rechelle Posted March 23 Author ID:1625297 Share Posted March 23 I got it. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 23 Root Admin ID:1625302 Share Posted March 23 Great, now try to run the MBST tool or the AV scanner and post back logs if possible 1 Link to post Share on other sites More sharing options...
rechelle Posted March 23 Author ID:1625307 Share Posted March 23 Okay. I've gotten myself maybe a bit confused. I just ran av scanner for the s cond time. I didn't click any boxes to quarantine threats and whatever it said. I guess it finished running, tried to restart computer, but I stopped it to save files before it did that. So, now the restart didn't happen. But even after first scan when it did restart, there were no folders on my desktop. What did I do wrong, and now that I'm able to run it, what do I do? Check any boxes? Check to have things quarantined? Maybe those logs are in the program? I don't know . Link to post Share on other sites More sharing options...
rechelle Posted March 23 Author ID:1625308 Share Posted March 23 What are the log names you need? Link to post Share on other sites More sharing options...
rechelle Posted March 23 Author ID:1625316 Share Posted March 23 I meant file names Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 23 Root Admin ID:1625322 Share Posted March 23 If you can run the following and get me logs that would be fantastic Scan with Farbar Recovery Scan Tool https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/ Link to post Share on other sites More sharing options...
rechelle Posted March 23 Author ID:1625332 Share Posted March 23 I have no clue if I did any of that right. I appreciate your very kind help so far, if we haven't gotten it yet, I feel we may be close. Lol. 😫 FRST.txt Addition.txt Link to post Share on other sites More sharing options...
rechelle Posted March 23 Author ID:1625341 Share Posted March 23 Addition.txt FRST.txt Link to post Share on other sites More sharing options...
rechelle Posted March 23 Author ID:1625342 Share Posted March 23 Okay. Still not sure if I did this right. BTW, I left that program up because I thought it was still running? IDK. The 1st post w/ the files were from first run. Second post for second time I ran it. It's 4:21 am, I don't remember why I did that. THE GOOD THING: I'm posting and uploading to the forum from my laptop. SO THAT IS A POSITIVE thing. I am already very grateful to you, I hope you can find something helpfup in there, but either way, if more is needed from me... keep on instructing! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 25 Root Admin ID:1625643 Share Posted March 25 Thank you for the logs @rechelle Sorry for the delay but I don't officially work on the weekends and I'm feeling under the weather. Please run the steps below. [ 1 ] Please temporarily uninstall the Avast antivirus and restart the computer. Windows comes with Windows Defender which is pretty much on par almost with Avast so the computer will still have protection. Please go to Control Panel, Programs, Programs and Features, Uninstall a program Then right-click and uninstall the following Avast Premium Security - then restart the computer. If any of the other Avast programs still show in the Add/Remove then please uninstall them too. Avast Cleanup Premium Avast Secure Browser The following other programs should also be uninstall Adobe Flash Player 32 PPAPI (no longer supported by Adobe for many years now) Bonjour (this program is rarely needed on Windows and often creates networking issues) Unless you're actively using RealNetworks to store, save, and process media I would recommend you consider uninstalling it. It originally was from 2013 RealPlayer Cloud (old program and often much better software these days available) [ 2 ] I see you have the Google Password Manager installed. I would highly recommend not using a password manager based on the web browser. You may wish to review the following topic that discusses about Password Managers a little. I would not change though until we're done cleaning your computer. [ 3 ] Your DNS Servers: 192.168.1.1 Please consider changing your default DNS server settings. Please choose one provider only DNS is what lets users connect to websites using domain names instead of IP addresses Pick just one of these 5 providers. And be aware that you need to modify 1 time for IPv4 & a 2nd pass for IPv6 Quad 9 Public DNS IPv4 9.9.9.9 and 149.112.112.112 IPv6 2620:fe::fe and 2620:fe::9 (one of the best for most users) Google Public DNS: IPv4 8.8.8.8 and 8.8.4.4 IPv6 2001:4860:4860::8888 and 2001:4860:4860::8844 Cloudflare: IPv4 1.1.1.1 and 1.0.0.1 IPv6 2606:4700:4700::1111 and 2606:4700:4700::1001 OpenDNS: IPv4 208.67.222.222 and 208.67.220.220 IPv6 2620:119:35::35 and 2620:119:53::53 DNSWATCH: IPv4 84.200.69.80 and 84.200.70.40 IPv6 2001:1608:10:25::1c04:b12f and 2001:1608:10:25::9249:d69b The Ultimate Guide to Changing Your DNS Server https://www.howtogeek.com/167533/the-ultimate-guide-to-changing-your-dns-server/ Here is a YouTube video on Changing DNS settings if needed [ 4 ] It looks like VSS may be having issues Please download and run the following Volume Shadow Copy Service (VSS), Diagnostic Tool, from Acronis Acronis VSS Doctor Free tool for diagnosing and repairing Volume Shadow Copy Service issues. Download link on the bottom of the page. Download - Acronis VSS Doctor In many cases, it can correct the issues on its own. If not, then it will give details on what may be causing the issues. Please save the report in text format and post back that log on your next reply. You can also try the tool from Macrium Reflect if the Acronis tool did not work. Macrium Reflect Volume Shadow Copy Service (VSS) Repair Tool VSSfix 64bit - download Once you've run the repair tool you need to restart your computer. [ 5 ] Please complete the steps above before running this fix Please run the following fix NOTE: Please read all of the information below before running this fix. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Once the fix has been completed, please attach the file FIXLOG.TXT to your next reply Farbar program: FRSTEnglish.exe Save the attached file: FIXLIST.TXT to this folder C:\Users\rechelle\Desktop\ NOTE. It's important that both files, FRSTEnglish.exe, and fixlist.txt are in the same location or the fix will not work. Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it. Run the Farbar program with Admin rights and press the Fix button just once and wait. The fix may possibly take up to 60 minutes to complete If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log named Fixlog.txt in the same folder you ran the Farbar program from. Please attach that log on your next reply. NOTE: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. NOTE: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications may be automatically closed. Also, make sure you know the passwords for all websites as cookies may possibly be removed in some cases, but not all cases. NOTE: As part of this fix, it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix. The following directories are emptied: Windows Temp Users Temp folders Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History Recently opened files cache Discord cache Java cache Steam HTML cache Explorer thumbnail and icon cache BITS transfer queue (qmgr*.dat files) Recycle Bin Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix. The system will be rebooted after the fix has run. Thanks Link to post Share on other sites More sharing options...
rechelle Posted March 28 Author ID:1626415 Share Posted March 28 I've been ill also. Gonna get to this now . Thank you so much Link to post Share on other sites More sharing options...
rechelle Posted March 28 Author ID:1626423 Share Posted March 28 AcronisVSSDoctorReport_2024-03-27-21-31-08.txt Link to post Share on other sites More sharing options...
Root Admin Solution AdvancedSetup Posted March 28 Root Admin Solution ID:1626442 Share Posted March 28 You have a hard drive disk error. Timestamp: 3/27/2024 7:59:22 AM Type: Error Source: disk Message: The device, \Device\Harddisk0\DR0, has a bad block. That is a sign the hard drive is starting to fail. There is no way to determine how long it may last but it's best to backup your personal data to an external drive while you can before the drive does fail. Then look at purchasing a new hard drive and either clone the current drive or reinstall Windows 1 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 28 Root Admin ID:1626575 Share Posted March 28 Due to the nature of the hardware issue I'm going to close this topic now. If you get the hard drive replaced and still need help with malware review, please start a new topic or send me a private message and we can reopen the topic. Best of luck Take care and stay safe out there Link to post Share on other sites More sharing options...
Recommended Posts