AdvancedSetup

Root Admin
  • Content count

    62,441
  • Joined

  • Last visited

5 Followers

About AdvancedSetup

  • Rank
    Staff

Contact Methods

  • Website URL
    http://www.malwarebytes.org

Profile Information

  • Location
    US

Recent Profile Visitors

321,854 profile views
  1. I've edited the post for you and removed. I've also ping Support to follow up with you
  2. Hello @Hyoujin and Someone from our Support Team will be in touch with you shortly to assist you. Thank you
  3. Hello @SandroAvallone and Someone from our Support Team will be in touch with you shortly to assist you. Thank you
  4. Contacting Business Support would be your best bet. Thank you
  5. Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Then reboot and run MBAM again and try to activate it. If it fails again please get a screen shot of it and post back. Thanks
  6. Agree with @Firefox about daily scans if using only the Free version.
  7. Overall it looks good. No immediate signs of an infection, however there are other issues on the system that you may with to see if your IT Support can assist with as this appears to be a business computer. Application errors: ================== Error: (08/30/2016 01:14:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. Error: (08/27/2016 05:03:37 PM) (Source: Windows Search Service) (EventID: 3104) (User: ) Description: Enumerating user sessions to generate filter pools failed. System errors: ============= Error: (08/30/2016 04:47:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/30/2016 04:47:02 PM) (Source: TPM) (EventID: 15) (User: ) Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer. Error: (08/30/2016 02:47:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The tmumh service failed to start due to the following error: The revision level is unknown. Thanks
  8. Restart the computer, then rescan and remove what MBAM finds. It is not a false positive regardless of what your friends at the computer shop are telling you. You need to either disable the the smart filter or use another browser to download the tool. It is safe and only scans to post logs of what is running on your system
  9. I would highly recommend you let me help you to get rid of it. MBAM will work as an after the fact clean up tool but once the trial is over it won't block new incoming threats without purchasing a license. It will scan and remove what it finds though. I would recommend you do the following. Please restart the computer first and then run the following steps and post back the logs when ready. STEP 04 Please download Junkware Removal Tool to your desktop. Shutdown your antivirus to avoid any conflicts. Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP. The tool will open and start scanning your system. Please be patient as this can take a while to complete. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next reply message When completed make sure to re-enable your antivirus STEP 05 Let's clean out any adware now: (this will require a reboot so save all your work) Please download AdwCleaner by Xplode and save to your Desktop. Double click on AdwCleaner.exe to run the tool. Vista / Windows 7/8 users right-click and select Run As Administrator Click on the Scan button. AdwCleaner will begin...be patient as the scan may take some time to complete. When it's done, you'll see: Pending: Please uncheck elements you don't want to be removed. Now click on the Report button and a logfile (AdwCleaner[R0].txt) will open in Notepad for review. Look at the log especially under Files/Folders for any program you want to save. If there's a program you may want to save, just uncheck it from AdwCleaner. If you're not sure, post the log for review. (all items found are adware/spyware/foistware) If you're ready to clean it all up, click the Clean button. After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically. Copy and paste the contents of that logfile in your next reply. A copy of that logfile will also be saved in the C:\AdwCleaner folder. Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine To restore an item that has been deleted: Go to Tools > Quarantine Manager > check what you want to be restored > now click on Restore. STEP 06 Download Sophos Free Virus Removal Tool and save it to your desktop. Double click the icon and select Run Click Next Select I accept the terms in this license agreement, then click Next twice Click Install Click Finish to launch the program Once the virus database has been updated click Start Scanning If any threats are found click Details, then View Log file (bottom left-hand corner) Copy and paste the results in your reply Close the Notepad document, close the Threat Details screen, then click Start cleanup Click Exit to close the program If no threats were found, please confirm that result. STEP 07 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks
  10. Yep, starting to feel older all the time as the people I watched as a kid are starting to pass away.
  11. Understood, my wife gets a bit upset at times for all the time I spend on the computer too, but I'm trying to make a living
  12. I'm sorry but can you please attach the log, not copy/paste them. Pasted logs are not always accurate. Thank you
  13. Great, I'm glad that was able to resolve your updating issue @anniyan Unless there is something else then, I'll go ahead and close your topic as resolved. Let me know and thanks again.
  14. Hello @StatticGuy Delete the files and reboot the workstation a few times. Then run MBAM again and check for updates and run a new Threat Scan and post the scan log. Next, let's get a bit more information from the computer to see how it's doing. Please read the following and post back the 3 requested logs as an attachment. Diagnostic Logs Thanks
  15. These instructions are for Windows 7 and 8 but hopefully, you can adapt them to Windows 10, if not then let me know and I'll write up specific to Windows 10 On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive. Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. Plug the flash drive into the infected PC. If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt. If you are using Vista or Windows 7 enter System Recovery Options. To enter System Recovery Options from the Advanced Boot Options: Restart the computer. As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears. Use the arrow keys to select the Repair your computer menu item. Select US as the keyboard language settings, and then click Next. Select the operating system you want to repair, and then click Next. Select your user account an click Next. Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used. To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html To enter System Recovery Options by using Windows installation disc: Insert the installation disc. Restart your computer. If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings. Click Repair your computer. Select US as the keyboard language settings, and then click Next. Select the operating system you want to repair, and then click Next. Select your user account and click Next. ========== On the System Recovery Options menu you will get the following options: Startup Repair System Restore Windows Complete PC Restore Windows Memory Diagnostic Tool Command Prompt Select Command Prompt ========== Once in the Command Prompt: In the command window type in notepad and press Enter. The notepad opens. Under File menu select Open. Select "Computer" and find your flash drive letter and close the notepad. In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter Note: Replace letter e with the drive letter of your flash drive. The tool will start to run. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.