Jump to content

Recommended Posts

@netarchitech

Please do the following so that we may take a closer look at your system.

Disable-Fast-Startup

https://forums.malwarebytes.com/topic/299350-disable-fast-startup/

Then please restart the computer and then do the following.

WARNING: Do Not click the Repair option under Advanced unless requested by a Malwarebytes support agent or authorized helper

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool. The tool also downloads and runs a file called FRSTEnglish. Please allow it to run.
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine 


image.png.79d4442a821713608fa60808a98c2e69.png 

image.png.98d86a6c3017d2bbba48877ea4f6ba45.png

  • A zip file named mbst-grab-results.zip will be saved to the Desktop or on the hidden Public desktop (usually C:\Users\Public\Desktop), please upload that file on your next reply

     

Thank you

  • Thanks 1
Link to post
Share on other sites

  • Root Admin

It looks like there may be some type of networking issue, please run the following for us @netarchitech

 

Scan with SecurityCheck by glax24
https://forums.malwarebytes.com/topic/307301-scan-with-securitycheck-by-glax24/

Scan with FSS Farbar Service Scanner
https://forums.malwarebytes.com/topic/306736-scan-with-fss-farbar-service-scanner/

Scan with Farbar Recovery Scan Tool
https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/

 

  • Thanks 1
Link to post
Share on other sites

  • Root Admin

Thank you for the logs. You have some policies blocking that we need to fix.

Please do the following

 

Please make the following change in Malwarebytes if you're using the Premium or Trial version

  • Please open Malwarebytes. Click on the small gear icon to open the Settings and go to the Security tab.
  • Then turn off "Always register Malwarebytes in the Windows Security Center"
  • Restart the computer

image.png.ced4aa64af4718ab767f579cc39014

 

It is highly unlikely that you need to setup exclusions for Windows Defender, however if you experience any issues, please see the following article and setup exclusions
between Malwarebytes and Windows Defender

Malwarebytes for Windows antivirus exclusions list
https://support.malwarebytes.com/hc/en-us/articles/360038522974-Malwarebytes-for-Windows-antivirus-exclusions-list

 

 

NEXT

 

The Farbar (FRST) program is located here in your downloads folder:  C:\Users\Matt.000\Desktop\FRSTEnglish.exe

Please follow the process below to perform a fix in Safe Mode

 

Start in Safe mode:

  • Press the Windows icon on the keyboard together with the letter I, to get into the Settings.
  • Choose Update and Security.
  • From the menu at the left, choose Recovery.
  • Under the title Advanced startup at the right, choose Restart now.
  • From the window that will appear choose Troubleshoot and then Advanced options.
  • Choose Startup Settings and then Restart.
  • Press number 5, for choosing Safe mode with networking.
  • You will know that you are in Safe mode, if the background is black and Safe mode is written at the four corners of the screen.


After that:

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

 

Start::
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction
GroupPolicy: Restriction
End::

 

  • Right-click on FRSTEnglish in your Downloads folder, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in your Downloads folder or where you have the Farbar program located.
  • Attach that log in your next reply.
 
Thank you
 
 
  • Thanks 1
Link to post
Share on other sites

@AdvancedSetup I was able to access Safe Mode with Networking, although there was no Internet access...

Launched Farbar (FRSTEnglish) as Admin...

Received "Failed to Update (1)" error and clicked "OK" (the only option available)...

Unable to interact with Farbar (FRSTEnglish), it was "frozen"...

Shut down Farbar (FRSTEnglish) --> it took a number of minutes to finally close...

Awaiting further instructions...

Thank you...

Link to post
Share on other sites

  • Root Admin

Run Farbar in Windows Normal Mode so it will check for and update if needed.

Then save the following fixlist.txt file to the same location as the Farbar program

fixlist.txt

Then go back into Safe Mode and run the Farbar program and click on the FIX button

 

Let me know how that goes

 

 

  • Thanks 1
Link to post
Share on other sites

  • Root Admin

Great, that looks like it should have worked @netarchitech

Please restart the computer one more time and then run these scans and post back the logs.

It's late for me so I'll probably follow up and read your logs tomorrow and follow up.

 

Scan with SecurityCheck by glax24

 

Scan with FSS Farbar Service Scanner

 

Scan with Farbar Recovery Scan Tool

 

 

  • Thanks 1
Link to post
Share on other sites

  • Root Admin

Please uninstall, update, or otherwise address the following as appropriate for your system.

 

  • 7-Zip 19.00 (x64) v.19.00 Warning! Download Update | Uninstall old version and install new one.
  • Audacity 3.3.2 v.3.3.2 Warning! Download Update
  • Belarc Advisor 8.5c v.8.5.3.0 Warning! Download Update
  • Foxit PDF Reader v.12.1.2.15332 Warning! Download Update
  • Google Drive v.86.0.9.0 Warning! Download Update
  • Java 8 Update 351 (64-bit) v.8.0.3510.10 Warning! Download Update | Uninstall old version and install new one (jre-8u401-windows-x64.exe).
  • Java SE Development Kit 8 Update 102 (64-bit) v.8.0.1020.14 Warning! This software is no longer supported. Please uninstall it and use Java SE Development Kit (jdk-21_windows-x64_bin.exe).
  • KC Softwares DUMo v.2.25.4.125 Warning! This software is no longer supported.
  • KC Softwares SUMo v.5.17.8.540 Warning! This software is no longer supported.
  • Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 v.14.32.31326.0 Warning! Download Update
  • Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 v.14.31.31103.0 Warning! Download Update
  • Notepad++ (64-bit x64) v.8.5.7 Warning! Download Update
  • TeamViewer v.15.48.5 Warning! Download Update
  • TreeSize Free V4.7.1 (64 bit) v.4.7.1 Warning! Download Update
  • VLC media player v.3.0.18 Warning! Download Update
  • WinSCP 6.1.1 v.6.1.1 Warning! Download Update
  • Zoom v.5.16.10 (26186) Warning! Download Update


Please uninstall the following items

---------------------------- [ UnwantedApps ] -----------------------------
Wise Memory Optimizer v.4.2.0 Warning! Suspected demo version of anti-spyware, driver updater or optimizer.
KC Softwares DUMo v.2.25.4.125 Warning! Suspected demo version of anti-spyware, driver updater or optimizer.
Wise Registry Cleaner 10.6.1 v.10.6.1 Warning! Suspected demo version of anti-spyware, driver updater or optimizer.

 

Please see the following

 

 


Then RESTART the computer and check for Windows Updates and install any found.

 

Once all of the above has been addressed, please let me know.  @netarchitech

Thanks

 

  • Thanks 1
Link to post
Share on other sites

@AdvancedSetup Thank you for your recent reply...Looks like I have a bit of work to attend to... 

I will be back in touch as soon as I complete the list...hopefully sooner rather than later...

In the meantime, I want to thank you again for your time, assistance and continuing support...It is sincerely appreciated!

 

Link to post
Share on other sites

  • Root Admin

Sorry for the delay @netarchitech

Please go ahead now and run the following

To begin, please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to the Public desktop, please upload that file on your next reply

Thank you

 

  • Thanks 1
Link to post
Share on other sites

  • Root Admin

It collected Farbar logs from previous runs which is good, but it did not kick off a new scan which is not good.

Please manually run the following and get me updated logs.

 

Scan with Farbar Recovery Scan Tool
https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/

 

  • Thanks 1
Link to post
Share on other sites

  • Root Admin

Let's try one more clean up. I wonder if the TinyWall Firewall may be part of the issue?

 

 

Please run the following fix

 

NOTE: Please read all of the information below before running this fix.

  • NOTICE: This script was written specifically for this user, for use on this particular machine.
  • Running this on another machine may cause damage to your operating system that cannot be undone.

Once the fix has been completed, please attach the file FIXLOG.TXT to your next reply

Farbar program:   FRSTEnglish.exe

Save the attached file:  FIXLIST.TXT to this folder C:\Users\Matt.000\Desktop\202403060311 MalwareBytes VPN Issue\

NOTE. It's important that both files, FRSTEnglish.exe, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it.

 

 

Run the Farbar program with Admin rights and press the Fix button just once and wait.

The fix may possibly take up to 60 minutes to complete

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log named Fixlog.txt in the same folder you ran the Farbar program from. Please attach that log on your next reply.

 

  1. NOTE:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity.
  2. NOTE: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications may be automatically closed.
                Also, make sure you know the passwords for all websites as cookies may possibly be removed in some cases, but not all cases.
  3. NOTE: As part of this fix, it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Discord cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

  • Thanks 1
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.