• Announcements

    • AdvancedSetup

      Support Alert - Hurricane Irma   09/08/2017

      Due to weather in the South East United States response times may be delayed. We appreciate your patience and understanding.  

AdvancedSetup

Root Admin
  • Content count

    67,139
  • Joined

  • Last visited

About AdvancedSetup

  • Rank
    Staff

Contact Methods

  • Website URL
    https://www.malwarebytes.org

Profile Information

  • Location
    US

Recent Profile Visitors

333,482 profile views
  1. The usage level has exceeded the max volume allowed.

    Hello @Jay163 Please send me a private message with your license information as well as your purchase information (typically a .PDF) and I will assist you. Thank you Ron
  2. Web browswer pop-ups.

    Hello @eminem4002 and Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes 3 installed yet please download it from here and install it. Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know on your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan. When finished, please click Clean. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Ron
  3. All looks good @Hefirb Your computer looks to be clean at this time. Take care and stay safe out there Ron
  4. Need ccleaner substitute

    Topic now closed as it has been answered.
  5. Overall looks good. No obvious signs of an infection. How is the computer running now?
  6. 3.2.2 update causes major problems with XP

    Okay, here is my recommendation. Not all are related to making our program run, some just don't really need to run (in my opinion) HKLM\...\Run: [RegTool] => C:\Program Files\Gemplus\GemSafe Libraries\BIN\RegTool.exe [40960 2006-10-04] (Gemplus) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [SecurDisc] => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-06-25] (Nero AG) HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057064 2007-06-25] (Nero AG) Do I need a Windows Registry Cleaner? I love Nero and own it myself, but none of these tools really need to be running. Almost no one burns CD/DVD all that much anymore. Stopping these tools from running will not affect your ability to burn a CD if you want to either. I would recommend stopping all of the items above from running on startup of the computer. Your version of Java is way out of date. Please uninstall ALL versions of Java as older versions are compromised and can help lead to an infection. HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.) Acronis TrueImageHome is a great product, but are you using it? Have you used it? Nothing wrong with using it, if you're actually using it. If you're not using it though then it's consuming resources for no reason. HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [904840 2009-06-10] (Acronis) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [136472 2009-06-10] (Acronis) You don't appear to be running any Symantec software yet you have their updater installed and running. I would recommend you uninstall it. LiveUpdate 2.0 (Symantec Corporation) You do have a scheduled backup task. Is it working? Are you backing up files? Task: C:\WINDOWS\Tasks\____Volume_bad0624a_9f68_11dc_be56_806d6172696f______Volume_8a6deb1c_ab44_11e2_8029_001aa064f970__.job => C:\Program Files\Western Digital\WD SmartWare\BackupTask.exe As you can see below, the computer is experiencing quite a few errors. Due to the age of the computer many of them are to be expected but when or if possible all error should be corrected. ==================== Event log errors: ========================= Application errors: ================== Error: (09/19/2017 07:20:22 PM) (Source: Application Hang) (EventID: 1001) (User: ) Description: Fault bucket 471514000. Error: (09/19/2017 07:16:10 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application UIMain.exe, version 1.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (09/19/2017 07:14:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application uimain.exe, version 1.0.0.1, faulting module biservice.dll, version 1.0.0.1, fault address 0x00001ce6. Processing media-specific event for [uimain.exe!ws!] Error: (09/19/2017 07:11:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application UIMain.exe, version 1.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (09/18/2017 06:21:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (09/12/2017 07:28:35 PM) (Source: Application Hang) (EventID: 1001) (User: ) Description: Fault bucket 1180947459. Error: (09/12/2017 07:27:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (09/12/2017 06:49:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application UIMain.exe, version 1.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (09/12/2017 06:37:52 PM) (Source: MsiInstaller) (EventID: 11922) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 1922. SA_Error1922: StandardAction(0xC0070782): Service 'AVG WatchDog' (avgwd) could not be deleted. Verify that you have sufficient privileges to remove system services. Error: (09/08/2017 06:17:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application dejavux2.exe, version 8.0.0.630, faulting module atril.dejavux2.base.engine.dll, version 8.0.0.630, fault address 0x01186c81. Processing media-specific event for [dejavux2.exe!ws!] System errors: ============= Error: (09/19/2017 07:06:58 PM) (Source: W32Time) (EventID: 29) (User: ) Description: The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error: (09/19/2017 07:06:58 PM) (Source: W32Time) (EventID: 17) (User: ) Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error: (09/18/2017 06:43:06 PM) (Source: Windows Update Agent) (EventID: 16) (User: ) Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection. Error: (09/18/2017 05:35:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The @%SystemRoot%\system32\bfe.dll,-1001 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (09/18/2017 05:35:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Timeout (30000 milliseconds) waiting for the @%SystemRoot%\system32\bfe.dll,-1001 service to connect. Error: (09/18/2017 05:35:21 PM) (Source: 0) (EventID: 1) (User: ) Description: Event-ID 1 Error: (09/16/2017 06:20:47 PM) (Source: Windows Update Agent) (EventID: 16) (User: ) Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection. Error: (09/14/2017 08:05:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The @%SystemRoot%\system32\bfe.dll,-1001 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (09/14/2017 08:05:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Timeout (30000 milliseconds) waiting for the @%SystemRoot%\system32\bfe.dll,-1001 service to connect. Error: (09/14/2017 08:04:57 PM) (Source: 0) (EventID: 1) (User: ) Description: Event-ID 1 What I think the biggest issue you're having is probably due to a corrupt installation of the AVG antivirus software. Just an FYI that Avast has purchased AVG What I would like to do is to have you temporarily uninstall your AVG antivirus software and Tune-up software. After you uninstall AVG please use their clean removal tool to finish removing left over elements. http://files-download.avg.com/util/tools/AVG_Remover.exe Then user our own MB-Clean tool as well and remove and reinstall Malwarebytes. Then go to the Settings > Protection > and scroll down and click to uncheck the "self-protection module" - then restart the computer and let me know if you're still having issues with Malwarebytes or not. Thanks Ron
  7. Please run the following steps and post back the logs as an attachment when ready. STEP 01 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan. When finished, please click Clean. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. STEP 02 Please download the Farbar Recovery Scan Tool and save it to your desktop. Restart the computer and run a new FRST scan. Make sure to include a new Additions.txt log Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Ron
  8. svcmx.exe taking over

    That version is not signed. Did you try it?
  9. Malwarebytes Tray Application Running In Background Problem

    As this topic has been answered I will go ahead and close it now. Thank you everyone Ron
  10. svcmx.exe taking over

    Hello @Arix and Please read the following and try to run this rootkit scanner as shown. It's quite late for me, so I'll check back on you again sometime tomorrow. Thanks Ron
  11. Hello @Hefirb and Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Thanks Ron
  12. Outgoing website blocked

    And how did that go? Are you still having issues?
  13. Malwarebytes 3.1 won't launch

    Hello @joltsu can you please run the following and post back the logs as an attachment. Thanks Ron
  14. Malwarebytes won't run

    Hello @Hfowler and Please read and follow the directions from below and post back the requested log files. Thanks Ron
  15. Malwarebytes Killed by update!

    Awesome.. sounds good. If you need anything else please let us know. Take care Ron