Jump to content

Help suspiciously acting Windows 10 laptop

defbg
 Share
Go to solution Solved by Maurice Naggar,

Recommended Posts

Maurice Naggar

Maurice Naggar

Posted
Posted

a )  Task Manager screen readouts can be quite a challenge to make sense of.

b ) slow computer / slow system can be due to a number of causes that have nothing related to any actual  or suspected infection.

 

c)  about the last Scan run,  I would like to see the history report.

On your Downloads folder you have the report tool.

 

open your Downloads folder
    Double-click mb-support-1.6.1.784.exe  to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
Now click the left-hand side pane "I do not have an open support ticket"

    You will be presented with a page stating, "Get Started!"
    Do NOT use the button “Start repair” !   But look instead at the far-left options list in black.

    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer.  Please do have patience.  It takes several minutes to gather.
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

NOTE:  selecting "scan for rootkits" makes the program run longer.   In most cases, this option is not needed.

Link to post
Share on other sites
  • Replies 64
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

  • 2 weeks later...
Maurice Naggar

Maurice Naggar

Posted
Posted

Hello.

I regret not seeing your reply & not getting back to you earlier.

The Malwarebytes scan report indicates no malware.

 

This custom script is for  Defbg   only / for this machine only.

Close and save any open work files before starting this procedure. 

I am sending a  new  custom Fix script which is going to be used by the FRSTENGLISH tool. They will both work together as a pair.

Please RIGHT-click the (attached file named) FIXLIST and select SAVE  link AS and save it directly ( as is) to the  Downloads  folder

The tool named FRSTENGLISH.exe   tool    is already on the Downloads folder
Start the Windows Explorer and then, to the Downloads folder.


RIGHT click on  FRSTENGLISH    and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run.
  to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
IF Windows prompts you about running this, select YES to allow it to proceed.

IF you get a block message from Windows about this tool......
click line More info information on that screen
and click button Run anyway on next screen.

on the FRSTENGLISH window:
Click the Fix button just once, and wait.

frst-fix.jpg.f6a25291b39a03d418acc9a3b7136900.jpg
 
PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after restart.
When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply later, at your next opportunity   

Fixlist.txt

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

It is going to remove a Debugger set point that seems to be tied to something  SppExtComObj.exe

It is going to clear up a couple of unneeded restrictions.

It is going to clean up some tasks that are un-needed

It will run the Windows System File Checker

It will run the Windows DISM tool to check the health of this system.

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Thanks for the log report.

Please let me know,  How is the situation now ?

 

I would like you to insure that Malwarebytes for Windows program is updated to the very latest.

Start Malwarebytes.   Click the Settings  ( gear ) icon at the top right.

Then look on the General tab.   Look for the button marked "Check for Updates".   Then have patience while it gets the latest.  Follow the prompts.

 

After that completes, click on the down arrow icon so that the program returns to the main screen.

Then click on the blue "Scan now"  to start a new scan.

Link to post
Share on other sites
defbg

defbg

Posted
  • Author
Posted

I uninstalled Mozilla when we first started fixing the laptop. I didnt install it again because I was suspicious about the browser and the way it affected the system. I would like to install it again and use it as main browser :)

Link to post
Share on other sites
  • Solution
Maurice Naggar

Maurice Naggar

Posted
  • Solution
Posted

That is very good news.   I am glad to have helped.

We can wrap up this case.  What follows is a cleanup on the tools used.

To remove the FRST  tool & its work files, do this.  Go to your Downloads folder.  Do a RIGHT-click on FRSTENGLISH.exe & select RENAME & then change it to UNINSTALL.exe .
Then run that ( double click on it)  to begin the cleanup process.

 

Delete the FRST64.exe  on the Downloads folder  ( if present)

Delete RSITx64.exe 

Delete the mb-support-1.6.1.784.exe 

Delete the mbst-grab-results.zip   on the Desktop

 

Adwcleaner you may keep and use on-demand to scan for adwares.

Any other file I had you download, you may delete.

,

 

Backup is your best friend.  Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".
Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).

Free games & free programs are like "candy". We do not accept them from "strangers".

Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 
Do a Windows Update.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

 

Stay safe.  I wish you all the best.   😎

Sincerely,

Maurice

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.