Jump to content

Recommended Posts

scanned malwarebytes and program found this,

here are the results:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/5/20
Scan Time: 3:41 PM
Log File: b2e3a86e-bf10-11ea-9c4e-c80aa9aafed4.json

-Software Information-
Version: 4.1.2.73
Components Version: 1.0.972
Update Package Version: 1.0.26449
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Lupita-PC\Lupita

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 243689
Threats Detected: 17
Threats Quarantined: 17
Time Elapsed: 14 min, 45 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.BrowserGuardian, HKLM\SOFTWARE\WOW6432NODE\Browser Guardian, Quarantined, 2095, 236205, 1.0.26449, , ame,

Registry Value: 4
PUM.Optional.LowRiskFileTypes, HKU\S-1-5-21-1478865395-2603631333-3982095892-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LOWRISKFILETYPES, Quarantined, 6573, 251589, 1.0.26449, , ame,
Backdoor.Agent.E, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|{6E6EDF7B-4352-A809-DD6C-4A5380F44DB7}, Quarantined, 3750, 186887, 1.0.26449, , ame,
PUP.Optional.SafeSearches.Generic, HKU\S-1-5-21-1478865395-2603631333-3982095892-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|llfljpiejojjncohilcoamljcnfcngod, Quarantined, 15234, 515393, , , ,
Backdoor.Agent.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|{6E6EDF7B-4352-A809-DD6C-4A5380F44DB7}, Quarantined, 3750, 186887, 1.0.26449, , ame,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 2
PUP.Optional.AdPeak, C:\PROGRAM FILES (X86)\6E6B36EB-9156-411B-B951-C735F4747DCF, Quarantined, 1364, 175348, 1.0.26449, , ame,
PUP.Optional.SafeSearches.Generic, C:\USERS\LUPITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LLFLJPIEJOJJNCOHILCOAMLJCNFCNGOD, Quarantined, 15234, 515393, 1.0.26449, , ame,

File: 10
PUP.Optional.AdPeak, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\libeay32.dll, Quarantined, 1364, 175348, , , ,
PUP.Optional.AdPeak, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\nfapi.dll, Quarantined, 1364, 175348, , , ,
PUP.Optional.AdPeak, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\ProtocolFilters.dll, Quarantined, 1364, 175348, , , ,
PUP.Optional.AdPeak, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\ssleay32.dll, Quarantined, 1364, 175348, , , ,
PUP.Optional.AdPeak, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe, Quarantined, 1364, 175348, , , ,
PUP.Optional.SafeSearches.Generic, C:\USERS\LUPITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 15234, 515393, , , ,
PUP.Optional.SafeSearches.Generic, C:\USERS\LUPITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, 15234, 515393, , , ,
PUP.Optional.SafeSearches.Generic, C:\USERS\LUPITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LLFLJPIEJOJJNCOHILCOAMLJCNFCNGOD\1.0.0_0\MANIFEST.JSON, Quarantined, 15234, 515393, 1.0.26449, , ame,
PUP.Optional.NewTabExt.Generic, C:\USERS\LUPITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LLFLJPIEJOJJNCOHILCOAMLJCNFCNGOD\1.0.0_0\TERMS-OF-USE.TXT, Quarantined, 15153, 526636, 1.0.26449, , ame,
PUP.Optional.NewTabExt.Generic, C:\USERS\LUPITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LLFLJPIEJOJJNCOHILCOAMLJCNFCNGOD\1.0.0_0\POLICY.TXT, Quarantined, 15153, 527829, 1.0.26449, , ame,

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

Link to post
Share on other sites

Hi, 
My name is Maurice. I will be helping and guiding you, going forward on this case.
Let me know what first name you prefer to go by.

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me.
If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible.
 
Please only just attach   all report files, etc  that I ask for as we go along.

.

Let's  follow up by doing this.

I  would suggest to download, Save, and then run Malwarebytes ADWCLEANER.

Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner scan.

Adwcleaner  detects factory Preinstalled applications too!

 

Please download  Malwarebytes AdwCleaner  https://downloads.malwarebytes.com/file/adwcleaner
 

Be sure to Save the file first, to your system.  Saving to the Downloads folder should be the default on your system.

 

Go to the folder where you saved Adwcleaner. Double click Adwcleaner  to start it.

At the prompt for license agreement, review and then click on I agree.

 

You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner).

Then click on Dashboard button.

Click the blue button "Scan Now".

 

allow it a few minutes to finish the Scan.   Let it remove what it finds.

NOTE:  When it comes to the section "

Pre-installed applications

 

You can skip that.

Please find and send the Adwcleaner "C" clean report.

In Adwcleaner, click the "Reports" button.  Look at the list of reports for the latest date & type "Clean".

Double Click that line & it will open in Notepad.   Save the file to your system and then Attach that with your reply.

 

That C clean report will be the one with the most recent Date and time at folder  C:\AdwCleaner\Logs

Thanks.  Keep me advised.

 

Link to post
Share on other sites

Here is the adwarecleaner log:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build:    06-24-2020
# Database: 2020-06-15.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-06-2020
# Duration: 00:01:40
# OS:       Windows 7 Home Premium
# Scanned:  31836
# Detected: 58


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.CyberLinkLabelPrint   Folder   C:\Program Files (x86)\CYBERLINK\LABELPRINT
Preinstalled.CyberLinkLabelPrint   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Preinstalled.CyberLinkLabelPrint   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Preinstalled.HPHealthCheck   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP HEALTH CHECK
Preinstalled.HPMediaSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\MEDIASMART\CINEMANOW
Preinstalled.HPMediaSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\MEDIASMART\PHOTO
Preinstalled.HPMediaSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\MEDIASMART\VIDEO
Preinstalled.HPMediaSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\MEDIA\DVD
Preinstalled.HPMediaSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\MEDIA\ITV
Preinstalled.HPMediaSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\MEDIA\WEBCAM
Preinstalled.HPMediaSmart   Folder   C:\Program Files\HEWLETT-PACKARD\HP MEDIASMART
Preinstalled.HPMediaSmart   Folder   C:\ProgramData\HEWLETT-PACKARD\MEDIA\DVD
Preinstalled.HPMediaSmart   Folder   C:\Users\Lupita\AppData\Local\HEWLETT-PACKARD\MEDIA\DVD
Preinstalled.HPMediaSmart   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61C4D9EC-965B-49E0-B95D-7F2C7E368D46}
Preinstalled.HPMediaSmart   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DVDAgent
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SmartMenu
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{120262A6-7A4B-4889-AE85-F5E5688D3683}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D12E3E7F-1B13-4933-A915-16C7DD37A095}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCCAD079-F92C-44DA-B258-624FC6517A5A}
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}
Preinstalled.HPMediaSmart   Task   C:\Windows\System32\Tasks\DVDAGENT
Preinstalled.HPSupportAssistant   Folder   C:\HP\SUPPORT
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant   Folder   C:\Users\Lupita\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant   Folder   C:\Users\Lupita\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPTouchSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\TOUCHSMART\DVD MENU PACK
Preinstalled.HPTouchSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\TOUCHSMART\MEDIA MOVIE THEME PACK
Preinstalled.HPTouchSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\TOUCHSMART\MUSIC
Preinstalled.HPTouchSmart   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\TOUCHSMART\NETFLIX
Preinstalled.HPTouchSmart   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EF9A4A4-2099-4B83-A7D0-5126F4C95227}
Preinstalled.HPTouchSmart   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLMLSvc
Preinstalled.HPTouchSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
Preinstalled.HPTouchSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
Preinstalled.HPTouchSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
Preinstalled.HPTouchSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3023EBDA-BF1B-4831-B347-E5018555F26E}
Preinstalled.HPTouchSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{35021DFB-F9CA-402A-89A2-47F91E506465}
Preinstalled.HPTouchSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
Preinstalled.HPTouchSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
Preinstalled.HPTouchSmart   Task   C:\Windows\System32\Tasks\CLMLSVC
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-darkorbit
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-worldofwarcraft
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main


AdwCleaner[S00].txt - [1481 octets] - [28/04/2018 14:49:23]
AdwCleaner[C00].txt - [1510 octets] - [28/04/2018 14:49:41]
AdwCleaner[S01].txt - [1249 octets] - [05/06/2018 18:43:03]
AdwCleaner[C01].txt - [1374 octets] - [05/06/2018 18:43:19]
AdwCleaner[S02].txt - [1249 octets] - [05/06/2018 19:01:16]
AdwCleaner[S03].txt - [8876 octets] - [04/07/2020 11:13:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

Link to post
Share on other sites

That report is OK.   No malicious items.   It only listed HP factory installed applets.

How is your system at this point ?

 

You want to Close and save any open work files at this point.   Close any app-windows that are not actually in-use.

This following section is for a different scan.

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

 

It will start a download of "esetonlinescanner.exe"

Save the file to your system, such as the Downloads folder, or else to the Desktop.

 

Go to the saved file, and double click it to get it started.

 

When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes

When prompted for scan type, Click on Full scan

Look at & tick  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on Start scan button.

Have patience.  The entire process may take an hour or more. There is an initial update download.

There is a progress window display.

You should ignore all prompts to get the ESET antivirus software program.   ( e.g.  their standard program).   You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.

Click The blue “Save scan log” to save the log.

If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at bottom).

Press Continue when all done.  You should click to off the offer for “periodic scanning”.

 

 

Link to post
Share on other sites

Can not run the program, when I double click on the program I get this message

Esetonlinescanner.exe - System Error

The program can’t start because api-win-core-winrt-error-l1-1-0.dll is missing from your compute. Try reinstalling the program to fix this problem.

Then when I try to run as administrator  I get this message

Setup

Internal error: Expression error ‘Runtime Error (at 79:177):

External exception E06D7363.’

Link to post
Share on other sites

Hi.  Sorry that that happened.  That is quite odd.   Lets put the ESET run request to the side.

Instead, lets do thia

The Microsoft Safety Scanner  is a free Microsoft stand-alone virus scanner that  can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Let me know the result of this.

The log is named MSERT.log 

the log will be at  C:\Windows\debug\msert.log

Please attach that log with your reply.

 

Link to post
Share on other sites

here is the log:


---------------------------------------------------------------------------------------

Microsoft Safety Scanner v1.0, (build 1.319.990.0)
Started On Tue Jul 07 13:25:52 2020
->Scan ERROR: resource process://pid:1080,ProcessStart:132386268457612388 (code 0x00000005 (5))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000021 (33))

Results Summary:
----------------
No infection found.

Link to post
Share on other sites

  • AdvancedSetup changed the title to PUP.Optional.BrowserGuardian need help with removal

That is a fine result.   How is the system now ?

Please do a new Scan on this machine, using Malwarebytes for Windows.

To run a Threat Scan, open Malwarebytes for Windows and click the blue Scan button.

Have patience during the run.

When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical.

Then click on Quarantine selected.

 

Then, locate the Scan run report;  export out a copy;  & then attach in with your  reply.

See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4

 

Link to post
Share on other sites

The pc did some update configuration and when windows started window saying that window 7 end date Jan,2020. 

Here is the malwarebytes report:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/7/20
Scan Time: 5:43 PM
Log File: 03d62d6a-c0b4-11ea-8049-c80aa9aafed4.json

-Software Information-
Version: 4.1.2.73
Components Version: 1.0.976
Update Package Version: 1.0.26569
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 243984
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 24 min, 16 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

Link to post
Share on other sites

The scan run report from Malwarebytes for Windows is excellent.    No malware.  No P U P.

As to MS and Windows 7, yes Windows 7 is not any longer getting any new fixes or security patches since January of 2020 when it reached end-of-life support at Microsoft.

The original issue of this case is no more.  Is there something else you need help with ?

Link to post
Share on other sites

I am very glad things are well.  Just a note of caution.  There is not any need to 'rush' to get Windows 10  ( if you mean the May 2020 build).

If your Windows Build version is 1809  or later, the latest build is OPTIONAL.

However, this system is running Windows 7  Service Pack 1.

Let me just cite some tips, along with providing the links to do the manual upgrade.

 

See my reply at this link   https://forums.malwarebytes.com/topic/261274-windows-10-upgrade-reported-as-malware/?do=findComment&comment=1392896

That is my "best practices guide"  to doing the upgrade.  Since this machine is running Windows 7, the only way is to use the Upgrade page like I provided the other customer.  Your upgrade will have to be done in-place on your Windows 7.

The advice is the same.   The only difference is you have Windows 7.  They are on Windows 10.

I hope this helps.

 

Link to post
Share on other sites

Hi.  Its is very good to know that your pc is now on Windows 10.  I will have some other suggestions later about "any slowness".

At this time though, I encourage you to do what follows.

Do yourself a huge favor and insure that the function-key F8 is enabled for when the machine is at the very cusp of loading up (starting up ) Windows.

Use the guide at Tenforums / use the Option One , step 3

https://www.tenforums.com/tutorials/22455-enable-disable-f8-advanced-boot-options-windows-10-a.html

 

And also make a USB with the Microsoft Media Creation tool    that can be used in a severe pinch to boot up the system into any one of several special modes

Look at Option One on this article

https://www.tenforums.com/tutorials/2376-create-bootable-usb-flash-drive-install-windows-10-a.html

 

Backup your system to offline storage media  ( like a large USB removable drive)

Backup is your best friend.  Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/

Edited by Maurice Naggar
Link to post
Share on other sites

Have you had a chance to do what I listed just earlier ?   ( about the F8 function key )

Please let me know.   This was on the reply on this link https://forums.malwarebytes.com/topic/261449-pupoptionalbrowserguardian-need-help-with-removal/?do=findComment&comment=1393460

,

The black screen ( all dark) can be just Windows having been gone into sleep mode.

Mouse the mouse ( either physical mouse or the trackpad if on a laptop)  and make circular motions with it for about a minute.

That should get it out of sleep mode .....if that is what it is.

.

Or / and or / tap the space bar / or press and hold the CTRL-key on keyboard and tap the ESC ape key.

See if that gets the screen alive and displaying.

,

OTHERWISE  give this one try.

you can temporarily ( just only for limited purpose) put the system into Safe Mode with Networking, 
which would hopefully allow means of doing some diagnostic reports ( later). 
 
Let us see if you could simply just get this machine into SAFE Mode or Safe mode With NETWORKING just so we could look around. That would be strictly temporary. 
*Do unplug all devices from your computer, including: Printers, scanners, copiers,  fax machine, external attached devices, etc.* 
*The only devices you should leave attached to your computer are your monitor, mouse and keyboard, if the computer is a desktop.* 
*And if this PC is a laptop or notebook be sure it is directly connected to Power with power cord.* 
 
Turn off your pc by pressing the power off button. IF this is a laptop, press and hold the Power off until you can sense the disc has stopped spinning.  

Wait about a minute.  

Then turn the Power On on the pc  and allow it to Restart and load up Windows.  

And right away, tap & retap the F8 Function-key on your keyboard.  
You should see Windows Advanced Options menu. 
Select Safe Mode with Networking 
 
NOTE: if the F8 function key-method did not prove usable, some systems may use F5 instead.  
And on some systems you may need to press the F2 function key to get hardware boot options. 
 
Then let me know when you get it there. 

 

Link to post
Share on other sites

Be sure you did not overlook by last preceding reply above  ^^^^^

There is a article that lists several ways to get into Safe mode, including a video at the top of the article.

If needs be, please look at the article  and the video

https://www.digitalcitizen.life/4-ways-boot-safe-mode-windows-10

 

If neither the video or the top of the article work out, look at his #2     2. Interrupt the normal boot process of Windows 10 three times in a row

Just take your time doing all this.   The main goal we have is to get into Safe Mode or else Safe Mode with Networking.

Have a lot of patience.  I know it is frustrating.  I regret your troubles.

This is recoverable / fixable.    and if you have another working Windows computer, let me know that please.

We could use the other PC   and a USB-flash-thumb-drive to make a helpful USB.

I am in Central time zone in US.   are you on Pacific time zone ?

Link to post
Share on other sites

Tell me what Brand of computer this is,  and the model.

Did you insure to totally Power Off the pc   and wait one minute ?

Then power up.   and then it only ever got a totally dark screen ?

There should be a way to get this machine to at least have it display on-screen the Power-on-Self-Test,   ( a.k.a. POST )

So, let me know the Brand and model.

And also do let me know if you have another computer that is working  & if you have a USB-flash-thumb drive of at least 8 GB capacity.

Link to post
Share on other sites

Insure you have a clean or new USB-flash thumb drive of at least 8 GB.  I would like for you to use that as part of creating a special "Media Creation tool", one of which'   abilities if to help get the machine to special troubleshooting "options".

That is outlined at the top of this article, as Option ONE

https://www.tenforums.com/tutorials/2376-create-bootable-usb-flash-drive-install-windows-10-a.html

Give me a heads up after you have made this special USB.   I will guide you to how to use it for troubleshooting.

.

HP makes fine machines.  I will get back to use as to which hardware/keyboard function key gets that HP into the BIOS   ( just for the purpose of gettng the POST test to visually show).   which can then get you enough screen time to then do some stuff.

.

reminder:

A piece of hardware may be interfering with the normal boot process of Windows. Try unplugging all devices from your computer, including:

  • Printers
  • Scanners / Copier / fax machine
  • Media Card Readers
  • Small Media cradles (iPod, PDA, MP3 player, etc.)
  • Digital Cameras and Video Recorders
  • USB storage devices
  • CDs or DVDs from all optical drives

The only devices that you should leave attached to your computer are your monitor, mouse, and keyboard, if the computer is a desktop.

You did indicate that the problem-machine is a notebook type.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.