so much for your continued support. I really appreciate you sticking by. I have done everything stated above and now there are no more random links opening up on Chrome. I was able to open windows defender and run a quick scan, but it stated that nothing was detected. I installed Malwarebytes and it detected around 68 viruses and got them all cleaned. The only problem that seems to persist are those .DALLE files that still have all my work documents locked up. They are literally worth a lot of effort and thus money. Below I attach the fixlog files as well as my last results from the Malwarebytes scan. Thanks, Fixlog.txt Malwarebytes test results.txt
  7. Before receiving your email regarding my problem with the constant pop ups I did a system restore 3 different times & it took care of the problem for now. I've not had a pop up all day so I hope it continues this way. I truly appreciate you taking the time to address my problem and reply with some possible solutions. Sincerely, kimbabrt
  8. Thanks for the report. It seems to me, the one Scan run from the 25th was a "right click" context scan. It indicates scanning 5 items & took 5 seconds. Question just for clarity: Did you pick a normal THREAT scan ? By the way, this system has a TROVI pest on Chrome, plus a srchbar search hijacker. [ 1 ] Let's do one new run with Malwarebytes for Windows. Start Malwarebytes. Click Settings. Click Protection tab & scroll down to Scan options. On the section "Potential Threat Protection" look down at the one "Potentially Unwanted Programs (PUPs)" look and make sure it is set to "Always detect PUPS ". and look down at the one "Potential Unwanted Modifications (PUM)" look and make sure it is set to "Always detect PUM ". and scroll all the way down to the section Automatic Quarantine On the line "Automatically quarantine detected malware" be sure it is ON Then once all set there, click on SCAN button Then insure Threat scan has a check mark. Then click Start scan. Review the results list. Then I would suggest you make sure all lines have a check mark To that end, if you click the very top left checkbox you can force all detected lines ( if any are detected) to be selected for removal. Be sure each line is checked. Then you can proceed to click on the blue button Quarantine selected. Let me know how it goes. In Malwarebytes. Click the Reports button ( on the left ) Look for the "Scan Report" that has the most recent Date and time. When located, click the check box for it and click on View Report. Then click the Export button at the bottom left. Then select Text File (*.txt) Put in a name for that file and remember where the file is created. Then attach that file with your next reply ( later ). [ 2 ] I would suggest to download, Save, and then run Malwarebytes ADWCLEANER. Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner. Please download the current release for Malwarebytes AdwCleaner from here: https://downloads.malwarebytes.com/file/adwcleaner Go to the folder where you saved Adwcleaner. Double click Adwcleaner to start it. At the prompt for license agreement, review and then click on I agree. You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner). Then click on Dashboard button. Click the blue button "Scan Now". allow it a few minutes to finish the Scan. You should then see a screen showing "Scan results". Review what is listed. If something is listed that you know for sure is safe, then for that line, click the check-box on the left so that it is un-checked. (NOTE, clicking the small right pointed little arrow, will cause the screen to refresh & show all line items . ) When ready, click on the button "Clean and repair". If prompted to restart then click on "Clean & Restart Now". When You see screen with "Your cleanup is complete", click on the View Log file button. It should then show as a open window in your text editor ( normally Notepad). Do a File >> Save As, given it a unique name and Save to your Desktop or some other permanent folder. Kindly provide a copy of that run report. Attach it with reply. When done with Adwcleaner, click the X button to Exit out. Thank you.
  9. As you asked see attached folder, please advise if not correct or you need additional information.. Thanx again, Ed. Autoruns.zip
  10. Just to be clear. Did you install DriverMax yourself at some point?
  11. Please download and install the following beta version @HRosewood https://malwarebytes.app.box.com/s/44jig366r1s3aftdw82vobkqyqlpx1m6 Let me know if there are any issues with this version Ron
  12. Today
  13. Hi Dan, The logs do not indicate any obvious infection. It does show some errors and there are signs that you've had Avast and/or AVG antivirus on this computer before as it was not fully uninstalled. McAfee also looks to be possibly blocking some valid programs, but further research may be needed with their support. ==================== Event log errors: ========================= Application errors: ================== Error: (06/25/2019 02:08:31 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8940,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/25/2019 10:35:12 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10756,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/25/2019 10:23:15 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7804,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/24/2019 03:48:45 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (360,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/24/2019 02:47:12 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (13820,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/24/2019 02:41:01 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (13608,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/24/2019 02:04:32 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7396,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/24/2019 01:43:52 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (11348,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (06/25/2019 05:29:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\system32\IntelWifiIhv04.dll Error: (06/25/2019 05:29:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\system32\IntelWifiIhv04.dll Error: (06/25/2019 05:29:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\system32\IntelWifiIhv04.dll Error: (06/25/2019 05:29:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Origin Web Helper Service service terminated unexpectedly. It has done this 1 time(s). Error: (06/25/2019 05:29:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The McAfee WebAdvisor service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1 milliseconds: Restart the service. Error: (06/25/2019 05:29:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Intel® SGX AESM service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. Error: (06/25/2019 05:29:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). Error: (06/25/2019 05:29:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. Windows Defender: =================================== Date: 2019-06-24 02:46:15.455 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80508023 Error description: The program could not find the malware and other potentially unwanted software on this device. Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. CodeIntegrity: =================================== Date: 2019-06-25 17:34:27.210 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-06-25 17:34:27.170 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-06-25 17:34:25.091 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-06-25 17:34:25.073 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-06-25 17:34:10.484 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-06-25 17:34:10.476 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-06-25 17:34:10.466 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2019-06-25 17:33:24.874 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements. Thanks Ron
  14. Same here. No issue.
  15. Okay, give me some time. I'm trying to get a valid link for our latest beta.
  16. You are welcome. Thanks for the report. That is a perfect one. Is there anything else you need? if so, let me know. If not, we can plan to close this case. I notice you are running the Free trial. Just letting you know that the Malwarebytes Premium has multiple layers of active protection, including anti-ransomware protection. Cheers, Maurice
  17. I forgot to look, Same here. I guess not so flawless.😞
  18. RE: v3.8.1 context menu - old bug still a problem - S2D2 It is tiresome to have to toggle the setting for the Context Menu every time. If I can toggle the GUI setting to re-enable the functionality w/o rebooting, it can be done in the software w/o forcing a reboot.
  19. Hello @buffee and Let me have you run the following and post back the logs as an attachment and we'll see what we can find. If your antivirus alerts about possible malware it is a false positive. Tell your antivirus to go ahead and allow the download. Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes 3 installed yet please download it from here and install it. Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know on your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Ron
  20. Flawless upgrade from 3.8.1 👍
  21. Hi Maurice, Thank you very much for bearing with me! And also, I think the adware is also gone! MalwareReport.txt I have uploaded the report below.
  22. Hello - first off, love you guys, thanks for being awesome (and for providing this above-and-beyond forum service). I'm trying to stabilize a PC that is displaying Quick Maps and Directions adware. MWB doesn't see it, nor does AdwCleaner. Farbar scan results attached. Thanks! Addition.txt FRST.txt
  23. mb.txt AdwCleaner[C02].txt FRST23.txt Addition23.txt
  24. I cleaned my Chrome, still can't open Malwarebytes though, same "connection error"
  25. Thank you so much! Great support and a great piece of software. Have a wonderful day!
  26. You can get FREE help in our Malware removal section. I will request your topic moved to that section.
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.