Jump to content

Maurice Naggar

Experts
  • Posts

    27,521
  • Joined

  • Days Won

    74

Everything posted by Maurice Naggar

  1. Thank you for the log file. The run did clear the working area for Windows Update. Hoping that that will help out. How is the pc at this point ? Could you do one new scan with Malwarebytes for Windows ?
  2. C:\Windows is indeed the normal (default) system directory for the Windows 10 Operating system. [ WINNT is not typically seen on modern-day Windows 10 for consumers ( meaning home users and single users). Some corporations though might possibly engineer something specific]. What I suspect you recall about Winnt is from a old old Windows version from long ago, like maybe Windows 2000. Anyhow, put that to rest. Your Windows now is in the right place. If you wish, you can do a different other scan to scan your machine. I would suggest a free scan with the ESET Online Scanner. This will be another check for viruses, other malware, adwares, & potentially unwanted applications. NOTE: This scan can take several hours ( depending on how many files are on the system & also on the speed of the hardware ). Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes When prompted for scan type, Click on Full scan Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You may step away from machine &. Let it be. You should ignore all prompts to get the ESET antivirus software program. ( e.g. their standard program). You do not need to buy or get or install anything else. When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”. Click The blue “Save scan log” to save the log. If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” ( in blue, at bottom). Press Continue when all done. You should click to off the offer for “periodic scanning”. Please make sure you attach the log report.
  3. It seems this machine has a issue doing updates for Windows. The following is a custom script to try to help. First please Delete the prior file named Fixlist.txt on the Downloads. then Please save the (attached file named) FIXLIST.txt to the Downloads folder Fixlist.txt The custom script on this post is ONLY for this machine and NO other. Please be sure to Close any open work files, documents, any apps you started yourself before starting this. If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached, please disconnect any of those. The system will be rebooted after the script has run. Start the Windows Explorer and then, to the Downloads folder. RIGHT click on FRSTENGLISH.exe and select RUN as Administrator and allow it to proceed. Reply YES when prompted to allow to run the tool. If the tool warns you the version is outdated, please download and run the updated version. IF Windows prompts you about running this, select YES to allow it to proceed. IF you get a block message from Windows about this tool...... click line More info information on that screen and click button Run anyway on next screen. on the FRST window: Click the Fix button just once, and wait. PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. If you receive a message that a reboot is required, please make sure you allow it to restart normally. The tool will complete its run after restart. When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run. Please attach the FIXLOG.txt with your next reply later at your next opportunity.
  4. To your last line, it is super to read that this Windows has been upgraded to build 21H1 😁 👍 😎 I cannot be sure which scanner you refer to here ? ....BUT it is normal for a security scanner to "not be able to open a file". That can and does happen. It does not equate to a "infection".
  5. I am glad that you follow good practices and have kept your systems safe. As to the remark about a "feeling" about Susan Bradley, I feel compelled to make some remarks. Susan Bradley is highly regarded in the Microsoft Windows community. Besides writing articles at Windows Secrets community, she has for many many years done a lot of volunteer contributions at Microsoft community venues and is highly regarded in the community. That is to say, in addition to her professional work. I do know that she indeed knows stuff. She also has direct experience. You may view one of her profiles here.
  6. Hello. The following lists the steps to do a manual ( on-demand ) update of the definitions of the Windows 10' Microsoft Defender antivirus. Your Windows is a 64-bit one. The gist of the steps is to download the 64-bit update package AND save it, when done, to run that exe file. Go to this link at Microsoft https://www.microsoft.com/en-us/wdsi/defenderupdates Scroll down to section "Manually download the update". Look down to the table with list of 7 lines. Only look at the first line "Microsoft Defender Antivirus for Windows 10 and Windows 8.1". Then click the blue-color link for "64-bit". Be sure to SAVE the file. After that completes, go to where you saved the file mpam-fe.exe Then double-click on mpam-fe.exe to start the update.
  7. Thanks. That's good. We can keep this thread open for a few more days.
  8. Thanks for the report zip from the support tool. The only items I see in Quarantine are related to C:\PROGRAMDATA\KMSAutoS whose content is classified as HackTool.KMS. Cant tell what brand/model of computer hardware this is. Nor its network driver hardware. Howeer, the report from Farbar FRST report shows, that Windows is logging these network-hardware "errors". There is one thread on Microsoft Answers forum you should check out. Apply the tips listed by Kevin Bart https://bit.ly/3kYYsG9
  9. Hello. I was only just curious about the bottom line status shown by ESET. I cannot do anything with the XML file. Plus there is a issue of the language. Lets do one new Windows Update "Check for Updates" run. See Microsoft tip article https://bit.ly/3zW2EN1 In Turkish https://bit.ly/3BN9G7k The basic idea is to insure that the Windows operating system is all up-to-date with security updates.
  10. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you
  11. Hi. You are very welcome. I am glad to have worked with you. We can proceed with cleanup of tools we used. To remove the FRST64 tool & its work files, do this. Go to your Desktop folder. Do a RIGHT-click on FRST64.exe & select RENAME & then change it to UNINSTALL.exe . Then run that ( double click on it) to begin the cleanup process. Any other download file I had you download, you may delete. I wish you all the best. Stay safe. Sincerely. Maurice
  12. Ok. Let's see whether or not any further flagging of mpengine.dll happens over the next few days. Meanwhile, lets do one new Windows Update "Check for Updates" run. See Microsoft tip article https://bit.ly/3zW2EN1
  13. Hello. I was recently doing some unrelated research & then ran into an article about "unblock" option. This type of action could be helpful ( perhaps) here. See this article at Tenforums https://www.tenforums.com/tutorials/5357-unblock-file-windows-10-a.html see OPTION ONE >> Unblock File in Properties Apply that to your pc's copy of adwcleaner.exe
  14. The most recent Malwarebytes scan is the one clocked at 7:30 PM local and it found nothing. That is what counts. What is in Quarantine is not a cause for concern because it is permanently out of the way. Cannot tell what it was about the 1 DLL. It may have been a one time event. Maybe a update issue. But updates for this MS Defender should be not frequent since the resident antivirus here is Avast. Lets see if we can do a manual on-demand update for Defender using the Windows Powershell. We will use a custom script. Please save the (attached file named) FIXLIST.txt to the Downloads folder Fixlist.txt The custom script on this post is ONLY for this machine and NO other. Please be sure to Close any open work files, documents, any apps you started yourself before starting this. If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached, please disconnect any of those. The system will be rebooted after the script has run. Start the Windows Explorer and then, to the Downloads folder. RIGHT click on FRSTENGLISH.exe and select RUN as Administrator and allow it to proceed. Reply YES when prompted to allow to run the tool. If the tool warns you the version is outdated, please download and run the updated version. IF Windows prompts you about running this, select YES to allow it to proceed. IF you get a block message from Windows about this tool...... click line More info information on that screen and click button Run anyway on next screen. on the FRST window: Click the Fix button just once, and wait. PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. If you receive a message that a reboot is required, please make sure you allow it to restart normally. The tool will complete its run after restart. When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run. Please attach the FIXLOG.txt with your next reply later, at your next opportunity.
  15. As I mentioned above, do not attempt to move Windows system files. This computer runs Windows 10. The operating system main folder is C:\Windows. Do not make changes on your own. I do see that the computer has ESET Security. I suggest you do one new scan with ESET. After it has finished, let me know the result.
  16. A serious note of caution. Do NOT go about copying or moving "files" from or to or between "Winnt" & "Windows". That is not the way to have a operating system like Windows. Do not copy things on your own while this case is active here. Thanks. I will make another reply later, as I can manage. Do keep in mind I am a volunteer doing this on personal time. I will review the report you last sent.
  17. [ A ] Thanks for the support-tool ZIP report. I see that Avast antivirus ( with Avast firewall) is the resident antivirus application. So it is standard for the real-time protection of Microsoft Defender to be off. That is quite normal and expected. I also see this pc has the Premium Malwarebytes for Windows. The Microsoft Safety scanner did not report any real malware. When the pc has Avast, it is expected that Defender's anti-spyware option will be set to Off (since Avast is the main & sole antivirus app here.) [ B ] Do one new scan. Start Malwarebytes for Windows. Click Settings. In the General tab, click on "Check for Updates " button. Watch & follow all prompts. Then click the Security tab. Scroll down and lets be sure the line in SCAN OPTIONs for "Scan for rootkits" is ON 👈 Click it to get it ON if it does not show a blue-color . Next, click the small x on the Settings line to go to the main Malwarebytes Window. Next click the blue button marked Scan. When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical. >>>>>> 👉 You can actually click the topmost left check-box on the very top line to get ALL lines ticked ( all selected). <<<< 💢 Please double verify you have that TOP check-box tick marked. and that then, all lines have a tick-mark Then click on Quarantine button. Then, locate the Scan run report; export out a copy; & then attach in with your reply. See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4
  18. After doing the action above, here is what I suggest as next steps. Please set File Explorer to SHOW ALL folders, all files, including Hidden ones. Use OPTION ONE or TWO of this article https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html Then I would urge you to do one manual run of "Check for Updates" on the Windows Security section of Windows 10. From the Start menu, select Settings, then select Update and Security. Next, look at the left-side menu & select Windows Security Next, In Windows Security section: Click on the grey button Open Windows Security Now, click on the shield Virus and threat protection By the way, when you see a green check-mark on your display, it means a good status and that protection is on. On the next display, look at all the options. Look down the list and see "Check for Updates" which I have highlighted with a blue icon. You can click on that to have the system check for updates for Windows Defender. NOTE: On this last screen, be sure to review the section on Exclusions to be sure that nothing of the path, process, or file /folder exclusions are ones that you yourself did not place there on your own.
  19. Hello @NEbr My name is Maurice. Let me know what name you prefer to go by. I will guide you. I need a report set for review. This is a report only. Please download MBST Support Tool Once you start it click Advanced >>> then Gather Logs Upload an archive once it is done. Attach the mbst-grab-results.zip from the Desktop. Please attach mbst-grab-results.zip to your reply , like displayed here. To send ( upload) attachments please click the "ADD Files" link . Then browse to where your file is located and select it and click the Open button. The file at issue is tagged as PUP.optional.slimware. The set of data from the report will provide much needed information. Please always attach reports as we go along.
  20. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you
  21. You are very welcome. Consider using PatchMyPC, keep all your software up-to-date - https://patchmypc.com/home-updater#download Let me suggest that you get your browsers each, as applicable, to have the Malwarebytes Browser Guard. See Support article how-to https://support.malwarebytes.com/hc/en-us/articles/360038520374-Install-Malwarebytes-Browser-Guard Note: If your pc has Windows 10 EDGE browser, or Opera or Brave or Vivaldi browser, you can install the Chrome version of the Malwarebytes Browser Guard ( on each as appropriate). . You can delete msert.exe Delete securitycheck.exe Delete mbst-grab-results.zip Delete esetonlinescanner.exe Delete mb-support-1.8.7.918.exe To remove the FRST tool & its work files, do this. Go to your Downloads folder. Do a RIGHT-click on FRSTENGLISH.exe & select RENAME & then change it to UNINSTALL.exe Then run that ( double click on it) to begin the cleanup process. Any other download file I had you download, you may delete. Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware. Stay safe. I wish you all the best. I am marking this case for closure.
  22. You can use the resident antivirus ( Avast) to scan the external drive. I take it that you are able to read the SecurityCheck report. There are many apps that either need latest updates or else, they are flagged because they are obsolete. The note on Asus is purely from the report tool SecurityCheck. No reason to think is is a actual infection. So if this pc needs that Asus applet, insure that it has the very latest from Asus. Microsoft .NET Framework 4.5.2 v.4.5.51209 Warning! Download Update LibreOffice 5.4.7.2 v.5.4.7.2 Warning! Download Update Microsoft Silverlight v.5.1.50918.0 <<< Uninstall that. Microsoft Officen pika-asennus 2010 v.14.0.4763.1007 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice Microsoft .NET Framework 4.5.2 (FIN) v.4.5.51209 Warning! Download Update Microsoft OneDrive v.21.150.0725.0001 Warning! Download Update Microsoft Office Starter 2010 - suomi v.14.0.4763.1007 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice Microsoft Office 2010 v.14.0.4763.1000 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice Microsoft PowerPoint Viewer v.14.0.7015.1000 Warning! This software is no longer supported. ASUS Live Update v.3.1.0 Warning! Your Windows may have been compromised. Please download diagnostic tool. paint.net v.4.2.12 Warning! Download Update Windows Live Essentials v.15.4.3538.0513 Warning! This software is no longer supported. Windows Live Mesh v.15.4.3502.0922 Warning! This software is no longer supported. Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger v.15.4.5722.2 Warning! This software is no longer supported. Windows Live Mail v.15.4.3502.0922 Warning! This software is no longer supported. Windows Live Mesh ActiveX Control for Remote Connections v.15.4.5722.2 Warning! This software is no longer supported. Windows Live Meshin etäyhteyksien ActiveX-komponentti v.15.4.5722.2 Warning! This software is no longer supported. Windows Live Mesh ActiveX-objekt til fjernforbindelser v.15.4.5722.2 Warning! This software is no longer supported.
  23. Thank you. That report is all good. How is your pc at this point ? Are you needing other help?
  24. Thank you for the status and information. I am unsure just how you went about "to format" this system. While the old file "Windows.old" is not a threat by itself ( it is not a threat) it being there sems to indicate you did a Windows upgrade-in-place. Windows 10 comes with the free built-in Microsoft Defender antivirus. That is normally good in most cases. Though it can be compromised & tampered with by some trojan malwares. As far as what is best all around as a antivirus, I would say the ESET. Lets get a report set for reiew. I would like to get a report set from this machine. This will be just a report collection. It does not make any changes. Please follow the tips carefully. Please download MBST Support Tool Once you start it click Advanced >> then Gather Logs Upload an archive once it is done. Attach the mbst-grab-results.zip from the Desktop. Please attach mbst-grab-results.zip to your reply , like displayed here. To send ( upload) attachments please click the link marked "ADD Files". Then browse to where your file is located and select it and click the Open button. Only after you are all set plus have uploaded the ZIP file, then press the button "Submit Reply" in blue color. Please have patience throughout this case. Understand also I am a volunteer here. Cheers.
  25. Thanks. The first file tagged ccsetup555.exe is the setup part of CCleaner. It's always tagged because it is bundled with some add-on toolbar. The second file advanced-systemcare-setup.exe / I cannot recommend any of it. Plus you do not need it. So the Safety scanner found no infection. Essentially the same from ESET scanner. and we had done a scan before with Malwarebytes for Windows. I am not seeing infection on this machine. Are you needing other help at this point? . What follows is only a report to see if there are apps needing updates, focus on security. It is only a report. Download SecurityCheck by glax24 from here https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe and save the tool on the desktop. If Windows's SmartScreen block that with a message-window, then Click on the MORE INFO spot and over-ride that and allow it to proceed. This tool is safe. Smartscreen is overly sensitive. Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file. Attach it with your next reply. You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.