Jump to content

Maurice Naggar

Experts
  • Content Count

    25,876
  • Joined

  • Days Won

    37

Maurice Naggar last won the day on March 25

Maurice Naggar had the most liked content!

Community Reputation

295 Excellent

About Maurice Naggar

  • Rank
    Eradicator de malware emeritus

Profile Information

  • Location
    USA
  • Interests
    Security, Windows, Windows Update, malware prevention

Recent Profile Visitors

88,789 profile views
  1. Hello. First, before connecting /seating the connector to the USB, press & Hold the SHIFT-key on the keyboard until connection is fully seated. That will prevent any autoruns from USB device. . The USB can be scanned using Windows File Explorer right-click context menu. Looking at the left-side folder tree, right click and select Scan with Malwarebytes , or Scan with Microsoft Defender. . Be sure to do those 2 scans. Later, we can run other scans.
  2. Thanks for running the Malwarebytes. The fact of having run that is encouraging. The remaining issues can be cleared up. Please download the Farbar Recovery Scan Tool 64-bit and save it to your desktop. https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ After saving Right-click on FRST64.exe and select Run as Administrator to start the tool , and reply YES to allow it to proceed and run. _Windows 10 users will be prompted about Windows *SmartScreen protection* - click line More info information on that screen and click button Run anyway on nex
  3. Thanks for the ESET log report. I would have to remark, since a few files were tagged as hack tools & a 'license' activator... One must be super careful as to what one Downloads. Be careful to stay away from dodgy sites. Ones that tout free stuff that evades software licenses. The latter are a sure way to get a encrypting ransomware infection. . Hopefully here you may just have had a trojan. We will run more scans. We want to be sure nothing else is around. Rebuilding the whole system from scratch is your choice. Though here, there are possible avenue for
  4. Hello Please let me know what name you prefer to be addressed. My name is Maurice. I will be guiding you. Tell me, What is the version of Windows ? Is it Windows 10 ? What is the antivirus program on this system? Is it Windows Microsoft Defender ? Do you use a web browser to get Email ? If yes, which one exactly? You likely should as a very first step, disconnect the network connection in Windows Settings & then run a full scan with the Windows Defender antivirus. Have it remove what it finds. Much patience needed here. As this wi
  5. Let's be sure that you do not run any programs on your own. It's important that I guide you. . I would suggest a free scan with the ESET Online Scanner Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Wind
  6. Hello. Sorry to read of your issues. Let's have you get, save, & then run the Malwarebytes anti-rootkit tool MBAR. See this how to Disregard the title of the article. https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/ Let me know the result. Also attach the log file from the run.
  7. Thanks for sending the Zip report. That shows that the Malwarebytes program is just Not installed. And unfortunately as well, there is no old scan history. We need to reuse the mb-support tool to do a new Clean install operation. Go to where you saved the mb-support-1.8.4.896.exe Then double-check on it to get it to start. Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by
  8. I regret to read this news. We need to get a fresh readout report. First we need to set your Windows to Show All files, folders, including hidden files. Use this guide. https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html Please download the Farbar Recovery Scan Tool 64-bit and save it to your desktop. Right-click on FRST64.exe and select Run as Administrator to start the tool , and reply YES to allow it to proceed and run. _Windows 10 users will be prompted about Windows *SmartScreen protection* - clic
  9. Hi, My name is Maurice. I will be helping and guiding you, going forward on this case. Let me know what first name you prefer to go by. Please follow my directions as we go along. Please do not do any changes on your own without first checking with me. Please only just attach all report files, etc that I ask for as we go along. I would appreciate getting some key details from this machine in order to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the prog
  10. My preceding last file that I had attached is Rexfiled.txt Make doubly sure you saved it to the DESKTOP. Make doubly sure you Renamed it to Rexfiled.reg That is so critical ! go to the Taskbar search box, type in REGEDIT.exe and press Enter-key from Regedit menu bar, select File then select IMPORT navigate the dialog (click on DESKTOP icon on left to select it) type in Rexfiled.reg the Filename text-box and click Open button. Once the merge is complete, you will see a conf
  11. Did you follow all of my last write_up reply ? We need to save the attachment I sent . Save it directly. Then RENAME it with .Reg as the file extension. ( Leaving out the TXT . The new name should be REXFILED.REG Then you can just double click on file REXFILED.REG That ought to start the merge operation automatically. This is all independent of your original report file. Any merge operation is on the system registry of Windows itself.
  12. Thank you & bravo. All of the exclusions on the policies for Microsoft Defender are PATH Exclusions. There are at least 2 things that need doing. First is to get the exclusions out of the registry. Save the file Rexfiled that I am attaching to your Desktop. Save it as-is . Next, go to Desktop. Right-click on it and select Rename ; Rename it to Rexfiled.REG Next, right-click on it and select MERGE and allow it to go forward and update the registry. There should be a confirmation. Keep me advised. There is more to do. Rexfiled.txt
  13. Copy this & PASTE. & Run reg export "HKLM\SOFTWARE\policies\Microsoft\Windows defender\exclusions" C:\windows\temp\REXFILE1.txt File should be created at Windows\temp
  14. Sorry. My bad. I goofed by missing the ending double quote. Copy this & PASTE. & Run reg export "HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows defender\exclusions" "%USERPROFILE%\Desktop\REXFILE1.txt"
  15. Good morning. When you have time & opportunity, the following is intended to query the system & export out information details about "exclusions" that are present for Microsoft Defender antivirus. This will not take a lot of time. On the Windows taskbar , on the Windows search box, type in cmd.exe and then look at the entire list of choices, and click on Run as Administrator. Once the Command prompt window is up, copy > paste the line in the code-box below into the command-window. It is best to use COPY & Paste for the following
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.