AdvancedSetup

We are currently reviewing the site. Thank you

Site was submitted for review. Thank you

Version 75.0, first offered to Release channel users on April 7, 2020 https://www.mozilla.org/en-US/firefox/75.0/releasenotes/ Security fixes https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/

Hello @NabeelMansoor The Consumer version of Malwarebytes does not include that feature. Please review the backup posting that was provided during your recent clean up process. Having good, solid backups of your data is imperative on a computer today. Backup Software https://forums.malwarebytes.com/topic/136226-backup-software/

Hello @FLHRDR Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes installed yet please download it from here and install it. Once installed then open Malwarebytes and select Scan and let it run. Once the scan is completed click on the View Report button, then the Export button and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know in your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Attach or Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a checkmark here. Please attach the Additions.txt log to your reply as well. Thanks

Since this issue is resolved the topic will now be closed to prevent others from posting here. If you need assistance please start your own new topic and someone will be happy to assist you. Thanks

Hello @mvector133 You can use a USB stick and download the program from another computer and save to disk. Then run from the affected computer and post back both logs as an attachment and I'll take a look and see what I can find. If needed this will also run from Safe Mode but if you can run in Normal Mode it would be better. Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well. Thank you

Hello @Calebowns and Let's go ahead and check your computer for an infection. Please follow the steps below Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes installed yet please download it from here and install it. Once installed then open Malwarebytes and select Scan and let it run. Once the scan is completed click on the View Report button, then the Export button and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know in your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Attach or Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a checkmark here. Please attach the Additions.txt log to your reply as well. Thanks

Hello @SecretAnthony More than likely due to a setting, cache, or an out of date plugin for Opera but let's go ahead and check the computer to make sure there is no infection Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes installed yet please download it from here and install it. Once installed then open Malwarebytes and select Scan and let it run. Once the scan is completed click on the View Report button, then the Export button and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know in your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Attach or Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a checkmark here. Please attach the Additions.txt log to your reply as well. Thanks

Hello @Copa51 Let's go ahead and make sure the computer is not infected and go from there. Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes installed yet please download it from here and install it. Once installed then open Malwarebytes and select Scan and let it run. Once the scan is completed click on the View Report button, then the Export button and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know in your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Attach or Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a checkmark here. Please attach the Additions.txt log to your reply as well. Thanks

I asked you if you had another computer besides the infected one. You said yes. So, using that other computer you do all the steps I mentioned above. 1. Yes, download the tool. Save it to your current good working system. GOOD CLEAN COMPUTER 2. You MUST have at least an 8GB USB thumb drive in order to build the installation media. Without it you'll need to either borrow one or buy one. Otherwise you'll need to physically take the computer into a repair shop. 3. Once you've downloaded the Media Creation tool you double click to install and run it. Then follow the directions on that page to create the media for ANOTHER computer onto a USB stick. GOOD CLEAN COMPUTER 4. Then once the USB stick is finished you insert it into the infected computer. Then use the Function key for your infected system to bring up the boot menu selection so that you can choose the USB drive to boot from. You can look that up on the manufacturer site or let me know the brand and model number and I can probably get that for you. BAD INFECTED COMPUTER

You need an external hard drive as large as the current drive space used. Drive c:\ () (Fixed) (Total:465.13 GB) (Free:376.35 GB) NTFS You're currently using about 90 GB of the current hard drive. That is very little data. Judging from the size of your hard drive the computer is probably a little old. Buying a small 500GB hard drive is actually more expensive than buying a 2TB drive these days. Here is an example Seagate (STGX2000400) Portable 2TB External Hard Drive Portable HDD – USB 3.0 for PC Laptop and Mac https://www.amazon.com/Seagate-Portable-External-Hard-Drive/dp/B07CRG94G3/

1. Yes, download the tool. Save it to your current good working system. 2. You MUST have at least an 8GB USB thumb drive in order to build the installation media. Without it you'll need to either borrow one or buy one. Otherwise you'll need to physically take the computer into a repair shop. 3. Once you've downloaded the Media Creation tool you double click to install and run it. Then follow the directions on that page to create the media for ANOTHER computer onto a USB stick. 4. Then once the USB stick is finished you insert it into the infected computer. Then use the Function key for your system to bring up the boot menu selection. You can look that up on the manufacturer site or let me know the brand and model number and I can probably get that for you. No, we are not going to delete any files. Again, if you're that concerned about files you really should back them up now though before getting started.

Good, good. Please run the 3 steps from post #12

Can you run the 3 steps from post #12 again and then attach the logs when ready?

Okay, it looks like network is working. Is that correct?

Well we're not currently installing Windows. We're using it to boot to the Repair Disk to see if we can fix Windows or not. The process won't delete your files but if you want to attempt to save them then I would highly suggest you use or buy a small USB drive big enough to hold your data. Then set it aside and hope and pray that some day someone does release a key. Without that key there is no one that will be able to recover your files. If this were my own computer or a family member I'd probably just pull the hard drive out and set it aside in a ZipLock bag and label it with date and time and name of the infection as well as the link to Bleepingcmputer about it and check back every so often to see if someone has found a key. Then take a new hard drive and put in the computer and reinstall Windows. That would be my advice but we can try to see if we can get this version of Windows running again or not.

No, you don't have to transfer your files to a new drive. But at this point if they're encrypted you will not be able to restore them until or if a key is released to decrypt them. The following link will allow you to download the Windows media and burn to a USB stick. https://www.microsoft.com/en-us/software-download/windows10

Well we're not really done at this point unless you don't want to continue. I need to get the logs back so that I can review for any further possible updates, changes, or recommendations @ocmone

Thank you. I will submit to our Research Team. Do you still need help with cleaning any of these systems?

No, it cannot damage the hardware. So have you downloaded a Windows 10 ISO image and built a bootable USB disk? You need to do that in order to boot into a recovery console that might be able to fix it. If not at least you can browse to copy things if needed but with your data encrypted aside from copying it to an external drive and saving it for the future in case someone does post a key to unlock it at some point in the future it's probably best to just take a new hard drive and reinstall Windows and then work on setting up a better backup routine so this doesn't happen again in the future.

Well for now you're computer is not really allowing you to log on with anything that is working or will save correctly. Please go ahead and attempt another restore if you have to but at some point you might just be better off making sure your data is backed up to an external source and then formatting the drive and installing Windows fresh again to ensure you don't have any issues like this. Then getting into the habit of making good backups. We can help with advice on that if needed. Let me know once you have it restored again and post back new FRST logs.

Address lookup lookup failed 104.26.8.153 Could not find a domain name corresponding to this IP address. The IP for the URL provided returns the following addresses 104.26.9.153 104.26.8.153 2606:4700:20::681a:899 2606:4700:20::681a:999 There was a block on the IP 104.26.9.153 but was removed about a year ago. We do not have a block on either IP listed. We do have a Malwarebytes Browser Guard block on the site per your original message. I will move your topic to the correct Malwarebytes Browser Guard forum where they can assist you. Thank you

We are currently restructuring hpHosts and it will no longer be updated. You could however check out our browser extension product. Malwarebytes Browser Guard https://www.malwarebytes.com/browserguard Filters out annoying ads and scams while blocking trackers that spy on you. The browser extension that beats the scammers Malwarebytes Browser Guard crushes unwanted and unsafe content, giving you a safer and faster browsing, Not only that, it is the world’s first browser extension that can identify and stop tech support scams. We take on the bad guys so you don’t have to.