Jump to content

Possible Issues With 4.5.2.157

moo4x

By moo4x
in Resolved Malware Removal Logs

 Share

Recommended Posts

  • Replies 87
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Porthos
Porthos

You have a few tools that can "optimize/clean" the registry. those tools can cause more harm than good. I do not know how well RegRun Security Suite Platinum plays along side Malwarebytes. Y

Posted Images

moo4x

moo4x

Posted
  • Author
Posted

Foobar is fixed. The auto updater program changed some settings. Sorry to be a pain.......... 

That's why I don't want to wipe windows, I have 10's of hours into having this machine set up exactly how I want it.

Unfortunately, it appears that some unwanted baggage came along with  that pov!

I appreciate your help. It is possible that it's a coincidence that the problems started right after updating MBAM, or it may be that one of the issues caused the update to not install properly.

 

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

I've reinstalled windows many many times and Have about 10 times the amount of software and customization on mine. Sooner or later Windows just becomes a mess from all the installs, updates, cleanups, etc. A clean fresh install of Windows gets you running great again at least for another year.

The multiple items listed and setup for cleanup have nothing to do with our program so I assume just a coincidence.

Please go ahead and run the fix and post back the FIXLOG.txt file when ready

Thank you

 

Link to post
Share on other sites
moo4x

moo4x

Posted
  • Author
Posted
1 hour ago, AdvancedSetup said:

After you've uninstalled all the software you no longer want or use then run the following software to check and update any old common software.

Patch My PC Home Updater
https://patchmypc.com/home-updater

 

Then for cache clean up you can create a batch file if wanted that would clean that up, or even use Farbar FRST program to do the cleanup periodically.

 

Please temporarily disable any real-time protection and run the following fix.

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

NOTE-3: As part of this fix it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt 6.52 kB · 1 download

Thanks

 

 

Is there any way to avoid removing log in's? I have a pw manager, but I have so many pw's, I also use Firefox to store many of them.

Link to post
Share on other sites
moo4x

moo4x

Posted
  • Author
Posted

Here you go. The only thing I didn't remove that you suggested was Reg Run. All security was definitely turned off while the tool ran. Likely not the case after reboot, though. So far everything is working. The newer Dell driver didn't increase my speed, LOL (I'm getting about 9 Mbs less than I'm supposed to from Comcast. It's always been that way on this PC.)

 

Thank you again for everything!

Fixlog.zip

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

No problem. Just suggestions. What you run on your computer is up to you 😁

 

Secure Boot Status: False

How to enable or disable Secure Boot
https://maxedtech.com/how-to-enable-or-disable-secure-boot/

 

Windows Resource Protection found corrupt files and successfully repaired them.

 

 

SecurityCheck by glax24              

I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications.

  • Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • If Microsoft SmartScreen blocks the download, click through to save the file
  • This tool is safe.   Smartscreen is overly sensitive.
  • If SmartScreen blocks the file from running click on More info and Run anyway
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"  and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

 

image.png

image.png

image.png

 

Thank you

 

 

Link to post
Share on other sites
moo4x

moo4x

Posted
  • Author
Posted (edited)

Secure Boot Status: False

Do you want me to re-enable this?

I did a little reading. I assume I am GPT with Win 10? Since day 1 )I bought this used with a fresh Win install from a used retailer) I have not been able to get into the bios. Dell says F12 for boot menu, & F2 for setup.

 

Edited by moo4x
Addition.
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to an ever-increasing potential threat to rootkits, bootkits, it makes it much more difficult to attack a system that has Secure Boot enabled.

 

From the log.

---------------------------- [ UnwantedApps ] -----------------------------

O&O SafeErase Professional v.16.8.78 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.

Nero TuneItUp v.3.2.0.3 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.

O&O SafeErase (OO SafeEraseAgent) - The service is running

C:\Program Files\OO Software\SafeErase\Shared\SafeEraseAgent\SafeEraseAgent.exe v.16.8.78.0

 

 

Just as a final scan before we finish up here. Please run the folloiwng

 

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

PC Winvids - How to run Kaspersky TDSSKiller

If an infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.

Thank you

https://support.kaspersky.com/5350

 

Link to post
Share on other sites
moo4x

moo4x

Posted
  • Author
Posted
1 hour ago, AdvancedSetup said:

Due to an ever-increasing potential threat to rootkits, bootkits, it makes it much more difficult to attack a system that has Secure Boot enabled.

 

From the log.

---------------------------- [ UnwantedApps ] -----------------------------

O&O SafeErase Professional v.16.8.78 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.

Nero TuneItUp v.3.2.0.3 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.

O&O SafeErase (OO SafeEraseAgent) - The service is running

C:\Program Files\OO Software\SafeErase\Shared\SafeEraseAgent\SafeEraseAgent.exe v.16.8.78.0

 

 

Just as a final scan before we finish up here. Please run the folloiwng

 

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

PC Winvids - How to run Kaspersky TDSSKiller

If an infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.

Thank you

https://support.kaspersky.com/5350

 

The program has changed a bit since the vid was made. (See attached jpg). I was able to check the box as requested, but there is a new unchecked box. I ran the first scan. Upon reboot, the program came up. Reg Run & likely Malwarebytes ran there rootkit programs before that occured. For whatever reason, other than the rootkit tool, reg Run is no longer running. I will reinstall. At any rate after reboot, Kaspersky came up as promised. It froze for about 15 seconds & stopped. I then ran it again without touching anything & it said I was clean. Log attatched. With the previous comments, do you think I'm good, or is it possible that Kaspersky did not run correctly due to the changes?

Thank you again!

 

Kasp.jpg

TDSSKiller.3.1.0.28_26.01.2022_22.01.36_logNOTREAD ONLY.txt.zip

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.