Root Admin AdvancedSetup Posted May 6 Root Admin ID:1634542 Share Posted May 6 Thank you for the log. We were not trying to remove any infection with that run. Simply trying to repair the broken services. The log says it ran well Registry ====> The operation completed successfully. Please RESTART the computer one more time and get me a new, fresh set of logs and we'll see if it really fixed it or not. Scan with SecurityCheck by glax24 https://forums.malwarebytes.com/topic/307301-scan-with-securitycheck-by-glax24/ Scan with FSS Farbar Service Scanner https://forums.malwarebytes.com/topic/306736-scan-with-fss-farbar-service-scanner/ Scan with Farbar Recovery Scan Tool https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/ Link to post Share on other sites More sharing options...
Emmo Posted May 6 Author ID:1634664 Share Posted May 6 (edited) Hello again, Ahh, I understand, I've restarted and attached the logs, I hope these help! If possible can all my previous file uploads also be removed? Thank you very much for your patience. if possible, from this point to now? I hope this can be considered! Edited May 6 by AdvancedSetup Removed logs Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 6 Root Admin ID:1634676 Share Posted May 6 The logs indicate that the broken services have been repaired now. Please update the following Microsoft Office Home and Student 2019 - en-us v.16.0.17425.20176 Warning! Download Update | How Install Office updates? WinRAR 6.00 (64-bit) v.6.00.0 Warning! Download Update Then check for Windows Updates and install any found Let me know if there are still any signs of infection or any other unresolved issues Thank you Link to post Share on other sites More sharing options...
Root Admin Solution AdvancedSetup Posted May 6 Root Admin Solution ID:1634678 Share Posted May 6 Then run the following final scan after the updates above and a computer restart. Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process [ 1 ] Please make the following system changes. Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed. Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the scans are completed. Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions [ 2 ] I suggest a new scan for viruses & other malware. This may take several hours, depending on the number of files on the system and the speed of the computer. The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. The download links & the how-to-run-the tool are at this link at Microsoft https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download Look on the Scan Options & select the FULL scan. Then start the scan. Have lots of patience. It may take several hours. Once you see it has started, take a long long break; walk away. Do not pay credence if you see some intermediate early flash messages on the screen display. The only things that count are the End result at the end of the run. The scan will take several hours. Leave it alone. It will remove any other remaining threats as it goes along. Take a very long break, do your normal personal errands .....just do not use the computer during this scan. This is likely to run for many hours as previously mentioned ( depending on the number of files on your machine & the speed of the hardware.) The log is named MSERT.log and the log will be at C:\Windows\debug\msert.log Please attach that log with your next reply. It is normal for the Microsoft Safety Scanner to show detections during the scan process. It is scanning for basically all bread crumbs or traces of files and registry entries that "might" be or have been part of some infection or previous infection. That DOES NOT mean the computer is infected. Once the scan has been completed it uploads the log to their Cloud service which then uses Artificial Intelligence to determine if in fact any of the traces are an infection or not. Then it writes into the log on your computer what it found. Thank you Link to post Share on other sites More sharing options...
Emmo Posted May 7 Author ID:1634997 Share Posted May 7 Hello again! I've tried to update everything, but the only one I seem to be struggling with is the Update for Windows (KB5034441). I keep getting this error: and every time I retry, it always starts at 0% and never progresses, then gives me the same error code. I tried searching for the solution but it seems that no one else is having their issue solved by the adviser, so I'm not sure how I'm able to fix this, so I just proceeded forward with the rest of the scans. msert.log I hope this helps! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 7 Root Admin ID:1635004 Share Posted May 7 I would ignore the KB5034441 for now. That is an error due to Microsoft attempting to modify the Recovery Environment. Once they have that fixed the error should go away. Is there anything else? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 8 Root Admin ID:1635200 Share Posted May 8 @Emmo Please see the following information about the KB5034441 Windows Update installation failure Microsoft won't fix Windows 0x80070643 errors, manual fix required May 2, 2024 https://www.bleepingcomputer.com/news/microsoft/microsoft-wont-fix-windows-0x80070643-errors-manual-fix-required/ KB5028997: Instructions to manually resize your partition to install the WinRE update https://support.microsoft.com/en-us/topic/kb5028997-instructions-to-manually-resize-your-partition-to-install-the-winre-update-400faa27-9343-461c-ada9-24c8229763bf Extend the Windows RE Partition using PowerShell (Microsoft) https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/add-update-to-winre?view=windows-11#extend-the-windows-re-partition Microsoft shares script to update Windows 10 WinRE with BitLocker fixes January 11, 2024 https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-script-to-update-windows-10-winre-with-bitlocker-fixes/ Link to post Share on other sites More sharing options...
Emmo Posted May 9 Author ID:1635300 Share Posted May 9 Hello again! I have no other questions, but I think I've done it? I followed along the first and last link you'd sent! I hid the error update, saved and ran the recommended script with ISE, downloaded the most recent update from the Update Catalog and linked the two, it went through a process and cleared, so I think it worked! The error is no longer appearing--thank you! The Virus and Threat protection system is still detecting that one file in my drive to be a threat even though I've permanently deleted and uninstalled it everywhere, is it safe to just allow it into my system and see if that does anything? Maybe shows it elsewhere? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 9 Root Admin ID:1635342 Share Posted May 9 That is an alert from May 1, 2024 we're now on 5/9/2024 Restart the computer into Safe Mode and then remove the following folder From a command prompt: RD /Q /S "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service" Then restart and the Windows Defender History should be gone. Do a NEW scan with Windows Defender to see if it detects anything Link to post Share on other sites More sharing options...
Emmo Posted May 10 Author ID:1635433 Share Posted May 10 Hello again! I’ve tried with singular spacing and the same spacing as mentioned, but I’m still unable to access that file and find the path. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 10 Root Admin ID:1635516 Share Posted May 10 Open Notepad and verify which drive your Windows folder is on. It could be D: E: or F: etc. Modify the path to use the correct drive letter Link to post Share on other sites More sharing options...
Emmo Posted May 10 Author ID:1635525 Share Posted May 10 Hello again, It should be C:, but it's still not permitting me to access that folder :-( Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 10 Root Admin ID:1635535 Share Posted May 10 Do the following DIR C:\ Then post back that image Link to post Share on other sites More sharing options...
Emmo Posted May 11 Author ID:1635610 Share Posted May 11 Hello again, I thought it might register it after that, so I tried inputting the code again, but it sadly still didn’t work, but I hope the information helps! If this is considered personal information please delete it! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 11 Root Admin ID:1635615 Share Posted May 11 No, you can see that C: is not your drive when in the Recovery Console Type in NOTEPAD and run it. Then do File Open and see which Drive letters you see. Link to post Share on other sites More sharing options...
Emmo Posted May 11 Author ID:1635623 Share Posted May 11 Each one of them didn’t have that directory? I’ve checked around but this time my C folder is empty? But I saw the Scan folder when I was logged in. Link to post Share on other sites More sharing options...
Emmo Posted May 11 Author ID:1635627 Share Posted May 11 Tried to go down the list and D:\ came out with an empty response! [I think it worked] Every other one came out with "..cannot find the path specified", and I did a quick scan to test. It worked! And I think that's all the issues I had; Thank you so much once again for your time! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 11 Root Admin ID:1635635 Share Posted May 11 You're quite welcome Excellent, glad to hear all is well again. I'll go ahead and close your topic now and wish you well. Please follow the directions below to remove the logs and tools we've used. If any are still left after that you can manually uninstall or delete them. Take care and stay safe out there. Try to follow as much of the advise below as you can as well. Let's go ahead and do some clean-up work and remove the tools and logs we've run. Please download KpRm by kernel-panik and save it to your desktop. right-click kprm_(version).exe and select Run as Administrator. Read and accept the disclaimer. When the tool opens, ensure all boxes under Actions are checked. Under Delete Quarantines select Delete Now, then click Run. Once complete, click OK. A log will open in Notepad titled kprm-(date).txt. You can close it. We're glad that we were able to assist you. The following information will help you to keep your computer and data safer as well as improve your overall privacy Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site. https://www.howtogeek.com/780233/best-password-manager/ Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/ Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download https://patchmypc.com/about-us Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security Malwarebytes Browser Guard Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ uBlock Origin Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin Cybersecurity basics & protection Everything you need to know about cybercrime https://www.malwarebytes.com/cybersecurity Further reading if you'd like to keep up on the malware threat scene: Malwarebytes Blog https://blog.malwarebytes.com/ Hopefully, we've been able to assist you with correcting your system issues. Thank you for using Malwarebytes. Please tell your friends and family if they too need assistance with malware removal 1 Link to post Share on other sites More sharing options...
Recommended Posts