Jump to content

QUarantine Help

Tobi_Alafin
 Share

Recommended Posts

Tobi_Alafin

Tobi_Alafin

Posted
Posted

Malware Bytes quarantined several objects.

1500+

These objects were PUPs(Potentially Unwanted Programs) or PUMs(Potentially Unwanted Modifications)

I'd requested for PUPs and PUMs to be treated as Malware.

Unfortunately, my system started encountering problems when the PUPs and PUMs were quarantined.

I investigated, and found out that some of them, were system objects.

I needed to restore those PUPs/PUMs

I tried to restore them.

However, they had all been marked for deletion on reboot, and I can't restore objects marked for deletion on reboot. I get a pop up box: "Can't restore an item marked for deletion on reboot"

Some of my Windows apps(Edge,Reader,...) aren't working.

My WiFi isn't working.

What do I do.

 

Well, My Wifi is now working.

I will attach a log of the scans.

 

Later on, I disabled "Quarantine Automatically", and "treat detections of PUP/PUM as Malware", "And chose "Warn User about detections". Yet the same thing happened again. The same damn thing repeated itself. The program didn't even follow my instructions. I am a very unsatisfied user, and want to uninstall the program. But I need to get my files back from Quarantine.

Windows store isn't working.

Start Menu App isn't working.

Store Apps aren't working as well.

 

My computer didn't get screwed up by malware, but by your damn program. I want assistance in fixing my computer. I don't want to have to reinstall Windows.

Malware Bytes Logs.rar

Link to post
Share on other sites
  • Replies 55
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

Fatdcuk

Fatdcuk

Posted
Posted (edited)

Hi Tobi_Alafin,

Not to worry about uploading your quarantine contents.

I have reviewed your MBAM scan logs and cannot find any f/p detection which leaves only one other sceanrio.

It is possible that we have failed to fix a part of the hijacker and this has had a colateral effect. Sorry for this happening to you but we will need to run some diagnostic tools to enable us to repair any previously missed fix.

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

 


Please copy and paste their content into your next reply.

Thanks in advance :)

 

Edited by Fatdcuk
Link to post
Share on other sites
thisisu

thisisu

Posted
Posted (edited)

Hi Tobi,

Download the following fixlist.txt file and save it in the same directory/folder as FRST64.exe. In your case, it should be here: C:\Users\Lancelot\Downloads

Once both FRST64.exe and fixlist.txt are in C:\Users\Lancelot\Downloads, open FRST64.exe again and press the "Fix" button once.

A series of fixes will be performed and you will be prompted to reboot your computer. Please do so and then return the contents of the Fixlog.txt file that should open when your computer has rebooted into your next reply.

Edited by thisisu
Link to post
Share on other sites
Tobi_Alafin

Tobi_Alafin

Posted
  • Author
Posted

I turned on my PC to n error messge from the lock screen. 

Something like: "Music.UI.exe" <Hexadecimal number>(guessing it's a memory address) process/program(not sure  which) not found in <Hexadecimal number>

 

My Lightshot wasn't working from the lock screen.

e62645bb8bce4d829247d6556e38ba77.png  Clicking on that, still does nothing. I have to lock my Latop, and connect from Lock Screen.

 

6bc12c0c86964c7492e02bc6540a755f.png  Notice the icon.

30cb25a023b148f4882706b3be3b9043.png Clicking on those two icons still does nothing. As does <Win Key>, <Win Key+S>

No start Menu, No Search.

 

I'll check the others, and update you.

Link to post
Share on other sites
thisisu

thisisu

Posted
Posted

Thanks for the information.

A few more steps for you:

Run sfc /scannow, here's how: https://support.microsoft.com/en-us/kb/929833

Note: Since you say the Start menu does not work, try using the Windows key + R together to launch the Run dialog. From there, type in cmd to launch the command prompt and continue with the rest of the steps in the guide. Reboot if prompted to.

Once that has been completed. Open FRST and type in the following into the Search: text-field: efswrt.dll

Then press the "Search Files" button. Attach Search.txt when the search has completed.

___

Next, open FRST once again and press the Scan button to obtain a couple of new logs for review. Be sure to include both FRST.txt and Addition.txt. You may need to retick the "Addition.txt" box if it's not automatically ticked this time.

___

Lastly, are you aware that you have a crack tool for Windows installed? They are called KMSpico and AutoKMS. It could be reason why certain functions of Windows aren't working as intended.

P.S. If you could get a screenshot of the Music.UI.exe error message, that would help too.

Thanks

Link to post
Share on other sites
thisisu

thisisu

Posted
Posted
On 8/11/2016 at 6:07 AM, Tobi_Alafin said:

But I need to get my files back from Quarantine.

We can do this as well if that's all you wanted, although, I don't recommend it as there weren't any false positives according to the scan logs you provided. You'd just be restoring malware onto the system.

I think it's the Windows crack tools being used that are hindering your experience with Windows 10.

Let me know what you decide and I'll try my best to assist.

Link to post
Share on other sites
Tobi_Alafin

Tobi_Alafin

Posted
  • Author
Posted

I'll try to go through with the steps.

My Laptop got seized, for the past week, so I'm just getting your message.

I did install KMSpico, to try to install Microsoft Office. 

 

I'll go through with the step.

I don't really care so much for recovering my quarantined files, s much as fixing my system.

If my system can get back up and running again, I'll be gratetful. 

Link to post
Share on other sites
Tobi_Alafin

Tobi_Alafin

Posted
  • Author
Posted
On 8/14/2016 at 6:50 PM, thisisu said:

Thanks for the information.

A few more steps for you:

Run sfc /scannow, here's how: https://support.microsoft.com/en-us/kb/929833

Note: Since you say the Start menu does not work, try using the Windows key + R together to launch the Run dialog. From there, type in cmd to launch the command prompt and continue with the rest of the steps in the guide. Reboot if prompted to.

I used <WIN + X> to open SUperuser menu, then ran command prompt as Admin. then ran the command. It is currently running.

Once that has been completed. Open FRST and type in the following into the Search: text-field: efswrt.dll

Should I attach the log files if any.

Then press the "Search Files" button. Attach Search.txt when the search has completed.

___

Next, open FRST once again and press the Scan button to obtain a couple of new logs for review. Be sure to include both FRST.txt and Addition.txt. You may need to retick the "Addition.txt" box if it's not automatically ticked this time.

___

Lastly, are you aware that you have a crack tool for Windows installed? They are called KMSpico and AutoKMS. It could be reason why certain functions of Windows aren't working as intended.

Yes I am aware. I installed it to ativte Mirosoft Office. I'm not currently able to make purchases online. -_-

Though, these have been installed for months now. I don't think they are the cause of my problems.

P.S. If you could get a screenshot of the Music.UI.exe error message, that would help too.

It happened once when I rebooted my computer, and then it was from the lock screen. I don't normally reboot, but if I see it again, I'll try to take a picture using my phone.

Thanks

Thank you very much for your assistance. To be honest, I was a bit skeptial about reeiving help at first, since someone who had a similar problem to mine was turned down because he had Windows crack tool(s) installed. He was told "Current forum rules don't allow them to assist". 

Replies in red.

Link to post
Share on other sites
thisisu

thisisu

Posted
Posted
11 hours ago, Tobi_Alafin said:

I did install KMSpico, to try to install Microsoft Office. 

Thanks for being honest about this. We do however require that you uninstall KMSPico before receiving additional assistance. You should be able to remove KMSpico via Control Panel -> Programs and Features. Please read the following for further clarification regarding our stance on Piracy:

Once you've removed KMSpico. Please rescan with FRST and attach both FRST.txt and Addition.txt.

Then complete the following:

On 8/14/2016 at 0:50 PM, thisisu said:

Open FRST and type in the following into the Search: text-field: efswrt.dll

Then press the "Search Files" button. Attach Search.txt when the search has completed.

 

10 hours ago, Tobi_Alafin said:

Also, my <PrtSc> key no longer calls Lightshot.exe

And start menu doesn't work, so I'll have to maanually locate Lightshot.

Will worry about this later on. Complete my above instructions first please.

Thanks for the updates regarding everything else.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.