Jump to content

kevinf80

Experts
  • Posts

    30,624
  • Joined

  • Last visited

  • Days Won

    29

Everything posted by kevinf80

  1. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
  2. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
  3. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
  4. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
  5. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
  6. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following to help you better protect your computer and privacy Tips to help protect from infection Thank you
  7. Hiya Victorian1899, What you describe is strange, to clarify you need to fully understand how the Microsoft security apps actually operate, since that's part of why this sort of situation can be confusing to those who don't. The "Files Infected" count displayed on the Microsoft Safety Scanner, scan in progress screen or any of their other security products for that matter, is actually just a preliminary status indication that there are items which may contain malware. In many cases these specific items have been found in the past to be related to malware, but they are all really just small fragments that have matched signatures, but aren't yet truly confirmed as the specific malware that might include them. Near the end of the scanning process around 95% complete, the Microsoft scanners all perform a MAPS (Microsoft Active Protection Service) request via internet to the the Microsoft cloud servers in order to upload their initial findings and request confirmation that these findings are either truly malware or instead possible false positive detections or incomplete fragments of inactive malware. Though the entire process isn't displayed, the clues to this are the following 2 lines in the findings No infection found Successfully Submitted MAPS Report So what actually happened is that the scanner found possible malware fragments, communicated with the MAPS servers and confirmed there weren't any active malware that it can identify running and completed its operation by reporting these final results as well as uploading its reporting to MAPS as a record. This final step is important, since as I stated above "there weren't any active malware that it can identify running" on your device, but that doesn't necessarily mean there might not be something that Microsoft's Security Intelligence has yet to determine is a new form of malware. What this report does is allows Microsoft to collate this information within the automated MAPS cloud system and look for such possible new malware patterns, along with those from the millions of other Windows Defender and other scanners operating in real time on many systems. Are we ok to close out...? Thank you, Kevin.
  8. Hello paulwantshelp2 and welcome to Malwarebytes, Lets grab some logs and see whats going on, continue with the following: If you do not have Malwarebytes installed do the following: Download Malwarebytes version 4 from the following link: https://www.malwarebytes.com/mwb-download/thankyou/ Double click on the installer and follow the prompts. When the install completes or Malwarebytes is already installed do the following: Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab. Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Close out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following: Open Malwarebytes, select Target scope inside Scanner window, In the new window select "Reports" tab. All recent scan reports will be listed. Hover cursor over latest report (Indentified by date and time) you will see eye tab, download tab and recycle bin tab. Select "Download" tab, download, name and save report to place of your choice (recommend Desktop) Attach that report to your reply... Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status... If English is not your primary language Right click on FRST/FRST64 and rename FRSTEnglish/FRST64English Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Let me see those logs in your reply... If necessary do the following first Disable smart screen ONLY if it interferes with software we may have to use: https://support.microsoft.com/en-us/microsoft-edge/what-is-smartscreen-and-how-can-it-help-protect-me-1c9a874a-6826-be5e-45b1-67fa445a74c8 Please remember to enable when we are finished.... Next, Disable any Anti-virus software you have installed ONLY if it stops software we may use from working: https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/ Please remember to enable AV software when we are finished running scans.... Thank you, Kevin....
  9. Hello Victorian1899, Another clean log, continue to clean up: Download KpRm by kernel-panik and save it to your desktop. Right-click kprm_(version).exe and select Run as Administrator. When the tool opens, ensure all boxes are checked. Under Delete Quarantines select Delete Now, then click Run. Once complete, click OK. A log will open in Notepad titled kprm-(date).txt. Please attach that log to your next reply. (Not Compulsary) Next, 1. How to create strong Passwords - https://www.howtogeek.com/195430/how-to-create-a-strong-password-and-remember-it/ 2. How to keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download 3. Keep your Operating System upto date and current - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 4. Answers to Security Questions and Best Pratices - https://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/ 5. Malwarebytes Browser Guard (Free) for Firefox, Chrome and Edge: https://support.malwarebytes.com/hc/en-us/articles/4402157637523-VIDEO-Set-Up-and-Use-Malwarebytes-Browser-Guard-Chrome-Edge-and-Firefox- Take care and surf safe Kevin...
  10. Hiya Victorian1899, I have not seen anything malicious in any of your logs, I do not see any reason to stop your normal usage of this PC... One more scan please: Download "Microsoft's Safety Scanner" and save direct to the desktop Ensure to get the correct version for your system.... https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download Right click on the Tool, select Run as Administrator the tool will expand to the options Window In the "Scan Type" window, select Quick Scan Perform a scan and Click Finish when the scan is done. Retrieve the MSRT log as follows, and post it in your next reply: 1) Select the Windows key and R key together to open the "Run" function 2) Type or Copy/Paste the following command to the "Run Line" and Press Enter: notepad c:\windows\debug\msert.log The log will include log details for each time MSRT has run, we only need the most recent log by date and time.... Thank you, Kevin.
  11. Hello Victorian1899, How is your PC responding now, any re,aining issues or concerns..? Thank you, Kevin.
  12. Hello Victorian1899, Not a great deal in those logs, continue: Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from. NOTE. It's important that both files, FRST or FRSTEnglish, and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The following directories are emptied: Windows Temp Users Temp folders Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History Recently opened files cache Flash Player cache Java cache Steam HTML cache Explorer thumbnail and icon cache BITS transfer queue (qmgr*.dat files) Recycle Bin Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix. The system will be rebooted after the fix has run. Next, Download Sophos Scan and Clean and save it to your desktop. If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete..... Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take awhile to complete... You will have to register your name and email address to download the tool. You will also have to confirm your email address again each time the scan started... Found entries will have options to delete or quarantine, if you believe they maybe false positives you can change to ignore. A reboot maybe requested to remove difficult malware/infection, please allow that to happen Saved logs are found here: C:\ProgramData\Sophos\ScanandClean\Logs Let me see those logs in your reply... Thank you, Kevin. fixlist.txt
  13. Hello LostCause123 and welcome to Malwarebytes, Run the following scan, lets see if anything shows up: Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status... If English is not your primary language Right click on FRST/FRST64 and rename FRSTEnglish/FRST64English Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The tool will also make a log named (Addition.txt) Please also attach that log to your reply. If necessary: Disable smart screen ONLY if it interferes with software we may have to use: https://support.microsoft.com/en-us/microsoft-edge/what-is-smartscreen-and-how-can-it-help-protect-me-1c9a874a-6826-be5e-45b1-67fa445a74c8 Please remember to enable when we are finished.... Next, Disable any Anti-virus software you have installed ONLY if it stops software we may use from working: https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/ Please remember to enable AV software when we are finished running scans.... If your internet is still down you will have to d/l FRST on another PC, save to USB stick and run on sick PC. Thank you, Kevin
  14. Hiya scrawny, Try the following: Please start an elevated Admin level Command Prompt and type or copy/paste the following exactly and press the Enter key after each line. SCHTASKS /Query /FO LIST /V >"%USERPROFILE%\Desktop\MyScheduledTasks.txt" reg export "HKEY_CURRENT_USER\Console" "%USERPROFILE%\Desktop\MyConsoleSettings.txt" /y Then locate on your desktop the file MyScheduledTasks.txt and MyConsoleSettings.txt then attach them back on your next reply... Thank you, Kevin
  15. Hello Victorian1899 and welcome to Malwarebytes, Lets grab some logs and see whats going on, continue with the following: If you do not have Malwarebytes installed do the following: Download Malwarebytes version 4 from the following link: https://www.malwarebytes.com/mwb-download/thankyou/ Double click on the installer and follow the prompts. When the install completes or Malwarebytes is already installed do the following: Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab. Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Close out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following: Open Malwarebytes, select Target scope inside Scanner window, In the new window select "Reports" tab. All recent scan reports will be listed. Hover cursor over latest report (Indentified by date and time) you will see eye tab, download tab and recycle bin tab. Select "Download" tab, download, name and save report to place of your choice (recommend Desktop) Attach that report to your reply... Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status... If English is not your primary language Right click on FRST/FRST64 and rename FRSTEnglish/FRST64English Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Let me see those logs in your reply... If necessary do the following first Disable smart screen ONLY if it interferes with software we may have to use: https://support.microsoft.com/en-us/microsoft-edge/what-is-smartscreen-and-how-can-it-help-protect-me-1c9a874a-6826-be5e-45b1-67fa445a74c8 Please remember to enable when we are finished.... Next, Disable any Anti-virus software you have installed ONLY if it stops software we may use from working: https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/ Please remember to enable AV software when we are finished running scans.... Thank you, Kevin
  16. Hiya scrawny, Have you ever used anything related to crypto currency, there was no evidence whatsoever in your logs related to randomx/monero. The following is a quote from "bit2me.com" a site related to BitCoins, from that quote it would seem that RandomX is not malicious.. Next, Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix" NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Open FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Thanks, Kevin fixlist.txt
  17. Hiya scrawny, Boot your system back to normal mode, run the following: Run FRST one more time: Type the following in the edit box after "Search:". *randomx* Click Search Registry button and post the log it makes (SearchReg.txt) to your reply. Thanks, Kevin.
  18. Hiya Alex07, Thanks for those logs, continue with the following: Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from. NOTE. It's important that both files, FRST or FRSTEnglish, and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The following directories are emptied: Windows Temp Users Temp folders Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History Recently opened files cache Flash Player cache Java cache Steam HTML cache Explorer thumbnail and icon cache BITS transfer queue (qmgr*.dat files) Recycle Bin Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix. The system will be rebooted after the fix has run. Next, Download Malwarebytes version 4 from the following link: https://www.malwarebytes.com/mwb-download/thankyou/ Double click on the installer and follow the prompts. When the install completes or Malwarebytes is already installed do the following: Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab. Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Close out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following: Open Malwarebytes, select Target scope inside Scanner window, In the new window select "Reports" tab. All recent scan reports will be listed. Hover cursor over latest report (Indentified by date and time) you will see eye tab, download tab and recycle bin tab. Select "Download" tab, download, name and save report to place of your choice (recommend Desktop) Attach that report to your reply... Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download "Microsoft's Safety Scanner" and save direct to the desktop Ensure to get the correct version for your system.... https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download Right click on the Tool, select Run as Administrator the tool will expand to the options Window In the "Scan Type" window, select Quick Scan Perform a scan and Click Finish when the scan is done. Retrieve the MSRT log as follows, and post it in your next reply: 1) Select the Windows key and R key together to open the "Run" function 2) Type or Copy/Paste the following command to the "Run Line" and Press Enter: notepad c:\windows\debug\msert.log The log will include log details for each time MSRT has run, we only need the most recent log by date and time.... Let me see those logs in your reply... Thank you, Kevin. fixlist.txt
  19. Hiya scrawny, Nothing of note in those logs, all entries as expected... Lets try running FRST via the recovery environment, see if we can find out what is wrong: Please download Farbar Recovery Scan Tool from here: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ save it to a USB flash drive. Ensure to get the correct version for your system, 32 bit or 64 bit... Next, Boot your PC and let it go as far as it can, Now hold down the Shift key and re- boot your PC. Windows should open to the "Choose an Option" window.... Other options for Choose an option window at following link: How to use the Windows 8 or 10 System Recovery Environment Command Prompt Here: http://www.howtogeek.com/126016/three-ways-to-access-the-windows-8-boot-options-menu/ to enter System Recovery Command prompt. From that window select "Troubleshoot" from the next window select "Advance Options" from there select "Command Prompt" ensure to plug the flash drive into an open USB port... Continue with the following: In the command window type in notepad and press Enter. The notepad opens. Under File menu select Open. Select "Computer" and find your flash drive letter and close the notepad. In the command window type e:\frst64 or e:\frst depending on your version. Press Enter Note: Replace letter e with the drive letter of your flash drive. The tool will start to run. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply. Thanks, Kevin...
  20. Hiya scrawny, Try the following: Run FRST one more time: Type the following in the edit box after "Search:". explorer.exe Click Search Registry button and post the log it makes (SearchReg.txt) to your reply. Thank you, Kevin
  21. Hiya scrawny, Try the following: Please download Malwarebytes Anti-Rootkit from here: http://downloads.malwarebytes.org/file/mbar Right click on the tool (select "Run as Administrator) to start the extraction to a convenient location. (Desktop is preferable) Open the folder where the contents were unzipped and run mbar.exe Follow the instructions in the wizard to update and allow the program to scan your computer for threats. Click on the Cleanup button to remove any threats and reboot if prompted to do so. Wait while the system shuts down and the cleanup process is performed. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process. When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt Thank you, Kevin..
  22. Set windows up for "Clean Boot" mode, full instructions here: https://support.microsoft.com/en-gb/kb/929135 Basically all none MS services are disabled, see how your system runs in that mode.
  23. Hiya scrawny, Can you post the log from FRST fix, also continue with the following: Scan with Autoruns Please download Sysinternals Autoruns from the following link: https://live.sysinternals.com/autoruns.exe save it to your desktop. Note: If using Windows Vista, Windows 7, Windows 8/8.1 or Windows 10 then you also need to do the following: Right-click on Autoruns.exe and select Properties Click on the Compatibility tab Under Settings check the box next to Run this program as an administrator Click on Apply then click OK Double-click Autoruns.exe to run it. Once it starts, please press the Esc key on your keyboard. Now that scanning is stopped, click on the Options button at the top of the program and verify that the following are checked, if they are unchecked, check them: Hide empty locations Hide Windows entries Click on the Options button at the top of the program and select Scan Options... then in the Autoruns Scan Options dialog enable/check the following two options: Verify code signatures Check VirusTotal.com Once that's done click the Rescan button at the bottom of the Autoruns Scan Options dialog and this will start the scan again, this time let it finish. When it's finished and says Ready. on the lower left of the program window, please click on the File button at the top of the program and select Save and save the file to your desktop and close Autoruns. Right click on the file on your desktop that you just saved and hover your mouse over Send To and select Compressed (zipped) Folder Attach the ZIP folder you just created to your next reply Thank you, Kevin.
  24. Hello scrawny and welcome to Malwarebytes, Thanks for those logs, continue please: Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from. NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The following directories are emptied: Windows Temp Users Temp folders Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History Recently opened files cache Flash Player cache Java cache Steam HTML cache Explorer thumbnail and icon cache BITS transfer queue (qmgr*.dat files) Recycle Bin Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix. The system will be rebooted after the fix has run. Next, Download Sophos Scan and Clean and save it to your desktop. If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete..... Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take awhile to complete... You will have to register your name and email address to download the tool. You will also have to confirm your email address again each time the scan started... Found entries will have options to delete or quarantine, if you believe they maybe false positives you can change to ignore. A reboot maybe requested to remove difficult malware/infection, please allow that to happen Saved logs are found here: C:\ProgramData\Sophos\ScanandClean\Logs Please attach that log to your reply... Thank you, Kevin. fixlist.txt
  25. Apologies @CookieCrew_Curt did not notice your reply, do you still require assistance..? If so can you post a fresh set of FRST logs... Thank you, Kevin
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.