Jump to content

Jeff7171

Honorary Members
  • Posts

    57
  • Joined

  • Last visited

Everything posted by Jeff7171

  1. Will do everything you suggested. Thank you very much. There's nothing else I need help with 😊.
  2. Another thing, I scanned for viruses with Windows Defender and detected this virus: Zpevdo.B. But I removed it, so I think I'm okay now. Thanks again. Just letting you know.
  3. Hi! It's fixed now. Maraming salamat, AdvancedSetup! 😊
  4. If it's this-- MsMpEng_Locations.txt -- Where do I get it?
  5. Microsoft Windows [Version 10.0.18363.1379] (c) 2019 Microsoft Corporation. All rights reserved. C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /s HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService DependOnService REG_MULTI_SZ RpcSs Description REG_SZ @%systemroot%\system32\SecurityHealthAgent.dll,-1001 DisplayName REG_SZ @%systemroot%\system32\SecurityHealthAgent.dll,-1002 ErrorControl REG_DWORD 0x1 FailureActions REG_BINARY 80510100000000000000000003000000140000000100000060EA00000100000060EA00000000000000000000 ImagePath REG_EXPAND_SZ %SystemRoot%\system32\SecurityHealthService.exe LaunchProtected REG_DWORD 0x2 ObjectName REG_SZ LocalSystem RequiredPrivileges REG_MULTI_SZ SeImpersonatePrivilege\0SeBackupPrivilege\0SeRestorePrivilege\0SeDebugPrivilege\0SeChangeNotifyPrivilege\0SeSecurityPrivilege\0SeAssignPrimaryTokenPrivilege\0SeTcbPrivilege\0SeSystemEnvironmentPrivilege\0SeShutdownPrivilege ServiceSidType REG_DWORD 0x1 Start REG_DWORD 0x3 Type REG_DWORD 0x10 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Security Security REG_BINARY 010014801C01000028010000140000003000000002001C000100000002801400FF010F000101000000000001000000000200EC0008000000000018009D00020001020000000000052000000021020000000014009D010200010100000000000512000000000018009D01020001020000000000052000000020020000000014009D000200010100000000000504000000000014009D00020001010000000000050600000000002800FD010200010600000000000550000000E5FE795FA0AE0D3B22FA0AC9015A413AE5A64AB700002800FF010F00010600000000000550000000B589FB381984C2CB5C6C236D5700776EC002648700002800FF010F00010600000000000550000000DB8C740FC27273F32B26B944771E4F027663B521010100000000000512000000010100000000000512000000 C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend" /s ERROR: The system was unable to find the specified registry key or value. C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc" /s HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc DependOnService REG_MULTI_SZ mpsdrv\0bfe Description REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23091 DisplayName REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23090 ErrorControl REG_DWORD 0x1 FailureActions REG_BINARY 80510100000000000000000003000000140000000200000060EA00000200000060EA00000200000060EA0000 Group REG_SZ NetworkProvider ImagePath REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p ObjectName REG_SZ NT Authority\LocalService RequiredPrivileges REG_MULTI_SZ SeAssignPrimaryTokenPrivilege\0SeAuditPrivilege\0SeChangeNotifyPrivilege\0SeCreateGlobalPrivilege\0SeImpersonatePrivilege\0SeIncreaseQuotaPrivilege ServiceSidType REG_DWORD 0x3 Start REG_DWORD 0x2 SvcHostSplitDisable REG_DWORD 0x1 SvcMemHardLimitInMB REG_DWORD 0x1b SvcMemMidLimitInMB REG_DWORD 0x14 SvcMemSoftLimitInMB REG_DWORD 0xc Type REG_DWORD 0x20 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters ServiceDll REG_EXPAND_SZ %SystemRoot%\system32\mpssvc.dll ServiceDllUnloadOnStop REG_DWORD 0x1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters\ACService HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters\AppCs HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters\PortKeywords HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters\PortKeywords\DHCP HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters\PortKeywords\IPTLSIn HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters\PortKeywords\IPTLSOut HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters\PortKeywords\RPC-EPMap HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Parameters\PortKeywords\Teredo HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc\Security Security REG_BINARY 01001480900000009C000000140000003000000002001C000100000002801400FF000F000101000000000001000000000200600004000000000014008500020001010000000000050B000000000014009F000E00010100000000000512000000000018009D000E0001020000000000052000000020020000000018008500000001020000000000052000000021020000010100000000000512000000010100000000000512000000 C:\Windows\system32>sc qc SecurityHealthService [SC] QueryServiceConfig SUCCESS SERVICE_NAME: SecurityHealthService TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\Windows\system32\SecurityHealthService.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Windows Security Service DEPENDENCIES : RpcSs SERVICE_START_NAME : LocalSystem C:\Windows\system32>sc queryex SecurityHealthService SERVICE_NAME: SecurityHealthService TYPE : 10 WIN32_OWN_PROCESS STATE : 4 RUNNING (NOT_STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 15548 FLAGS : C:\Windows\system32>sc qc WinDefend [SC] OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>sc queryex WinDefend [SC] EnumQueryServicesStatus:OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>sc qc mpssvc [SC] QueryServiceConfig SUCCESS SERVICE_NAME: mpssvc TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p LOAD_ORDER_GROUP : NetworkProvider TAG : 0 DISPLAY_NAME : Windows Defender Firewall DEPENDENCIES : mpsdrv : bfe SERVICE_START_NAME : NT Authority\LocalService C:\Windows\system32>sc queryex mpssvc SERVICE_NAME: mpssvc TYPE : 20 WIN32_SHARE_PROCESS STATE : 4 RUNNING (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 4260 FLAGS : C:\Windows\system32>dir /a /s MsMpEng.exe >MsMpEng_Locations.txt File Not Found -------------- I don't get the "attach" part
  6. Here it is. Thanks. ________ Microsoft Windows [Version 10.0.18363.1379] (c) 2019 Microsoft Corporation. All rights reserved. C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /s HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService DependOnService REG_MULTI_SZ RpcSs Description REG_SZ @%systemroot%\system32\SecurityHealthAgent.dll,-1001 DisplayName REG_SZ @%systemroot%\system32\SecurityHealthAgent.dll,-1002 ErrorControl REG_DWORD 0x1 FailureActions REG_BINARY 80510100000000000000000003000000140000000100000060EA00000100000060EA00000000000000000000 ImagePath REG_EXPAND_SZ %SystemRoot%\system32\SecurityHealthService.exe LaunchProtected REG_DWORD 0x2 ObjectName REG_SZ LocalSystem RequiredPrivileges REG_MULTI_SZ SeImpersonatePrivilege\0SeBackupPrivilege\0SeRestorePrivilege\0SeDebugPrivilege\0SeChangeNotifyPrivilege\0SeSecurityPrivilege\0SeAssignPrimaryTokenPrivilege\0SeTcbPrivilege\0SeSystemEnvironmentPrivilege\0SeShutdownPrivilege ServiceSidType REG_DWORD 0x1 Start REG_DWORD 0x3 Type REG_DWORD 0x10 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Security Security REG_BINARY 010014801C01000028010000140000003000000002001C000100000002801400FF010F000101000000000001000000000200EC0008000000000018009D00020001020000000000052000000021020000000014009D010200010100000000000512000000000018009D01020001020000000000052000000020020000000014009D000200010100000000000504000000000014009D00020001010000000000050600000000002800FD010200010600000000000550000000E5FE795FA0AE0D3B22FA0AC9015A413AE5A64AB700002800FF010F00010600000000000550000000B589FB381984C2CB5C6C236D5700776EC002648700002800FF010F00010600000000000550000000DB8C740FC27273F32B26B944771E4F027663B521010100000000000512000000010100000000000512000000 C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\WinDefend" /s HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\WinDefend EventMessageFile REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MpEvMsg.dll ParameterMessageFile REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MpEvMsg.dll ProviderGuid REG_SZ {11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78} TypesSupported REG_DWORD 0x7 C:\Windows\system32>sc qc SecurityHealthService [SC] QueryServiceConfig SUCCESS SERVICE_NAME: SecurityHealthService TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\Windows\system32\SecurityHealthService.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Windows Security Service DEPENDENCIES : RpcSs SERVICE_START_NAME : LocalSystem C:\Windows\system32>sc queryex SecurityHealthService SERVICE_NAME: SecurityHealthService TYPE : 10 WIN32_OWN_PROCESS STATE : 4 RUNNING (NOT_STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 15548 FLAGS : C:\Windows\system32>sc qc WinDefend [SC] OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>sc queryex WinDefend [SC] EnumQueryServicesStatus:OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>
  7. It didn't work. Here are the scans from FRST64. Thanks! FRST.txtAddition.txt
  8. I keep enabling Real Time protection, but it's turning itself off. Then this happened again.
  9. Nevermind, I'm a bit impatient xD. I tried turning off Malwwarebytes inside it's settings, and tried to turn on Windows Defender again and this error popped up. I disabled this: Then I clicked this: Then this showed up: And I clicked Restart Now and this happened:
  10. It's back to this state now. I just restarted my PC. I'll wait for your reply. I apologize.
  11. Oh, crap. I think I did something bad. I quit Malwarebytes, and clicked Restart Now, and an error popped up:
  12. Oh, it's turned off. I think it's because of Malwarebytes. I'll try to enable Windows Defender.
  13. Something showed up, but It looks like it only detected Malwarebytes as my primary antivirus. Thanks.
  14. Be right back 20 mins top. Something came up my god
  15. I extracted it and run it on the desktop earlier. Please wait be right back. I'll do it again as soon as I can.
  16. Here it is. Thanks. Microsoft Windows [Version 10.0.18363.1379] (c) 2019 Microsoft Corporation. All rights reserved. C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend" /s ERROR: The system was unable to find the specified registry key or value. C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /s HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService DependOnService REG_MULTI_SZ RpcSs Description REG_SZ @%systemroot%\system32\SecurityHealthAgent.dll,-1001 DisplayName REG_SZ @%systemroot%\system32\SecurityHealthAgent.dll,-1002 ErrorControl REG_DWORD 0x1 FailureActions REG_BINARY 80510100000000000000000003000000140000000100000060EA00000100000060EA00000000000000000000 ImagePath REG_EXPAND_SZ %SystemRoot%\system32\SecurityHealthService.exe LaunchProtected REG_DWORD 0x2 ObjectName REG_SZ LocalSystem RequiredPrivileges REG_MULTI_SZ SeImpersonatePrivilege\0SeBackupPrivilege\0SeRestorePrivilege\0SeDebugPrivilege\0SeChangeNotifyPrivilege\0SeSecurityPrivilege\0SeAssignPrimaryTokenPrivilege\0SeTcbPrivilege\0SeSystemEnvironmentPrivilege\0SeShutdownPrivilege ServiceSidType REG_DWORD 0x1 Start REG_DWORD 0x3 Type REG_DWORD 0x10 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Security Security REG_BINARY 010014801C01000028010000140000003000000002001C000100000002801400FF010F000101000000000001000000000200EC0008000000000018009D00020001020000000000052000000021020000000014009D010200010100000000000512000000000018009D01020001020000000000052000000020020000000014009D000200010100000000000504000000000014009D00020001010000000000050600000000002800FD010200010600000000000550000000E5FE795FA0AE0D3B22FA0AC9015A413AE5A64AB700002800FF010F00010600000000000550000000B589FB381984C2CB5C6C236D5700776EC002648700002800FF010F00010600000000000550000000DB8C740FC27273F32B26B944771E4F027663B521010100000000000512000000010100000000000512000000 C:\Windows\system32>
  17. Here it is. Thanks. Microsoft Windows [Version 10.0.18363.1379] (c) 2019 Microsoft Corporation. All rights reserved. C:\Windows\system32>sc queryex WinDefend [SC] EnumQueryServicesStatus:OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>sc qc WinDefend [SC] OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>sc queryex SecurityHealthService [SC] EnumQueryServicesStatus:OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>sc qc SecurityHealthService [SC] OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>
  18. There's also an update. Should I ignore and pause it for now?
  19. Here it is. Thanks. Microsoft Windows [Version 10.0.18363.1379] (c) 2019 Microsoft Corporation. All rights reserved. C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\WinDefend" /s HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\WinDefend EventMessageFile REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MpEvMsg.dll ParameterMessageFile REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MpEvMsg.dll ProviderGuid REG_SZ {11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78} TypesSupported REG_DWORD 0x7 C:\Windows\system32>dir /a "%ProgramFiles%\Windows Defender\MpEvMsg.dll" Volume in drive C is OS Volume Serial Number is 7C10-F903 Directory of C:\Program Files\Windows Defender 20/08/2020 02:45 pm 129,040 MpEvMsg.dll 1 File(s) 129,040 bytes 0 Dir(s) 40,370,851,840 bytes free C:\Windows\system32>sc queryex WinDefend [SC] EnumQueryServicesStatus:OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>sc queryex WinDefend [SC] EnumQueryServicesStatus:OpenService FAILED 1060: The specified service does not exist as an installed service. C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc" /s HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc DelayedAutoStart REG_DWORD 0x1 DependOnService REG_MULTI_SZ RpcSs Description REG_SZ @%SystemRoot%\System32\wscsvc.dll,-201 DisplayName REG_SZ @%SystemRoot%\System32\wscsvc.dll,-200 ErrorControl REG_DWORD 0x1 FailureActions REG_BINARY 805101000000000000000000030000001400000001000000C0D4010001000000E09304000000000000000000 ImagePath REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p LaunchProtected REG_DWORD 0x2 ObjectName REG_SZ NT AUTHORITY\LocalService RequiredPrivileges REG_MULTI_SZ SeChangeNotifyPrivilege\0SeImpersonatePrivilege ServiceSidType REG_DWORD 0x1 Start REG_DWORD 0x2 Type REG_DWORD 0x20 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Parameters ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\wscsvc.dll ServiceDllUnloadOnStop REG_DWORD 0x1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Security Security REG_BINARY 010014801C01000028010000140000003000000002001C000100000002801400FF010F000101000000000001000000000200EC0008000000000018009D00020001020000000000052000000021020000000014009D010200010100000000000512000000000018009D01020001020000000000052000000020020000000014009D000200010100000000000504000000000014009D00020001010000000000050600000000002800FD010200010600000000000550000000E5FE795FA0AE0D3B22FA0AC9015A413AE5A64AB700002800FF010F00010600000000000550000000B589FB381984C2CB5C6C236D5700776EC002648700002800FF010F00010600000000000550000000DB8C740FC27273F32B26B944771E4F027663B521010100000000000512000000010100000000000512000000 C:\Windows\system32>
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.