Jump to content

Windows Defender. Protection history: no recent actions.


reym
 Share

Recommended Posts

There's absolutely nothing wrong with it, it means that in this time you have had no issues going on. And you are good to go. I have the same notification with malwarebytes and defender on.

So it does not mean defender does not work, it just tells you that all is okay at moment and the past.

Link to post
Share on other sites

22 minutes ago, SPDIF said:

В этом нет абсолютно ничего плохого, это означает, что за это время у вас не было никаких проблем.

There were notifications about the measures taken. But the log is empty. Also, later i specially downloaded a harmless crack for testing.

Link to post
Share on other sites

6 minutes ago, Porthos said:

Тогда Защитник работает правильно. Отсутствие истории — не проблема. Я бы сделал быстрое сканирование и посмотрел, найдет ли он что-нибудь.

I've already done a scan, including an offline scan. No, it's a problem because I can't take any action with threats because I don't see them.

Link to post
Share on other sites

7 minutes ago, reym said:

I intentionally downloaded a crack for a game to check what will happen. Windows notified me of a threat, but a log is empty.

1 hour ago, reym said:

After removing malwarebytes, windows defender protection history doesn't work.

You said you believe it was Malwarebytes that caused your issue, The fact Defender is on, Malwarebytes did its job  and reactivated Defender as it was supposed to.

You have another unrelated issue that I will as @AdvancedSetup to assist with.

Please do the following so he has something to work with you with.

Please do the following so that we can get started and see what's going on.


The Farbar Recovery Scan Tool is a free Windows utility designed to create troubleshooting logs for your computer. These logs help our Support team to identify and resolve issues with your computer.

There are two versions of the Farbar Recovery Scan Tool available for download: 32-bit and 64-bit.
To find which operating system is installed on your computer, refer to Microsoft's article: 32-bit and 64-bit Windows: Frequently asked questions

Download and launch Farbar Recovery Scan Tool

  1. Download the Farbar Recovery Scan Tool
    Do not click on any Ads.
     
  2. Locate the file you downloaded on your computer.
    Downloaded files are often saved to the Downloads folder.
     
  3. Double-click the downloaded file to run the Farbar Recovery Scan Tool.

    DOC-1318-1.png
     
  4. Windows protected your PC notification may appear. This notification is from the Windows Defender SmartScreen Filter which prevents unfamiliar apps from running on your PC.
    Disable smart screen ONLY if it interferes with software we may have to use:  What is SmartScreen and how can it help protect me?

         a.  Click More info.

    https://support.malwarebytes.com/hc/article_attachments/360051190254/DOC-1318-2.png
         b.  Click Run anyway.

    https://support.malwarebytes.com/hc/article_attachments/360051190294/DOC-1318-3.png
  5. When the User Account Control window appears, click Yes.

    image.png

     
  6. To accept the Disclaimer of warranty, click Yes.

    image.png

     
  7. Ensure only the boxes listed below are checked

    image.png

    Registry  Services  Drivers
    Processes  Internet  One month
    Addition.txt

    image.png

     

  8. Disable any Antivirus software you have installed ONLY if it stops software we may use from working.
    Please remember to re-enable any Antivirus software when we are finished running scans

    Click Scan. The scan may take a few minutes to complete.

    image.png
     

  9. When the scan completes, Farbar Recovery Scan Tool shows two messages:

  • Scan completed. FRST.txt is saved in the same directory FRST is located.

    image.png

  • Addition.txt is saved in the same directory FRST is located.

    image.png
     

  • Click OK to close each message window

 

Please attach both of those logs on your next reply, DO NOT copy/paste the contents of the logs directly

https://content.invisioncic.com/Mmalware/monthly_2018_10/_mb_attach.jpg.dbd89b8e360d3763b3bbe33ce83d680d.jpg

 

 

Thanks

Link to post
Share on other sites

36 minutes ago, Porthos said:

You said you believe it was Malwarebytes that caused your issue, The fact Defender is on, Malwarebytes did its job  and reactivated Defender as it was supposed to.

I think so because log has lost all the data right after I installed Malwarebytes.

 

40 minutes ago, Porthos said:

Please attach both of those logs on your next reply, DO NOT copy/paste the contents of the logs directly

My Windows version is not English, is that ok?

FRST.txt Addition.txt

Link to post
Share on other sites

  • Root Admin

Hello @reym

Please rename the Farbar program to the following so that it will return more of the information in English.

FRSTEnglish64.exe

Then run it again with Admin rights and click on the SCAN button. Make sure there is a check mark in the Addition check box and post back both new logs as an attachment.

 

FRST.TXT
ADDITION.TXT

 

 

Also, please download and run the following

Farbar Service Scanner and run it on the computer with the issue
http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

 

Make sure the following options are checked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender

Click "Scan"

It will create a log (FSS.txt) in the same directory the tool is run.
Please attach the log to your next reply.

 

Link to post
Share on other sites

  • Root Admin

Please click on START and type in PowerShell and run it with Admin rights.

Then input the following into the Window

Get-MpComputerStatus

Using your mouse you should be able to highlight the output and then press the Enter key and it will put it into your clipboard where you can paste it into Notepad.

Then if any of it is not in English, please translate it to English

Then do the same thing for this one

Get-MpPreference | Select-Object -Expand ExclusionPath  | Out-String -width 4096

Thank you

 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

  • 5 weeks later...
  • Root Admin

That's good actually.

Please run the following @reym

 

Microsoft Safety Scanner

Please make sure you Exit out of any other program you might have open so that the sole task is to run the following scan.   
That goes especially for web browsers, make sure all are fully exited out of and messenger programs are exited and closed as well
 

STEP 1

Please set File Explorer to SHOW ALL folders, all files, including hidden ones.  Use OPTION ONE or TWO of this article

https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html

STEP 2

I suggest a new scan for viruses & other malware. This may take several hours, depending on the number of files on the system and the speed of the computer.

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. 

The download links & the how-to-run-the tool are at this link at Microsoft 

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Look on the Scan Options & select the FULL scan.

Then start the scan. Have lots of patience. It may take several hours.

  • Once you see it has started, take a long long break;  walk away.  Do not pay credence if you see some intermediate early flash messages on the screen display.  The only things that count are the End result at the end of the run.
  • The scan will take several hours.  Leave it alone. It will remove any other remaining threats as it goes along.  Take a very long break, do your normal personal errands .....just do not use the computer during this scan.

This is likely to run for many hours as previously mentioned  ( depending on the number of files on your machine & the speed of the hardware.)

The log is named MSERT.log  and the log will be at C:\Windows\debug\msert.log

Please attach that log with your next reply.

 

 

It is normal for the Microsoft Safety Scanner to show detections during the scan process. It is scanning for basically all bread crumbs or traces of files and registry entries that "might" be or have been part of some infection or previous infection.

That DOES NOT mean the computer is infected. Once the scan has been completed it uploads the log to their Cloud service which then uses Artificial Intelligence to determine if in fact any of the traces are an infection or not.

Then it writes into the log on your computer what it found.

 

 

Link to post
Share on other sites

  • Root Admin

I suppose you can try it. I don't see how that would necessarily fix it, but at this point I was going to have you run an in-place reinstall of Windows. Normally that will fix just about anything except some severe corruption

 

VirusTotal did not find anything wrong with the file

https://www.virustotal.com/gui/file/99235e59511f3c2ef6772b1fd16f90d1cd43199cc4f6ce3a317cd8c41f421143

 

If that does not work, then I'd suggest the following

How to Do a Repair Install of Windows 10 with an In-place Upgrade
https://www.tenforums.com/tutorials/16397-repair-install-windows-10-place-upgrade.html

 

 

Link to post
Share on other sites

  • Root Admin

There are ways to clear and reset without such a tool, but as long as it's working, that's great news.

 

Let's go ahead and do some clean-up work and remove the tools and logs we've run.

Please download KpRm by kernel-panik and save it to your desktop.

  • right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please attach that file to your next reply. (not compulsory)

 

  1. Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.
    https://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/
  2. Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/
  3. Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download
  4. Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2
  5. Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ 
  6. Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security

Malwarebytes Browser Guard

uBlock Origin

 

Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/

Hopefully, we've been able to assist you with correcting your system issues.

Thank you for using Malwarebytes

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.