Jump to content

Recommended Posts

Hi,
For a while now I have been getting constant notifications saying
"Website blocked due to malware

Learn about malware. If you don't want to block this website, you can exclude it from website protection by accessing Exclusions.

IP Address: 194.26.135.180
Port: 15647
Type: Outbound
File: C:\Windows\SysWOW....0\powershell.exe" "

I installed Avira and when I start the computer I always receive a notification that it has detected suspicious activity in "memorybufffer..."

PowerShell also opens every time I boot then disappeared, sometimes I notice there is very high power usage coming from PowerShell, when I End Task in task manager the computer runs faster again.

Now I am having a major issue that I believe could be related. After about 15-30 seconds after booting the computer freezes. I can still move my mouse and click on things but nothing opens, after a while I sometimes receive notification "Microsoft Windows has stopped responding" when I click 'End task' it goes to black.
The computer works fine in safe mode with no issues, I have run full virus scans and nothing shows up. Could you please assist me.

I have attached some logs from Malwarebytes and FRST

Thanks,
Lachlan
 

Addition.txt AdwCleaner[S02].txt FRST.txt Malewarebytes Scan Log.txt

Link to post
Share on other sites

Welcome smile.png
 
I'll be helping you with your computer.
 
Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.
 
Please take note of the guidelines for this fix:

  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. smile.png

Let's begin... smile.png

  • Download the enclosed file  Fixlist.txt
  • Save it in the same location FRST64.exe is saved.
  • Start FRST (FRST64) with Administrator privileges
  • This time around Press the Fix button and wait
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please attach this file in your next reply.

Edited by JSntgRvr
Link to post
Share on other sites

Lets check the disk:
  
You can use the Media creation tool to automatically create a bootable W10 installation flash drive.
 
Download Windows 10 (microsoft.com)
 
Insert the media created on the troubled computer. Turn On the computer and tap on the key to access the boot menu. From the menu, select the USB device where the media tool is inserted.

  • Click “Next” on the main wizard screen.
  • Click on the “Repair your computer” link.
  • Choose “Troubleshoot.”
  • Select “Advanced options.”
  • Click on the “Command Prompt” option.

-or-

While pressing the shift key, restart the computer. It should boot to the Recovery Console Advanced Menu.

  • Choose “Troubleshoot.”
  • Select “Advanced options.”
  • Click on the “Command Prompt” option.

 

At the command prompt type the following and press Enter.
 
BCDEDIT | Find "osdevice"
 
Take note of the drive letter shown as the "osdevice", then type the following and press Enter:
 
CHKDSK X:\ /R
 
Replace the X with the osdevice letter and press Enter. Once completed take a photograph of that window and upload it for us to see. 

Link to post
Share on other sites

The scan is clear.

 

Perform a Clean Boot and see if able to boot in Normal Mode. 

The benefits of clean booting Windows 10 are that it helps eliminate software conflicts that occur when you install or run a program or an update. This can help you identify the root cause of the problem and fix it. By disabling all non-Microsoft services and startup programs, you can also improve the performance of your computer. However, it is important to note that clean booting your computer should be done with caution, as it can cause some programs to stop working properly. If you are unsure about how to clean boot your computer, it is recommended that you seek assistance from a professional or refer to Microsoft’s official documentation.

In the Start Search box, type in msconfig and press the Enter key.

Click the Services tab of the System Configuration dialog box, tap or click to select the Hide all Microsoft services check box, and then tap or click Disable all.

Now click or tap Startup  and open Task Manager.

On the Startup tab in Task Manager, select each item and then click Disable. Close Task Manager.

Again click or tap the Startup tab of the System Configuration dialog box, tap or click OK, and then restart the computer.

 

See if you can boot in Normal Mode.

 

 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.