Jump to content

Recommended Posts

  • Root Admin

Hello @Jacob_984 and :welcome:

 

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process

[ 1 ]

Please make the following system changes.

  • Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed.
  • Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the scans are completed.
  • Disable-Fast-Startup
  • Show-Hidden-Folders-Files-Extensions

[ 2 ]

Malwarebytes AdwCleaner

Let's do a special run of Malwarebytes AdwCleaner to help prepare the computer to be able to run other scanning software that may be blocked

Please read all the information below before starting so that you have a good understanding of the process.
Take your time and be careful. Make sure you select all of the listed items below - before- pressing the scan button.
 
  • Please download Malwarebytes AdwCleaner and save the file to your Desktop or Downloads folder.
  • Here is another link to download if the link above does not work:  Malwarebytes AdwCleaner alternative link
  • Locate the program where you downloaded it. Double-click to start AdwCleaner.  Do not rush. There are a few choices to set as listed below.
  • Malwarebytes AdwCleaner guide
  • Reply YES at the Windows prompt to allow the program to proceed and make changes. That is the usual Windows security prompt.
  • Accept the End User License Agreement.
  • Wait until the database is updated. Do Not click on anything yet.
 
When AdwCleaner starts, on the left side panel of the window, click on Settings and enable these repair actions on the Application tab
Clicking their button to the far-right will enable the ON status
 
  • Delete IFEO keys
  • Delete tracing keys
  • Delete Prefetch files
  • Reset Proxy
  • Reset Chrome policies
  • Reset IE Policies
  • Reset Winsock
  • Reset Hosts file (If you're not having any issues accessing security or other websites you can uncheck this item)

 

image.png.a06f1c3da463f5f1a4d071a910ff71

 

ONLY after you have set the selections above ....only after that .....
Now On the left side of the AdwCleaner window, click on the Dashboard panel and then click the Scan button to perform a computer scan.
 
image.png.7a0c726e4d63978cfe4d95bca514c7
 
  • DO NOT uninstall or remove the Preinstalled software if found. Uncheck any items listed for Preinstalled
  • When finished, if items are found please click Quarantine to finish the cleaning process.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Attach that log to your next reply. You can also open the Log Files panel to locate.
  • This can take several minutes to complete, please be patient.
  • When the AdwCleaner scan is completed it will display all of the items it has found. Click on the Quarantine button To remove what it found.
  • AdwCleaner will now prompt you to save any open files or data as the program will need to close any open programs before it starts to clean.
  • Click on the Continue button to finish the removal process.
  • If No Detections are found, Click the Basic Repair button to have it reset the checked items above.


[ 3 ] 

Malwarebytes for Windows

  • If you already have Malwarebytes installed then open Malwarebytes and click on the small gear icon, then click on the "Check for updates" button on the General tab.
  • After any updates, click the middle Scan button from the main page. It will automatically run a Threat Scan.
  • If you don't have Malwarebytes installed yet, please download it from here or alternative link and install it.
  • Once installed then open Malwarebytes and select Scan and let it run.
  • Once the scan is completed, make sure you have it quarantine any detections it finds.
  • If no detections were found click on the Save results drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If there were detections then once the quarantine has completed click on the View report button, Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let us know in your next reply that the scanner would not run.

 

View Reports and History in Malwarebytes for Windows v4
https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows

Malwarebytes for Windows v4 guide
https://support.malwarebytes.com/hc/en-us/articles/360038984693-Malwarebytes-for-Windows-v4-guide

 

RESTART THE COMPUTER Before running Step 4

[ 4 ]

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Please rename FRST.EXE or FRST64.EXE to FRSTEnglish.exe
  • After renaming the file right-click over FRSTEnglish.exe and select "Run as administrator"
  • When the tool opens click Yes to the disclaimer
  • Make sure there is a check mark in the Addition.txt check box
  • Press the Scan button.
  • It will make a log FRST.txt and Addition.txt in the same directory the tool is run from. Please attach both logs to your next reply.

 

 

Thank you

 

Example image of where to click to attach files when posting your reply

image.thumb.png.e208c182ff570799c53bcf57

 

 

 

Link to post
Share on other sites

  • Root Admin

ATTENTION: System Restore is disabled (Total:118.01 GB) (Free:61.66 GB) (52%)

Please enable System Protection and create a new System Restore Point

 

Turn On or Off System Protection for Drives in Windows 11
https://www.elevenforum.com/t/turn-on-or-off-system-protection-for-drives-in-windows-11.3598/

Create System Restore Point in Windows 11
https://www.elevenforum.com/t/create-system-restore-point-in-windows-11.3602/

 

 

 

Link to post
Share on other sites

  • Root Admin

The choice is yours but I would not recommend using the Opera browser. It used to be a great alternative browser but it does not respect your privacy

Using Firefox or Brave would be a better choice for privacy

 

Please run the following

SecurityCheck by glax24              


I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications.
CheckSecurity is a utility for quickly checking for the presence of vulnerable applications

  • Temporarily disable Microsoft SmartScreen to download the software
  • Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • If SmartScreen blocks the file from running click on More info and Run anyway
  • This tool is safe.   Smartscreen is overly sensitive. You can check the VirusTotal scan of the tool from here
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"  and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheckC:\SecurityCheck\SecurityCheck.txt

Items checked:

  1. User Account Control (UAC).
  2. Service pack.
  3. IE version.
  4. Automatic OS update. Sets of critical KB patches when updating is disabled.
  5. Antivirus, firewall, other security utilities.
  6. Versions of Java, Oracle Virtualbox.
  7. Version of Adobe Flash Player, Adobe AIR.
  8. Versions of Adobe Reader, Acrobat Reader DC, Foxit Reader.
  9. Versions of media players (iTunes, AIMP, foobar2000).
  10. Versions of messengers (Skype, Pidgin).
  11. Versions of installed browsers (Chrome, Opera, Firefox, Yandex, SeaMonkey).
  12. Versions of mail programs (The Bat, Thunderbird).
  13. Checking running processes and security program services
  14. Searching for installed Adware programs and optimizer programs (More than 5000).

Thank you

 

Link to post
Share on other sites

  • Root Admin
12 minutes ago, Jacob_984 said:

Hi! Thanks for the suggestion about Opera. I'm going to switch to either Chrome or Firefox later.

If you're going to use Chrome you might as well stay on Opera - Google Chrome is one of the largest companies in the world and got there from marketing and selling your meta data to others. That is the point for privacy is to try to slow down these big companies somewhat.

Firefox and Brave are one of a few that try to help maintain some privacy.

 

The log from Security Check looks good.

Let's go ahead and run a scan with ESET to see if they find anything wrong

 

 

Please run the following ESET Online Scanner and perform a Full Scan

 

Click the following link to save the installer for ESET Online Scanner

https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

  • It will start a download of "esetonlinescanner.exe"
  • Save the file to your system, such as the Downloads folder, or else to the Desktop.
  • Go to the saved file, and double click it to get started. 
  • When presented with the initial ESET screen, click on "Get Started". Read and accept the Terms of use
  • On the "Before we start..." screen chose if you want to send anonymous data and if you want to provide feedback or not, then click Continue
  • When prompted for scan type, Click on the Full Scan button
  • Enable  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click the Start scan button.
  • Have patience.  The entire process may take a few hours or more.
  • When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.
  • Click The blue “Save scan log” to save the log and give it a name and location you remember.
  • If something was removed and you know it is a false postive, you may click on the blue ”Restore cleaned files”  ( in blue, at the bottom).
  • Press Continue when all done.  You should click to turn off the offer for “periodic scanning”.
  • Enable "Delete application data on closing" - You do not need to submit feedback unless you want to. Simply ignore and close the program.

 

Note: If you do need to do a File Restore from ESET please follow the directions below

[KB2915] Restore files quarantined by the ESET Online Scanner version 3

https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner

 

Please attach the ESET scan log you saved at the end to your next reply

 

Link to post
Share on other sites

  • Root Admin

Using KMS in that manner is Stealing, Pirating software and against the law in almost all countries in the world.

The Key Management Service (KMS) is a purchased service by a business to run a server within their own organization to license desktops they have purchased licenses in bulk for.

At this time aside from the KMS the system looks to be clean. I will go ahead and close your topic now

 

 

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.