Jump to content

Help with FARBAR fix file


SGB77

Recommended Posts

Great!

We noticed a Security Alert window in our server for vovoprd.com, but we don't have anything that we'd be using that domain for, including outlook or any browser.

The window kept on popping up,  and I was not able to install malwarebytes, it would stop in the middle giving me an error. I ran a few antivirus softwares and I was able to install malwarebytes. I'm now getting a popup every few seconds from malwarebytes regarding "Exploit blocked" Java - Application Behavior protection - java malicious inbound socket detected.

 

Thanks!

Link to post
Share on other sites

Is it just you using this pc at home ? 

I would like a report set for review.   This is a report only.

Please download MALWAREBYTES MBST Support Tool

Once you start it click Advanced >>> then   Gather Logs

 Have patience till the run has finished.

Upload an archive once it is done. Attach the mbst-grab-results.zip from the Desktop.

 

  • Please attach  mbst-grab-results.zip    to your reply
Link to post
Share on other sites

Tell me, please, do you use this Server system as a personal workstation ?  such as using it with attached monitor to run persoanl applications?
such as Chrome or Firefox ?

I noticed 3 recent inbound IP blocks. Those are 3 IP addresses that Malwarebytes considers as potentail threats. Do know that any potential threat was STOPPED.
Why does this system have some many Java versions ?  and are they absolutely needed?
It seems to be that all of these are outdated versions.  Could you uninstall all these
Java 8 Update 161 
Java 8 Update 333 
Java 8 Update 333 
Java SE Development Kit 8 Update 111 
Java SE Development Kit 8 Update 111

Advise me when this is done. We will do some other steps later. I have yet to see a mention of "vovoprd".

Link to post
Share on other sites

Be sure to do the maintenance tips listed above.What follows is a custom script intended to help out overall.

Please be sure to Close any open work files, documents,  any apps you started yourself  before starting this. THIS run will do a Windows RESTART. Once it starts it will auto-close any other running app.

We will use FRST64.exe  on the Desktop folder to run a custom script.    The system will be rebooted after the script has run. This is intended to do some system checks using System File Checker ( SFC ) and a quick scan with MS Defender. It will also rebuild the Winsock. It will remove a number of drivers that are of questionable value & no longer belong here.

This custom script is for  SGB77  machine  only / for this machine only.

  • Please save the (attached file named) FIXLIST.txt   to the   Desktop   folder

Fixlist.txt    <<< - - - - -

Then, Start the Windows Explorer and then, go  to the Desktop    folder.


RIGHT click on FRST64.exe    and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run.

  •    If the tool warns you the version is outdated, please download and run the updated version.
  • IF Windows prompts you about running this, select YES to allow it to proceed.
  • IF you get a block message from Windows about this tool......

               click line More info information on that screen
               and click button Run anyway on next screen.

  • on the FRST window:

Click the Fix button just once, and wait.

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience.  Please attach the Fixlog.txt with your next reply. 

Link to post
Share on other sites

That run is a good cleanup. But we need to do more follow-ups.
This next tool ought to take something in the range of 15 - 25 minutes tops, depending on hardware speed.
get & run the Malwarebytes MBAR anti-rootkit tool to do 1 run with it.
Disregard the title subject of the topic.Run the MBAR tool as listed here 

https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes

  • when done, I need the MBAR logs.
  • Upon completion of the scan or after the reboot, two files named mbar-log.txt and system-log.txt will be created.
  • Both files can be found in the extracted MBAR folder on your Desktop.
  • Please attach both files in your next reply.
Link to post
Share on other sites

  • 1 month later...

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.