Jump to content

PaulL

Honorary Members
  • Posts

    46
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi Root Admin. I see that we have talked before back in 2014. Is that there on purpose still? HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ScreenConnect Client (ff44bc4d-9fa5-4c40-b811-f9c628ea8010) => ""="Service" >>>> I have no idea what this link points to. Should I eliminate it somehow. [1 ] Please go to Control Panel, Programs, Programs and Features, Uninstall a program Then right-click and uninstall the following CCleaner - (computer experts no longer recommend this program) >>>> DONE!! I have been running this program on a daily basis for decades. What program should I now use to avoid collecting large numbers of junk files? [2 ] Please make the following change in Malwarebytes Please open Malwarebytes. Click on the small gear icon to open the Settings and go to the Security tab. Then turn off "Always register Malwarebytes in the Windows Security Center" Restart the computer It is highly unlikely that you need to setup exclusions for Windows Defender, however if you experience any issues, please see the following article and setup exclusions between Malwarebytes and Windows Defender >>>> DONE! I saw no interference between Malwarebytes and Windows Defender. [3 ] Are you sure you want this enabled or allowed? Push Notifications on your browser appear to be enabled for Firefox https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/ Turn notifications on or off - Google Chrome >>>> DONE! I turned off all push notifications in Firefox and Chrome. I don't use Edge or IE. [4 ] You have multiple batch, PowerShell and cmd shell operations saved in the root of C:\Users\Public - did you create these? Just an FYI that no files should be in the root of that parent folder. It's possible that some security programs may potentially detect and remove them even if they are valid. If you created them I would suggest you make a new folder in some other location to store them. If you did not create them then zip them up and attach here so I can review. C:\x-bkDTFiles.CMD C:\Users\Public\qqini.ps1 C:\Users\Public\qqReklamX.bat C:\Users\Public\qqini.bat C:\Users\Public\qqReklamX.ps1 C:\Users\Public\ReklamX.ps1 C:\Users\Public\ini.ps1 C:\Users\Public\ini.bat C:\Users\Public\ReklamX.bat >>>> The x-bkDTFiles.CMD is one of my backup batch files but I usually run in from the h:\SYNC\BKM directory. It has been moved. I don't know where the rest of these files came from. They are zipped and attched hereto. Please take a look at them. I don't know what they were intended to do. Paul Lepkowski 1.Zip 2.Zip
  2. <<pardon the intrusion>> I expect Advancedsetup will help you. These are some first steps just only for "notices" from Malwarebytes. The Block notices from Malwarebytes web protection do mean that Malwarebytes is keeping your pc safe from potential harm. A block notice is an advisory of the "block". A "malicious website blocked" is entirely different from a "malware detected" event. Malwarebytes web protection & real-time protections are keeping pc safe from potential harm. In Malwarebytes, click tab Notifications on second line, Show all notifications In Windows notification area slide the action button All the way to the LEFT side ( OFF ) on 4th line, Close non-critical notifications , pick 3 seconds >>>>> THANK YOU MAURICE. I MADE ALL THE CHANGES YOU SUGGESTED. I AM AWAITING OTHER SUGGESTIONS FROM ADVANCED SETTUP. PAUL LEPKOWSKI.
  3. I ran your support tool to let it gather the log zip file. The mbst-grab-results.zip file is attached hereto. I also ran a Malwarebytes manual scan which showed nothing. My premium account is a very old one dating back more than twenty years to the days of perpetual accounts. I look forward to hearing from you. Paul Lepkowski mbst-grab-results.zip
  4. The outbound trojan is originating from c:\windows\microsoft.net\framework\v 4.0,30319\wbc.exe abd us targeting normanisback.com which has been quarantined. The block repeats every 15 seconds or so and the machine is therefore bogged down. Help please!
  5. Before your reply above I had downloaded and run the support tool. It ran for over 90 minutes and reported that the repair failed. I then checked for the presence of the MBAM program and found the directory empty. I downloaded your general setup file and ran it. It installed MBAM, I ran it and entered my ID and KEY, checked that it had found my account, and ran a scan which found no problems. I then restarted MBAM, it offered to install a browser addin for Mozilla, I accepted the addin and ran a second scan which competed with no crap found. I think it is fixed.
  6. After updating windows to version 2004, 19041.388 last week Malwarebytes refused to start and does not appear in Task Manager. Using the task bar icon I deactivated real time protection. MBAM still refuses to start. I activated Windows real time security. I was doing manual daily scans for malware using MBAM. From an email from you dated 9/25/2018 my customer id is [removed] and my software key is [removed]. The license is a professional level perpetual license from many years ago. I downloaded your support tool version 1.7.0.827 and it ran for over a half hour and did nothing. Paul.
  7. Hi Nikhil, OK, that worked ... except for two glitches. I control my wifi hookup manually. When it rebooted and asked if I wanted to re-install MBAM I assumed that it wouldn't be able to download the program, so I manually started the wifi and signed into my cable company then I asked it to re-install MBAM which then worked fine. After the installation MBAM worked fine and found nothing malicious. I then tried to access my account which wanted me to sign in. I will now attempt to resolve the resultant issue with your customer service people. Thanks very much. Paul in NY
  8. Hello @Porthos, Sorry about that. I will re-post it without the key or id so that Nikhil knows the status of my problem. Paul in NY
  9. Hi Nikhil, I booted into safe mode and ran mb-support-1.5.3.749.exe again with the same result ... it could not write the data file to the desktop. Since I had signed in to safe mode as administrator but then ran the support tool as a user I figured that maybe the administrator's desktop might be verboten to a user. I then ran the support tool again with administrator privileges with exactly the same result ... it could not write the data file to the desktop. I then booted back to normal mode. McAfee Total Protection is able to scan the machine normally. Word Pad, Libre Office Calc, Notepad++, and Visual Studio are also normal. MBAM itself starts normally but it still fails 35 seconds after starting a scan. It does not begin scanning for rootkits. I think it might be unable to contact your server, yet I was typing this reply into your website while MBAM was failing to contact your server. Paul in NY
  10. I downloaded and ran mb-support-1.5.3.749.exe selecting "ADVANCED" and "GATHER LOGS". It ran for 15 minutes showing "COllect Logs", then for 10 minutes showing "RUN FRST", then for 15 minutes showing "ZIP LOGS". Then it reported that it failed to create mbst-grab-results.zip.
  11. My Windows 10 pro is now at version 1903, build 18362.418 after an update today. After the Windows update MBAM Premium 4.0.4.49, with a perpetual license, began failing repeatedly after 35 seconds while checking for updates. After doing a manual update check MBAM downloaded and installed an update. After restarting the updated MBAM it fails in the same way. See attached screenshot.
  12. I have been using MBAM for many years. I am currently running version 3.6.1.2711, component package 1.0.508, update package 1.0.8365, on a Windows 10 pro computer. My license is the old premium license which never expires. For the last three days a popup box appears every few minutes advising me to change my settings to turn on all protection status settings. The popup box contains clickable boxes to access the settings or ignore. Clicking on either of these boxes does nothing. Clicking on the tray logo pops up a box which has checkmarks next to Web, Exploite, Malware and Ransomware Protection. In the main MBAM window clicking on Settings > Application shows that the Event Log Data, Proxy Server, User Acess, and Beta Application Updates are OFF and all other choices are ON. Settings > Protection shows that Startup Options and Enable self-protection module early start and OFF and all other choices are ON. Prior to the last few days the popup box never appeared. Has some sort of malware infected my MBAM installation?
  13. Hi Winactive, thanks for taking the time to try to help. I haven't tried Speccy, but Belarc Advisor seems to find everything I need. I bought a replacement machine. I have found that the vfp9 installation is moveable if you dig out all the registry keys. The hardware is all standard stuff, there is nothing really unusual in this machine. Microsoft just decided to change a bunch of stuff and make old machines obsolete. I might either leave win10 on this machine but just keep it off the internet, roll it back to win7 with microsoft's help, install a linux distribution or just turn it into a file server only.
  14. On 8/16 another microsoft tech found that the ISO DVD was version 1703 which would not work. She downloaded 1607 and burned another DVD on my laptop and began the installation of 1607 on the desktop without destroying my programs or data. She signed off after about two hours after the installation had begun. The installation took an hour, then it automatically spent two hours updating windows, rebooted and I logged in. I spent two hours testing everything I could, including a long, slow test of drive c: with the western digital test program. It seemed to be running perfectly. Then windows update found some more updates to install, downloaded them, and asked to restart which I allowed. After two hours of updating the update froze at 88% and stayed frozen for 36 hours. On 8/18 another microsoft tech asked me to shut down the update process and restart. It would not start. After the BIOS screen it displayed the blue window, then a black screen with a frozen wheel. I shut it down. She said someone would call me back on 8/22. On 8/22 another tech named Haseeb called, reviewed the case, and agreed that I should restore again from the same old macrium image from 4/8. I did that. Haseeb called back on 8/23, actually got the machine to reboot once (using the image from 4/8), checked for out of date drivers, and said he would talk to the developers and call back. On 8/25 Haseeb emailed asking if the machine will reboot. I shut it down and restarted, it failed to reboot, I shut it down again and restarted, the repair console started, it attempted a repair which failed, I shut it down and restarted and the thing booted normally. HUH!!! I replied to Haseeb's email explaining all this. On 8/29 Haseeb called, said that the developers wanted the event log files, he restarted it, it failed to boot normally, if failed to boot to safe mode from the HDD, it failed to boot to safe mode from the windows ISO DVD, it booted to a windsows PE command prompt from the windows ISO DVD, but we couldn't find the event files. On 8/30 I restored from the 4/8 image again, waited for the updates to finish, logged on, found the event files in c:\windows\system 32\winevt\logs, copied them to a USB drive and zipped them. Then Haseeb called, ran msdt and uploaded many event files. That's the last I heard from Haseeb. On 8/31 a support escalation engineer called, checked the model number, and announced the desktop is not compatible with windows 10 and is no longer supported, the device drivers are out of date and new ones are not available. She determined this by referring to the original specifications for the Gateway Model DX-4860-UR10P which specified that it supported windows 7. I pointed out that these specifications were written in 2011, which was five years before windows 10 was released so they could not be expected to specify that it supported windows 10, and that windows 10 was supposed to replace windows 7 on most standard machines. She said that she could re-install Windows 7 for me. She recited the company line that they must continue to modernize windows to provide the customer with the best possible experience. Back in February 2016 I ran a microsoft compatibility check program before installing windows 10 which reported that the machine was compatible with windows 10 so I installed windows 10 which ran perfectly from February 2016 until April 2017. Then, early this year, microsoft installed updates which broke windows 10, destroyed the usefulness of this machine and possibly destroyed my office pro 2013, vfp9 and other compiler installations which probably can't be duplicated because of their age. I probably can no longer support the programs which I have written, without compensation, for various Elks, Lions, VFWs, Knights of Columbus, and several greyhound adoption groups since 1997. On 9/1 Acer support reported that they do not provide support for Gateway win 7 or 8 machines and that no drivers are available. On 9/4 another microsoft tech called, and wanted to make an appointment for 9/5 to run a support session and install Windows 7. He said that this would have to be a clean install which would destroy my compiler installations and that it was not possible to re-install windows 7 and preserve the user program installations. I told him I’d get back to him via email. I am wondering how I can solve this problem which seems to revolve around drivers for this old 2012 machine. Can I find new drivers for the relatively standard hardware implementation without support from Gateway or Acer? Can I install a new motherboard with readily obtainable drivers in the old box which will interface with the windows 10 on the current disk? Can I buy a new computer and use the old disk with its windows 10 installation on the new machine? Can I somehow move the vfp9 compiler to a new machine without the original vfp9 installation DVD or the ability to download installation files from microsoft? I have a legal key for this vfp9 installation. Can I somehow get 11 Elks clubs, 7 Lions clubs, 4 VFWs, 3 KofC chapters and 3 greyhound adoption groups to sue microsoft for new programs to replace the ones I wrote for them? PaulL
  15. Hi Ron, It's really microsoft. Cablevision, my isp, provides cable TV, internet service and VOIP telephone service to about 25 million subscribers in the NYC metro area. They would not hook me up with scammers. Today microsoft did a remote again and built a bootable Win 10 installation DVD on my now almost functioning laptop. They will call me back tomorrow to take remote control of the desktop and rebuild windows on it using the ISO on the DVD. It sounds like they have been screwing up updates so much that they had to do something to fix things. When we're done we can run whatever scans you would like. The laptop is still misbehaving. It did four updates yesterday after rebuilding windows and rebooted after each update. When it reboots it stalls at the Gateway splash screen before loading windows. The first time it did it the microsoft tech told me to kill the power, wait a few seconds, turn it on, then continuously tap the F8 key repeatedly. The splash screen came up and after about 20 taps of the F8 key the microsoft water wheel thingy appeared and it booted. Apparently there is something hinky in the BIOS startup in the laptop. It is a Gateway NV76R. I'll get back to you when this is done after tomorrow. Paul
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.