Jump to content

Maurice Naggar

Experts
  • Posts

    35,965
  • Joined

  • Days Won

    169

Everything posted by Maurice Naggar

  1. Let's do one scan with Malwarebytes Adwcleaner to check for adwares. Just before pressing that "scan" button, be sure that Chrome & Edge, or other web browser are Closed. It will not take much time, First download & save it download link Then be sure to close all web browsers after the download & before launching the tool. Then go to where the EXE file is saved. Start Adwcleaner. Then do a scan with Adwcleaner NOTE: IF Adwcleaner in the results shows "no items" flagged, then please click on the button marked "Run Basic Repair"
  2. Just simply leave the Quarantine items just where they are now, in the Quarantine. I will be posting another action scan for this pc
  3. To answer your question at the very top No you are not cooked. There are some P U P Optional type adwares. You just need to TICK select all lines for action and removal.
  4. Next steps. First some housekeeping, and then one Scan. Start Malwarebytes. Click Settings ( gear ) icon. Next, let us make real sure that Malwarebytes does NOT register with Windows Security Center Click the Security Tab. Scroll down to "Windows Security Center" Click the selection to the left for the line "Always register Malwarebytes in the Windows Security Center". { We want that to be set as Off .... be sure that line's radio-button selection is all the way to the Left. thanks. } This will not affect any real-time protection of the Malwarebytes for Windows 😃. now Click the General tab. Under Application updates, click the Check for updates button. When it shows a new version available, Accept it and let it proceed forward. Be sure it succeeds. If prompted to do a Restart, just please follow all directions. Next, the Malwarebytes scan Next, click the small x on the Settings line to go to the main Malwarebytes Window. Next click the blue button marked Scan. When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical. >>>>>> 👉 You can actually click the topmost left check-box on the very top line to get ALL lines ticked ( all selected). <<<< 💢 MB4_scan_tick_ALL.jpg.d5c4071c62ed66534301fbb217b93bc0.jpg Please double verify you have that TOP check-box tick marked. and that then, all lines have a tick-mark Then click on Quarantine button. MB4_scan_all_Quarantine2.jpg.6c45445994d4125c0b617ac7c5551e03.jpg Then, locate the Scan run report; export out a copy; & then attach in with your reply. See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4
  5. Hi, I will guide you. Do these 2 steps FIRST so that files and folders are set to SHOW, plus also, Turn OFF Windows Fast Start. Show-Hidden-Folders-Files-Extensions https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/ Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/
  6. Good day to you. How is it going as far as all my previous suggestions ? Also, what is current status as to the main issue ? Please advise.
  7. This is only for after finishing the ESET Onlinescanner and you attaching the log from ESET. These here are the next steps. If you run into a issue or problem, then please be sure to Stop and ask me first for guidance. These procedures will help to get your Windows in better state. the custom script will be a big help. Please do the following actions, so that Microsoft Defender antivirus runs side-by-side along with Malwarebytes. Start Malwarebytes. Click Settings ( gear ) icon. Next, lets make real sure that Malwarebytes does NOT register with Windows Security Center Click the Security Tab. Scroll down to "Windows Security Center" Click the selection to the left for the line "Always register Malwarebytes in the Windows Security Center". { We want that to be set as Off .... be sure that line's radio-button selection is all the way to the Left. thanks. } IF that line-selection is greyed-out unavailable, do not fret. Just skip over that. This will not affect any real-time protection of the Malwarebytes for Windows 😃. Close Malwarebytes. > NEXT, Please be sure to do a WINDOWS RESTART. Then please wait for the system to settle and showing ready for use. There is a serious infection of a fake "Googleupdater" scheduled task along with two bundled "googleupdater" services. Please run the following custom script. Read all of this before you start. The meaning of the "Fix button" operation here is just to run a custom script just for this particular machine. NOTE-1: This custom fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will remove the "GoogleUpdater" exploit malware infection. It will attempt to run scans with Microsoft Defender antivirus. It will attempt to clear Cache files of web browsers. It will attempt to clear temporary file areas. It rebuilds the Winsock. Depending on the speed of your computer this fix may take 50-55 minutes or more. Please Close all open work before you actually do begin this run. FRSTENGLISH program location: at this folder C:\Users\Pedro\AppData\Local\Temp\mwb8871.tmp\FRSTEnglish.exe The tool is already on system. That is what we will use. Please download the attached fixlist.txt file and save it to folder C:\Users\Pedro\AppData\Local\Temp\mwb8871.tmp\ Fixlist.txt- < - - - - NOTE. It's important that both files, FRSTENGLISH, and fixlist.txt are in the same location or the fix will not work. Right-click with your mouse on FRSTENGLISH and select "Run as Administrator" and reply Yes and allow it to proceed when prompted. That is important. next, press the Fix button just once and wait. You will see a green-color scroll display while FRST is running. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the C:\Users\Pedro\AppData\Local\Temp\mwb8871.tmp\ folder (Fixlog.txt) . Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. The system will be rebooted after the fix has run. Attach FIXLOG.txt with next reply. NOTICE: For potential outside readers, This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause harm. [/color] Please stick with me until after I give the all clear. There will be more to do later.
  8. Hello. My name is Maurice. I will guide you. The last Malwarebytes scan 2024-03-10 09:33:45 reported no malicious infection. But there is a real-time website IP block which refers to a domain "mdtradio.com". The real-time web protection is keeping the pc safe from potential harm. Removing pesky malware can be an involved set of tasks over separate runs. Have much patience. Follow my directions. Please don't run any other scans, download, install or uninstall any programs while I'm working with you. Only run the tools I guide you to. Do not run online games while case is on-going. Do not do any free-wheeling web-surfing. The removal of malware isn't instantaneous, please be patient. Cracked or or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure. Please stick with me until I give you the "all clear". If your system is running Discord, please be sure to Exit out of it while this case is on-going. Do these 2 steps so that ALL folders & Files are set to SHOW, plus also, Turn OFF Windows Fast start. 1. Show-Hidden-Folders-Files-Extensions https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/ 2. Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ As a next step, I suggest the following: This is for a scan with ESET Onlinescanner (free). ESET is a well-respected, well-known entity and tool. ESET Onlinescanner checks for viruses, other malware, adwares, & potentially unwanted applications. This here you can start & once it is under way, you can leave the machine alone & let it run over-night. No need to keep watch once it starts the actual scan run. Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. If upon launching the Esetonlinescanner, there is a windows-message box displaying A driver cannot load on this device. Driver ehdrv.sys then, please, TICK the check-box "Don't show this message again" and then, click the Close button on that window-box. The ESET scan will proceed forward. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes When prompted for scan type, Click on CUSTOM scan and select C drive to be scanned Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You may step away from machine &. Let it be. That is, once it is under way, you should leave it running. It will run for several hours. At screen "Detections occurred and resolved" click on blue button "View detected results" On next screen, at lower left, click on blue "Save scan log" View where file is to be saved. Provide a meaningful name for the "File name:" On last screen, set to Off (left) the option for Periodic scanning Click "save and continue" Please attach the report file so I can review
  9. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
  10. Hello. For your benefit, and possibly other readers, the issue of not accessing antivirus & security sites was cleared away. Cured. Alas, I have not heard back from you. I had suggested the scan with Kaspersky.
  11. I understand that you did a Factory Reset. Do these 2 steps so that ALL folders & Files are set to SHOW, plus also, Turn OFF Windows Fast start. 1. Show-Hidden-Folders-Files-Extensions https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/ 2. Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ Next, you can simply download & save a new copy of the tool FRST64.exe from this link https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Go to where FRST64 was saved. RIGHT-click on FRST64.exe and select Run as Administrator and tap ENTER. And reply YES to allow to proceed. When the tool opens click Yes to the disclaimer. And be very sure to TICK the box for Addition.txt Press the Scan button. It will make a log (FRST.txt & Addition.txt) in the same directory the tool is run Have patience since the run may take something like 10 or so minutes (less depending on your hardware speed) Close Notepad IF those show up on Notepad. Just please Attach the 2 files FRST.txt +Addition.txt with your next reply. ( 2 ) Download Farbar's Service Scanner utility and Save to your Desktop. Right-Click on fss.exe and select Run As Administrator. Answer Yes to ok when prompted. If your firewall then puts out a prompt, again, allow it to run. Once FSS is on-screen, be sure the following items are check-marked: Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender Other services Click on "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please attach that file.
  12. I regret the trouble. Please have added patience. I'll get you through this. Power off the pc at the power-button and wait like one minute. The next time, IF a repair prompt with options is shown, do not click repair. Instead click Advanced Options. Click the Advanced options button. 2. Click on Troubleshoot. 3. Click on Advanced options. Click on "Command Prompt" Let me know once after you have it there.
  13. Please first, be sure to CLOSE any programs or apps you have open at this time. Next, be sure to do a Windows RESTART. Then wait for system to be fully ready. Then, please,run the following custom script. Read all of this before you start. The meaning of the "Fix button" operation here is just to run a custom script just for this particular machine. NOTE-1: This custom fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will attempt to remove the obvious infections. It will also run some scans with Microsoft Defender antivirus. It will attempt to clear Cache files of web browsers. It will attempt to clear temporary file areas. It rebuilds the Winsock. Depending on the speed of your computer this fix may take 50-55 minutes or more. Please Close all open work before you actually do begin this run. FRSTENGLISH program location: Downloads folder. The tool is already on system. That is what we will use. Please download the attached fixlist.txt file and save it to Downloads Fixlist.txt<- < - - - - NOTE. It's important that both files, FRSTENGLISH, and fixlist.txt are in the same location or the fix will not work. Right-click with your mouse on FRSTENGLISH and select "Run as Administrator" and reply Yes and allow it to proceed when prompted. That is important. next, press the Fix button just once and wait. You will see a green-color scroll display while FRST is running. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Downloads folder (Fixlog.txt) . Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. The system will be rebooted after the fix has run. Attach FIXLOG.txt with next reply. NOTICE: For potential outside readers, This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause harm. This is ONLY the first round. The infections have also dinged / damaged some Windows key security services. There will be more fixing later, along with running other reports and doing other security scans. Stick with me Until I give the all clear. Meantime, no games and no un-necessary web surfing. If you run into a issue or a hitch, then STOP and let me know and wait for my reply and guidance. This set of infections is multi-faceted.
  14. Have Lots of patience. It depends on speed of machine and how many active programs it is running
  15. Hello Calvin. My name is Maurice. I will guide you. Please do all the steps listed by Porthos. Please be sure you attach the ZIP report, so I can review with the goal to help you get the pest-s- off your system. Removing pesky malware can be an involved set of tasks over separate runs. Have much patience. Follow my directions. Please don't run any other scans, download, install or uninstall any programs while I'm working with you. Only run the tools I guide you to. Do not run online games while case is on-going. Do not do any free-wheeling web-surfing. The removal of malware isn't instantaneous, please be patient. Cracked or or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure. Please stick with me until I give you the "all clear". If your system is running Discord, please be sure to Exit out of it while this case is on-going Please have lots of patience, as we will be doing different procedures over different runs. Please know that I am a volunteer here on this forum. I volunteer as time permits.
  16. Hello. Checking in on this case. Did you see my last reply, suggesting a scan with Kaspersky. Really recommend
  17. Hi. Thanks. The end result is good. No actual infection here. Just one setting put back to normal on MS Defender. I am suggessting just one more different scan, with a different trusted scanner, this by Kaspersky. By the way, this scan will take several hours. Once you have it started and you see it is under-way, you may leave the computer to do its thing. No need to watch it as it runs. Now a different scan with another security scanner. You should first Close as many of your open-user app-screens as possible. That is to say, Exit all that you do not need to have open. This with Kaspersky KVRT tool. Download Kaspersky Virus Removal Tool (KVRT) from here: https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool and save to your Desktop. Next, Select the Windows Key and R Key together, the "Run" box should open. Drag and Drop KVRT.exe into the Run Box. C:\Users\Elyas\DESKTOP\KVRT.exe will now show in the run box. add -dontencrypt Note the space between KVRT.exe and -dontencrypt C:\Users\Elyas\DESKTOP\KVRT.exe -dontencrypt should now show in the Run box. That addendum to the run command is very important. To start the scan select OK in the "Run" box. The Windows Protected your PC window "may" open, IF SO then select "More Info" A new Window will open, select "Run anyway" A EULA window will open, tick both confirmation boxes then select "Accept" Go slow & careful on this part. In the new window select "Change Parameters" In the new window ensure the following boxes are ticked: System memory Startup objects Boot sectors System drive Then select "OK" and "Start scan“. The Kaspersky tool is very thorough so will take a considerable time to complete, please allow it to finish. Also while Kaspersky runs do not use your PC for anything else.. you completed: If entries are found, there will be options to choose. If "Cure" is offered, leave as it is. For any other options change to "Delete", then select "Continue". Usually, your system needs a reboot to finish the removal process. Logfiles can be found on your systemdrive (usually C: ), similar like this: Reports are saved here C:\KVRT2020_Data\Reports and look similar to this report_20240305_203000.klr Right click direct onto those reports, select > open with > Notepad. Save the files and attach them with your next reply Have lots of patience, as this will most likely run for many hours.
  18. The ESET scan found one trojan and one PUP. All the rest were already in the Adwcleaner Quarantine, or else in the FRST Quarantine. I need for you to run a different scan. The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted items from a system. This tool does not install. It is run on-demand. This link is for the 64-bit version of MSERT.exe . Be sure you save the file first Upon completion of the save, Please make sure you Exit out of any other program you might have open so that the sole task is to run the following scan. That goes especially for web browsers, make sure all are fully exited out of and messenger programs are exited and closed as well Launch MSERT.exe Accept the agreement terms of Microsoft Select CUSTOM scan Look on Scan Options & select CUSTOM scan & then select the C drive to be scanned. Then start the scan. Have lots of patience. Once you start the scan & you see it started, then leave it be. Once you see it has started, take a long long break; walk away. Do not pay credence if you see some intermediate early flash messages on screen display. The only things that count are the End result at the end of the run. Again, any on-screen display about repeat 'infection' is not to be relied on. Ignore those. We only rely on the end result that is on the log-report-file. This is likely to run for many hours ( depending on number of files on your machine & the speed of hardware.) The log is named MSERT.log the log will be at Windows\debug\msert.log Please attach that log with your reply It is normal for the Microsoft Safety Scanner to show 'detections' during the scan process on the screen itself. It is scanning for basically all bread crumbs or traces of files and registry entries that "might" be or have been part of some infection or previous infection. That DOES NOT mean the computer is infected. Once the scan has been completed it uploads the log to their Cloud service which then uses Artificial Intelligence to determine if in fact any of the traces are an infection or not.
  19. The actual scan by ESET Online scanner takes several hours. No rush. No worries.
  20. Hello. Thank you for the reports. The custom script run is good. Although, I will likely have you do a third run to remove old detection history of MS Defender, because it has old detections lists from last year, and some older. As to the Malwarebytes scan, It detected a lot of PUP type items, two suspicious malware, and a riskware. BUT because you did not TICK all the lines for removal, we need to do a new run like I list below. Launch Malwarebytes. Next click the blue button marked Scan. When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical. >>>>>> 👉 You can actually click the topmost left check-box on the very top line to get ALL lines ticked ( all selected). <<<< 💢 Please double verify you have that TOP check-box tick marked. and that then, all lines have a tick-mark Then click on Quarantine button. Then, locate the Scan run report; export out a copy; & then attach in with your reply. See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4 ( 2 ) A request please I would like to get a copy of what we placed in Quarantine, from the runs I had you do. Please. Using Windows File Explorer, Navigate to C:\FRST folder on your system. Expand the folder so you see all contentsRight click on Quarantine > Send to > Compressed (zipped) folder. Upload the archive in your next reply. If archive is too big you can upload here > https://wetransfer.com/ Thank you! ( 3 ) As a next step, I suggest the following: This is for a scan with ESET Onlinescanner (free). ESET is a well-respected, well-known entity and tool. ESET Onlinescanner checks for viruses, other malware, adwares, & potentially unwanted applications. This here you can start & once it is under way, you can leave the machine alone & let it run over-night. No need to keep watch once it starts the actual scan run. Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. If upon launching the Esetonlinescanner, there is a windows-message box displaying A driver cannot load on this device. Driver ehdrv.sys then, please, TICK the check-box "Don't show this message again" and then, click the Close button on that window-box. The ESET scan will proceed forward. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes When prompted for scan type, Click on CUSTOM scan and select C drive to be scanned Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You may step away from machine &. Let it be. That is, once it is under way, you should leave it running. It will run for several hours. At screen "Detections occurred and resolved" click on blue button "View detected results" On next screen, at lower left, click on blue "Save scan log" View where file is to be saved. Provide a meaningful name for the "File name:" On last screen, set to Off (left) the option for Periodic scanning Click "save and continue" Please attach the report file so I can review
  21. Hi. Thanks for the log report. Your work responsibility ranks first. No worries about the reply time that elapsed. The run is good, but it timed out once it went past the one hour limit, We need to do a Seoncd round. As I noted, this past run is Good. The pesky coin-miner pest is removed. The custom-run is good. The Windows System File Checker has made some corrections. Windows Resource Protection found corrupt files and successfully repaired them. This last run has completed what was originally intended. And , yes, Adwcleaner has helped. Now, look on Downloads folder. IF there is a file named Fixlist.txt then please be sure to delete it. NEXT Do a Windows RESTART Then Please run the following custom script. Read all of this before you start. The meaning of the "Fix button" operation here is just to run a custom script just for this particular machine. Please Close all open work before you actually do begin this run. FRST64.exe program location: Downloads folder. The tool is already on system. That is what we will use. Please download the attached fixlist.txt file and save it to Downloads Fixlist.txt- < - - - - NOTE. It's important that both files, FRST64, and fixlist.txt are in the same location or the fix will not work. Right-click with your mouse on FRST64 and select "Run as Administrator" and reply Yes and allow it to proceed when prompted. That is important. next, press the Fix button just once and wait. You will see a green-color scroll display while FRST is running. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Downloads folder (Fixlog.txt) . Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. The system will be rebooted after the fix has run. Attach FIXLOG.txt with next reply. Next Malwarebytes can detect and remove most malware with no further actions required for free. Please download, install, update Malwarebytes from this link and do a Threat Scan with Malwarebytes see guide link and post back the log as shown below. Then, locate the Scan run report; export out a copy; & then attach in with your reply. See see how-to link Next Please do the following actions, so that Microsoft Defender antivirus runs side-by-side along with Malwarebytes. Start Malwarebytes. Click Settings ( gear ) icon. Next, lets make real sure that Malwarebytes does NOT register with Windows Security Center Click the Security Tab. Scroll down to "Windows Security Center" Click the selection to the left for the line "Always register Malwarebytes in the Windows Security Center". { We want that to be set as Off .... be sure that line's radio-button selection is all the way to the Left. thanks. } IF that line-selection is greyed-out unavailable, do not fret. Just skip over that. This will not affect any real-time protection of the Malwarebytes for Windows 😃. Close Malwarebytes. > Then, at this point, Let me know How the system is doing ? 😄 Do stick with me. There is more to do after this. 😃
  22. Next, but only after you have finished the steps above, Including the special run of Adwcleaner. There is a serious infection of a fake "Googleupdater" scheduled task along with two bundled "googleupdater" services. Please run the following custom script. Read all of this before you start. The meaning of the "Fix button" operation here is just to run a custom script just for this particular machine. NOTE-1: This custom fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will remove the "GoogleUpdater" exploit malware infection. It will attempt to run scans with Microsoft Defender antivirus. It will attempt to clear Cache files of web browsers. It will attempt to clear temporary file areas. It rebuilds the Winsock. Depending on the speed of your computer this fix may take 50-55 minutes or more. Please Close all open work before you actually do begin this run. FRST64.exe program location: Downloads folder. The tool is already on system. That is what we will use. Please download the attached fixlist.txt file and save it to Downloads Fixlist.txt- < - - - - NOTE. It's important that both files, FRST64, and fixlist.txt are in the same location or the fix will not work. Right-click with your mouse on FRST64 and select "Run as Administrator" and reply Yes and allow it to proceed when prompted. That is important. next, press the Fix button just once and wait. You will see a green-color scroll display while FRST is running. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Downloads folder (Fixlog.txt) . Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. The system will be rebooted after the fix has run. Attach FIXLOG.txt with next reply. NOTICE: For potential outside readers, This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause harm.
  23. Hello. My name is Maurice. I will guide you. Removing pesky malware can be an involved set of tasks over separate runs. Have much patience. Follow my directions. Please don't run any other scans, download, install or uninstall any programs while I'm working with you. Only run the tools I guide you to. Do not run online games while case is on-going. Do not do any free-wheeling web-surfing. The removal of malware isn't instantaneous, please be patient. Cracked or or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure. Please stick with me until I give you the "all clear". If your system is running Discord, please be sure to Exit out of it while this case is on-going. Do these 2 steps so that ALL folders & Files are set to SHOW, plus also, Turn OFF Windows Fast start. 1. Show-Hidden-Folders-Files-Extensions https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/ 2. Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ 3. If possibly you have a browser issue, can you try using a different web browser? But in any event, always SAVE the downloads I guide you to. Then after download is complete, you go to the file using File Explorer. and only then, launch it from there. Let's do one special run with Malwarebytes Adwcleaner. It will not take much time, Read over all lines before starting so that you have a good understanding of the whole method. Take your time and go careful. I ant to make sure you select all of what I list below - before- pressing the "scan" button. First download & save it download link Then go to where the EXE file is saved. Start Adwcleaner. Do not rush. There are a few first choices to set as I have listed below. Reply YES at the Windows prompt to allow the program to proceed and make changes. That is the usual Windows security prompt. When AdwCleaner starts, on the left side of the window, click on “Settings” and then enable these repair actions on that tab-window by clicking their button to the far-right for ON status Delete IFEO keys Delete tracing keys Delete Prefetch files Reset Proxy Reset IE Policies Reset Chrome policies Reset Winsock Reset HOSTS file ONLY after you have set the selections above ....only after that ..... Now On the left side of the AdwCleaner window, click on “Dashboard” and then click “Scan” to perform a computer scan. This can take several minutes. When the AdwCleaner scan is completed it will display all of the items it has found. Click on the “Quarantine” button To remove what it found. AdwCleaner will now prompt you to save any open files or data as the program will need to close any open programs before it starts to clean. Click on the “Continue” button to finish the removal process. Guide article I will have more for you later. Stick with me. and just do not do anything else on your own. If you run into any problem, or glitch, then Stop and post the detail for me so that I can assist you.
  24. I need the same two reports like before. AND next time, stop and Ask me first before you do any changes of any sort. I need different reports. See that you do all of them. If EDGE or Windows Smartcreen make a claim that the tools are "a threat" then please use another web browser if possible. Save the next download to either the Desktop, or else, to the Downloads folder. download & save a new copy of the tool FRST64.exe from this link Go to where FRST64 was saved. RIGHT-click on FRST64.exe and select Run as Administrator and tap ENTER. And reply YES to allow to proceed. When the tool opens click Yes to the disclaimer. And be very sure to TICK the box for Addition.txt Press the Scan button. It will make a log (FRST.txt & Addition.txt) in the same directory the tool is run Have patience since the run may take something like 10 or so minutes (less depending on your hardware speed) Close Notepad IF those show up on Notepad. Just please Attach the 2 files FRST.txt +Addition.txt with your next reply. ( 2 ) Download Farbar's Service Scanner utility and Save to your Desktop. Right-Click on fss.exe and select Run As Administrator. Answer Yes to ok when prompted. If your firewall then puts out a prompt, again, allow it to run. Once FSS is on-screen, be sure the following items are check-marked: Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender Other services Click on "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please attach that file. Please have Lots of patience. Do stick with me
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.