Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. I am active, but unable to scan my computer right now. I may update this thread in the next 24 hours.
  3. Thanks. Lets go forward with this. I would suggest to download, Save, and then run Malwarebytes ADWCLEANER. Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner scan. Adwcleaner detects factory Preinstalled applications too! Please download Malwarebytes AdwCleaner https://downloads.malwarebytes.com/file/adwcleaner Be sure to Save the file first, to your system. Saving to the Downloads folder should be the default on your system. Go to the folder where you saved Adwcleaner. Double click Adwcleaner to start it. At the prompt for license agreement, review and then click on I agree. You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner). Then click on Dashboard button. Click the blue button "Scan Now". allow it a few minutes to finish the Scan. Let it remove what it finds. NOTE: When it comes to the section " Pre-installed applications You can skip that. Please find and send the Adwcleaner "C" clean report. In Adwcleaner, click the "Reports" button. Look at the list of reports for the latest date & type "Clean". Double Click that line & it will open in Notepad. Save the file to your system and then Attach that with your reply. That C clean report will be the one with the most recent Date and time at folder C:\AdwCleaner\Logs [ 2 ] NEXT Consider these steps In the Windows 10 search box, type in remote desktop on the result list, look for Remote Desktop application app and click on Run as Administrator Click on Yes when prompted on the folloring window, look at bottom right-side & click on "Show Options" Next click on the tab "Local Resources" and un- tick the check box for Clipboard Thanks. Keep me advised.
  4. @Porthos I can help shed some light on ISOs vs MCT as well as WIM vs ESD. Plus, if needed I can deep dive in to the Windows Setup process, which is the process that installs Windows including Clean Installs and Upgrade Installs. I personally have a passion for Windows internals and dealing with OS installs, images, and updates. So this is right up my ally so to speak. Windows 10 Media Creation Tool (MCT) The Windows 10 Media Creation Tool (MCT) is a utility that builds Windows OS installation media (USB, ISO, or a temporary store for an in-place upgrade) on-demand using the Universal Update Platform (UUP) . This installation media can then be used to install Windows 10 on your device or another device. It supports clean installs, upgrade installs, or custom installs using DISM. The overall structure of installation media created by the MCT is exactly the same to what you are used to seeing in traditional Windows OS ISOs and DVDs. In fact, this same structure is still used when Windows Update performs a "Feature Update" which is just a rebranded name for an automated in-place upgrade performed by Windows Update (via the UUP) on a Windows 10 PC. There is one difference though, which is that the MCT stores the Windows OS images themselves in an ESD file (install.esd) in the Sources folder of the installation media rather than install.wim like you may be used to seeing in traditional Windows OS ISOs/DVDs. An ESD file (short for Electronic Software Distribution Windows Image File) is simply a more modern version of a WIM file (Windows IMage File) with a higher level of compression. ESDs can be used by DISM and even 7Zip for more advanced installations or extracting images or even individual files. Think of an ESD/WIM as almost a Zip file but built specifically for Windows Imaging (aka Windows OS Installation) So what does the MCT actually do? From a high level, the MCT does the following: Dynamically obtains a products.cab file which contains an XML list of the latest UUP and ESD components from Microsoft's UUP servers Stages a temporary folder to build the installation media and stores a configuration profile based on the settings you provided the MCT (through the GUI or CLI) Downloads the core OS component packages, applicable base OS ESDs, the latest applicable Servicing Stack Update (SSU), and the latest applicable Cumulative Update (CU). Creates the installation media (using the same basic structure as an ISO) using the downloaded components. I can dive deeper in to this process if needed. Outputs the finalized to an ISO, a USB flash drive, or a special local folder if running an in-place upgrade. One thing I like to call out that is awesome about the MCT on top of making updated media is that you can select the option to create multi-architecture media. That means a single ISO or USB flash drive with both x64 and x86 versions of Windows. Add the fact that it uses ESDs and that will save some additional space if you like to collect Windows OS installation ISOs like me. Windows 10 ISOs This is the more traditional format of Windows OS installation media many are used to and is what was used to create those fancy Windows DVDs. Still, the basic structure of the ISO is still in use today and will likely never go away. With that being said, there are some major differences with how Microsoft deploys and updates ISOs on top of the difference of how the Windows Installation Images are stored. Let's review... By default, ISOs from Microsoft are going to use an Install.wim file which is similar in function as a Zip file but is specifically used for installing Windows Images on a device. WIMs have been around since Windows Vista, so they can appear to be easier to utilize, but in today's world you can just as easily interact with ESD files with common tools like DISM and 7Zip. The biggest difference is that they are not as compressed as ESDs, so they take up more space and there are a couple of additional things you can do with them using DISM, but that's a story for another day. The real difference though is how Microsoft makes and maintains ISOs. Generally speaking, ISOs are only updated with slipstreamed CUs and SSUs when Microsoft deems fit. In many cases, the ISOs are actually .1 or RTM builds. This can be great if you are doing custom WIMs/ESDs that you are personally slipstreaming updates or other customizations to, but for most users, including power users, this just means extra time after installation to install the latest SSU and CU. Another difference is how to obtain the original ISOs. Generally speaking, Microsoft makes them available via the following channels: MSDN (Subscription required) Software Download Site (aka Techbench) - https://www.microsoft.com/en-us/software-download/windows10iso Note - You'll need to change your browser's device type using Developer Tools (F12) or a Mac/Chromebook/Linux device to access this as it redirects Windows PCs to the Upgrade Assistant/Media Creation Tool What is the Upgrade Assistant/Update Assistant? Honestly, its just a stripped down and rebranded version of the Media Creation Tool. Rather than give you the option to create media, it just give you the option to perform an in-place upgrade or clean install. It obtains, stores, and creates the installation media the exact same way as the MCT and then starts an install via Windows Setup (setup.exe). Why a separate tool that does the same basic thing? You're guess is as good as mine. One would have to ask the PM at Microsoft. Hey I Automatically got the latest CU using an ISO or MCT without it - What Gives? This is normal and expected behavior since Windows 8.1 if you have internet access via a feature known as Dynamic Update. Windows Setup (the actual process that performs the OS install/upgrade - used by the MCT, ISOs, etc.) will by default utilize Dynamic Updates unless you are offline OR use a CLI argument to not use it. Dynamic Update will download the latest SSU and CU then stage them to be installed during OOBE (Out Of Box Experience - near the end of the whole process). If a CU/SSU is not flagged as a Dynamic Update by Microsoft though, then those will be offered up when Windows completes the OOBE and does a check for updates via Windows Update. So yes, you are likely to end up getting the latest OS build when things are all done, but it might take a little longer if the source WIM/ESD was outdated.
  5. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you
  6. Whether or not you like the program, the reality is that programs by ashampoo tend to fall under PUP for various legitimate reasons (not the least of which is that these programs are completely unnecessary in the first place; you already have the tools you need in windows by default). You can add Ashampoo programs to your exclusion lists if you do not want them flagged. But it doesn't change the fact that it is a PUP by nature
  7. MWB ended up detecting 4 files as malware; I believe this to be a false positive. Included is the Log, and 4 files log.txt IGEffectsConfigurator2.zip SwatEd.zip UCC.zip IGEffectsConfigurator1.zip
  8. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes for Windows Help forum. If you are having technical issues with our Windows product, please do the following: Malwarebytes Support Tool - Advanced Options This feature is designed for the following reasons: For use when you are on the forums and need to provide logs for assistance For use when you don't need or want to create a ticket with Malwarebytes For use when you want to perform local troubleshooting on your own How to use the Advanced Options: Screenshots: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  9. Hi. Is this something I should be concerned about? I had about 15 chrome tabs open, when 10 messages of this showed up, so I don't know what website this was referring to. I attached an image too. Thanks. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 5/28/20 Protection Event Time: 5:32 PM Log File: 1bdc9d68-a133-11ea-bc45-bc5ff4ea2c44.json -Software Information- Version: 4.1.1.71 Components Version: 1.0.927 Update Package Version: 1.0.24614 License: Premium -System Information- OS: Windows 10 (Build 18362.836) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: socket.24live.co IP Address: 192.241.184.21 Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  10. Yesterday
  11. Sorry about that. I ran the farbar scan again because I had deleted the log and here is the farbar log of the new scan with the addition log. FRST.txtAddition.txt
  12. I would recommend that you go to Control Panel, Programs, Uninstall a program and uninstall the following Bonjour McAfee Virtual Technician Why You Shouldn’t Download CCleaner for Windows anymore https://helpdeskgeek.com/free-tools-review/why-you-shouldnt-download-ccleaner-for-windows-anymore/ Here’s What You Should Use Instead of CCleaner https://www.howtogeek.com/361112/heres-what-you-should-use-instead-of-ccleaner/ What is this for? D:\Haole Boy\Other tools\SDIO\autoupdate.bat Please run the following fix. NOTE: It will close all applications and clear all web browser cache and cookies. If you have open tabs you've not saved or bookmarked please do so. Ensure you know passwords for your websites too. It will empty the Recycle bin and delete all temporary files as well. Then it will run a scan to verify all Microsoft files are valid and not corrupted.Then on reboot, it will run a disk check to ensure disk integrity. Depending on the speed of the computer it may take 30 minutes or more to complete the task. Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Thanks
  13. Rebuilding the MCT takes time as well. I would have to test but if I remember correctly the MCT does not include the Cumulative updates. It still happens on the computer via updates when using the MCT drive. They want to keep the image small to fit on a 4 gig flash. Several months down the road before the next feature update the MCT would grow larger than 4 gigs if the CU's were included when building the MCT. It just "looks" like it has them because it is part of the install to check for updates if not specifically unchecked in the install options (an extra "hidden" click).
  14. Per your request, here are the frst.txt and addition.txt. These are from the FRSTEnglish.exe that gets downloaded by the Support Tool. FRST.txt Addition.txt
  15. Thanks for reporting, this has been fixed.
  16. AWESOME - Thanks @Porthos Wasn't looking but good price. Might have to go ahead and get one. https://www.costco.com/seagate-backup-plus-5tb-portable-hard-drive-with-rescue-data-recovery-services.product.100510586.html
  17. Hello @Infekted and Please run the following steps and post back the logs as an attachment when ready and we'll see what we can find and get you cleaned up STEP 01 If you're already running Malwarebytes then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes installed yet please download it from here and install it. Once installed then open Malwarebytes and select Scan and let it run. Once the scan is completed click on the View Report button, then the Export button and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know in your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Attach or Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a checkmark here. Please attach the Additions.txt log to your reply as well. Thanks
  18. Hello I have the files for the scans and it's showing no threats on the malware fighter. Still having the Bitcoin Address Changer Malware issue though. FRST.txt Addition.txt scan_2020-05-28-23-04-37 .txt
  19. Hey Ron, If you are a Costco member or know one, They are on sale for 89.99 till the 31st if you want more (limit 3)
  20. It's not what you believe, its what you can prove. Read my post (again).
  21. Not sure if this is something you're interested in but I have a few of these 5TB drives that I use for backup and they've worked quite well for me. https://www.newegg.com/seagate-model-sthp5000400-5tb/p/1Z4-002P-00VD0
  22. @biomembrain We generally prefer to work publicly here on the forums, however if you are greatly concerned about privacy you may contact Malwarebytes Support directly if you aren't comfortable posting logs in public. In the future I suggest using the help desk for all support needs. Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help
  23. Michael, Thank you, but it appears to still be blocked. Is there an issue, or should we wait?
  24. The topic has been moved to the Malware Removal forum so that I can assist you further @HarryZ Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well. Thank you
  25. Well, I view it as a bit different than lazy. Having to always perform updates takes much more effort and time. If I were doing as many as you do I'd get the MCT with all the latest dynamic updates. Then do the conversion and rebuild the ISO or USB stick installer using the convert ESD to WIM if wanted. In the long run, especially if doing a dozen upgrades, it would have to save at least a few hours in time alone.
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.