Computer Invaded By The Greeks

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by mark59, Jan 29, 2024.

Page 2 of 2
  1. mark59

    mark59 MajorGeek

    I went to remove them but they have all gone. I had left the computer turned on and the Windows Defender page open. But, when I clicked on it to deal with the threat(s) there was nothing listed. Windows Defender is now saying there are no threats
     
    mark59, Feb 13, 2024
    #51
  2. Oh My!

    Oh My! Malware Expert Staff Member

    Excellent.

    Thanks for your patience through all of this. This particular Windows Defender issue fights back for some reason.

    Please do this.

    ===================================================

    Farbar Recovery Scan Tool Fix

    --------------------
    • Right click on the FRST64 icon and select Run as administrator
    • Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
    • There is no need to paste the information anywhere, FRST64 will do it for you
    Code:
    Start::
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
ExportKey: HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
End::
    • Click Fix
    • When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
    ===================================================

    Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
    • Fixlog
     
    Oh My!, Feb 13, 2024
    #52
    mark59 likes this.
  3. mark59

    mark59 MajorGeek

    :)
     
    mark59, Feb 13, 2024
    #53
  4. mark59

    mark59 MajorGeek

    Fix result of Farbar Recovery Scan Tool (x64) Version: 11.02.2024
    Ran by Mark (13-02-2024 14:17:43) Run:5
    Running from C:\Users\markc\Desktop
    Loaded Profiles: Mark
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    Start::
    HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
    ExportKey: HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
    End::
    *****************

    HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
    ================== ExportKey: ===================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
    "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" => not found

    ==== End of Fixlog 14:17:43 ====
     
    mark59, Feb 13, 2024
    #54
  5. Oh My!

    Oh My! Malware Expert Staff Member

    Thank you.

    Now monitor your computer to see if it checks for and auto-updates Windows. Click Start, type Windows Update, select it above and look for a recent "Last checked" that was not initiated manually.
     
    Oh My!, Feb 13, 2024
    #55
  6. mark59

    mark59 MajorGeek

    It says last checked today at 14:08 (it's now 14:44).

    However, in Windows Security in Virus & threat protection under Virus & threat protection updates it says, "Security intelligence is up to date". The last update was 10/02/2024 12:39. However, I think that was me manually clicking on "Click for updates" last Saturday (10th).

    This PC does offer me Windows Updates when they are available. I then allow it to install the update. However, the update always fails and that is why I manually update it when it informs me an update is available. Obviously, I don't know if an update will run as it should until the next time any are offered.

    The virus and threat protections never update unless I manually click on "Click for updates". What makes me think that is a problem is because my other PC automatically updates the virus and threat protections every day.

    I don't know if the difference is the operating system versions. My laptop, which is the computer we have been working on runs Windows 10 (and doesn't meet the requirements for updating to Windows 11).

    The other PC, that is fine, is a desktop operating under Windows 11.
     
    mark59, Feb 13, 2024
    #56
  7. Oh My!

    Oh My! Malware Expert Staff Member

    Thank you.

    Please do this.

    ===================================================

    Farbar Recovery Scan Tool Fix

    --------------------
    • Right click on the FRST icon and select Run as administrator
    • Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
    • There is no need to paste the information anywhere, FRST will do it for you
    Code:
    Start::
Zip: C:\Windows\Logs\CBS
End::
    • Click Fix
    • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
    • The tool will create a zipped folder in the same location from where FRST was run with today's date, example: 06.11.2016_13.24.50.zip. Upload the file to GoFile or the file hosting site of your choice and post the download link in your reply.
    ===================================================

    Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
    • Download link
     
    Oh My!, Feb 13, 2024
    #57
  8. mark59

    mark59 MajorGeek

    Fix result of Farbar Recovery Scan Tool (x64) Version: 11.02.2024
    Ran by Mark (13-02-2024 16:38:14) Run:6
    Running from C:\Users\markc\Desktop
    Loaded Profiles: Mark
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    Start::
    Zip: C:\Windows\Logs\CBS
    End::
    *****************

    ================== Zip: ===================
    C:\Windows\Logs\CBS -> copied successfully to C:\Users\markc\Desktop\13.02.2024_16.38.14.zip
    =========== Zip: End ===========

    ==== End of Fixlog 16:38:16 ====
     
    mark59, Feb 13, 2024
    #58
  9. mark59

    mark59 MajorGeek

    mark59, Feb 13, 2024
    #59
  10. Oh My!

    Oh My! Malware Expert Staff Member

    Please do this.

    ===================================================

    Farbar Recovery Scan Tool Fix

    --------------------
    • Right click on the FRST64 icon and select Run as administrator
    • Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
    • There is no need to paste the information anywhere, FRST64 will do it for you
    Code:
    Start::
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::
    • Click Fix
    • When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
    ===================================================

    Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
    • Fixlog
     
    Oh My!, Feb 13, 2024
    #60
  11. mark59

    mark59 MajorGeek

    Fix result of Farbar Recovery Scan Tool (x64) Version: 11.02.2024
    Ran by Mark (14-02-2024 02:56:11) Run:7
    Running from C:\Users\markc\Desktop
    Loaded Profiles: Mark
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    Start::
    cmd: sfc /scannow
    cmd: DISM /Online /Cleanup-Image /CheckHealth
    End::
    *****************


    ========= sfc /scannow =========



    Beginning system scan. This process will take some time.



    Beginning verification phase of system scan.


    Verification 0% complete.
    Verification 0% complete.
    Verification 1% complete.
    Verification 1% complete.
    Verification 2% complete.
    Verification 2% complete.
    Verification 3% complete.
    Verification 3% complete.
    Verification 4% complete.
    Verification 4% complete.
    Verification 4% complete.
    Verification 5% complete.
    Verification 5% complete.
    Verification 6% complete.
    Verification 6% complete.
    Verification 7% complete.
    Verification 7% complete.
    Verification 8% complete.
    Verification 8% complete.
    Verification 9% complete.
    Verification 9% complete.
    Verification 9% complete.
    Verification 10% complete.
    Verification 10% complete.
    Verification 11% complete.
    Verification 11% complete.
    Verification 12% complete.
    Verification 12% complete.
    Verification 13% complete.
    Verification 13% complete.
    Verification 13% complete.
    Verification 14% complete.
    Verification 14% complete.
    Verification 15% complete.
    Verification 15% complete.
    Verification 16% complete.
    Verification 16% complete.
    Verification 17% complete.
    Verification 17% complete.
    Verification 18% complete.
    Verification 18% complete.
    Verification 18% complete.
    Verification 19% complete.
    Verification 19% complete.
    Verification 20% complete.
    Verification 20% complete.
    Verification 21% complete.
    Verification 21% complete.
    Verification 22% complete.
    Verification 22% complete.
    Verification 23% complete.
    Verification 23% complete.
    Verification 23% complete.
    Verification 24% complete.
    Verification 24% complete.
    Verification 25% complete.
    Verification 25% complete.
    Verification 26% complete.
    Verification 26% complete.
    Verification 27% complete.
    Verification 27% complete.
    Verification 27% complete.
    Verification 28% complete.
    Verification 28% complete.
    Verification 29% complete.
    Verification 29% complete.
    Verification 30% complete.
    Verification 30% complete.
    Verification 31% complete.
    Verification 31% complete.
    Verification 32% complete.
    Verification 32% complete.
    Verification 32% complete.
    Verification 33% complete.
    Verification 33% complete.
    Verification 34% complete.
    Verification 34% complete.
    Verification 35% complete.
    Verification 35% complete.
    Verification 36% complete.
    Verification 36% complete.
    Verification 37% complete.
    Verification 37% complete.
    Verification 37% complete.
    Verification 38% complete.
    Verification 38% complete.
    Verification 39% complete.
    Verification 39% complete.
    Verification 40% complete.
    Verification 40% complete.
    Verification 41% complete.
    Verification 41% complete.
    Verification 41% complete.
    Verification 42% complete.
    Verification 42% complete.
    Verification 43% complete.
    Verification 43% complete.
    Verification 44% complete.
    Verification 44% complete.
    Verification 45% complete.
    Verification 45% complete.
    Verification 46% complete.
    Verification 46% complete.
    Verification 46% complete.
    Verification 47% complete.
    Verification 47% complete.
    Verification 48% complete.
    Verification 48% complete.
    Verification 49% complete.
    Verification 49% complete.
    Verification 50% complete.
    Verification 50% complete.
    Verification 51% complete.
    Verification 51% complete.
    Verification 51% complete.
    Verification 52% complete.
    Verification 52% complete.
    Verification 53% complete.
    Verification 53% complete.
    Verification 54% complete.
    Verification 54% complete.
    Verification 55% complete.
    Verification 55% complete.
    Verification 55% complete.
    Verification 56% complete.
    Verification 56% complete.
    Verification 57% complete.
    Verification 57% complete.
    Verification 58% complete.
    Verification 58% complete.
    Verification 59% complete.
    Verification 59% complete.
    Verification 60% complete.
    Verification 60% complete.
    Verification 60% complete.
    Verification 61% complete.
    Verification 61% complete.
    Verification 62% complete.
    Verification 62% complete.
    Verification 63% complete.
    Verification 63% complete.
    Verification 64% complete.
    Verification 64% complete.
    Verification 65% complete.
    Verification 65% complete.
    Verification 65% complete.
    Verification 66% complete.
    Verification 66% complete.
    Verification 67% complete.
    Verification 67% complete.
    Verification 68% complete.
    Verification 68% complete.
    Verification 69% complete.
    Verification 69% complete.
    Verification 69% complete.
    Verification 70% complete.
    Verification 70% complete.
    Verification 71% complete.
    Verification 71% complete.
    Verification 72% complete.
    Verification 72% complete.
    Verification 73% complete.
    Verification 73% complete.
    Verification 74% complete.
    Verification 74% complete.
    Verification 74% complete.
    Verification 75% complete.
    Verification 75% complete.
    Verification 76% complete.
    Verification 76% complete.
    Verification 77% complete.
    Verification 77% complete.
    Verification 78% complete.
    Verification 78% complete.
    Verification 79% complete.
    Verification 79% complete.
    Verification 79% complete.
    Verification 80% complete.
    Verification 80% complete.
    Verification 81% complete.
    Verification 81% complete.
    Verification 82% complete.
    Verification 82% complete.
    Verification 83% complete.
    Verification 83% complete.
    Verification 83% complete.
    Verification 84% complete.
    Verification 84% complete.
    Verification 85% complete.
    Verification 85% complete.
    Verification 86% complete.
    Verification 86% complete.
    Verification 87% complete.
    Verification 87% complete.
    Verification 88% complete.
    Verification 88% complete.
    Verification 88% complete.
    Verification 89% complete.
    Verification 89% complete.
    Verification 90% complete.
    Verification 90% complete.
    Verification 91% complete.
    Verification 91% complete.
    Verification 92% complete.
    Verification 92% complete.
    Verification 93% complete.
    Verification 93% complete.
    Verification 93% complete.
    Verification 94% complete.
    Verification 94% complete.
    Verification 95% complete.
    Verification 95% complete.
    Verification 96% complete.
    Verification 96% complete.
    Verification 97% complete.
    Verification 97% complete.
    Verification 97% complete.
    Verification 98% complete.
    Verification 98% complete.
    Verification 99% complete.
    Verification 99% complete.
    Verification 100% complete.


    Windows Resource Protection found corrupt files and successfully repaired them.

    For online repairs, details are included in the CBS log file located at

    windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

    repairs, details are included in the log file provided by the /OFFLOGFILE flag.



    ========= End of CMD: =========


    ========= DISM /Online /Cleanup-Image /CheckHealth =========


    Deployment Image Servicing and Management tool
    Version: 10.0.19041.3636

    Image Version: 10.0.19045.3996

    No component store corruption detected.
    The operation completed successfully.


    ========= End of CMD: =========


    ==== End of Fixlog 03:27:23 ====
     
    mark59, Feb 13, 2024
    #61
  12. Oh My!

    Oh My! Malware Expert Staff Member

    Thank you.

    Some files were repaired and now I would like you to do this.

    ===================================================

    Obtaining Windows Update Log

    -------------------

    • Download WULog.bat and download it to your Desktop or note where the file is saved (USB drive, Downloads folder, etc)
    • Right click on WULog.bat and select Run as administrator
    • When completed a WULog.txt file will open and will also be placed on the Desktop
    • Attach the file to your reply
    ===================================================

    Things I would like to see in your next reply.
    • Attached file
     
    Oh My!, Feb 14, 2024
    #62
  13. mark59

    mark59 MajorGeek

    File attached as requested.
     

    Attached Files:

    mark59, Feb 14, 2024
    #63
  14. Oh My!

    Oh My! Malware Expert Staff Member

    Please do this.

    ===================================================

    Windows Updates History Viewer by Nirsoft

    --------------------
    • Download WinUpdatesView and save it to your Desktop
    • Unzip the folder onto your Desktop
    • Right click on WinUpdatesView.exe and select Run as administrator
    • Click View then HTML Report - All Items
    • On the open browser click File, Save Page As... and save the file onto your Desktop using the default name settings
    • Zip and attach the HTML file to your reply
    ===================================================

    Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
    • Attached file
     
    Oh My!, Feb 14, 2024
    #64
  15. mark59

    mark59 MajorGeek

    File attached as requested.
     

    Attached Files:

    mark59, Feb 15, 2024
    #65
  16. Oh My!

    Oh My! Malware Expert Staff Member

    Thank you for the report.

    Please do this.

    ===================================================

    Windows Update Troubleshooter

    --------------------

    • Click Start, type Troubleshooter and hit Enter
    • Click Additional (or Other) troubleshooters
    • Select Windows Update
    • Report the results
    • Check Windows Update. If you receive an error message report the error information in your reply
    ===================================================

    Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
    • Results?
     
    Oh My!, Feb 15, 2024
    #66
  17. mark59

    mark59 MajorGeek

    I attach the Results in a pdf file.
     
    mark59, Feb 15, 2024
    #67
  18. mark59

    mark59 MajorGeek

    I apologise but I did attach the pdf file. I don't know why it wasn't with the previous post. Here's another attempt.
     

    Attached Files:

    mark59, Feb 15, 2024
    #68
  19. mark59

    mark59 MajorGeek

    Urgh :mad: now it attaches twice to one post.
     
    mark59, Feb 15, 2024
    #69
  20. Oh My!

    Oh My! Malware Expert Staff Member

    Please run Windows Update and if there is an error complete the below.

    ===================================================

    Farbar Recovery Scan Tool Fix

    --------------------
    • Right click on the FRST icon and select Run as administrator
    • Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
    • There is no need to paste the information anywhere, FRST will do it for you
    Code:
    Start::
Zip: C:\Windows\Logs\CBS
End::
    • Click Fix
    • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
    • The tool will create a zipped folder in the same location from where FRST was run with today's date, example: 06.11.2016_13.24.50.zip. Upload the file to GoFile or the file hosting site of your choice and post the download link in your reply.
    ===================================================

    Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
    • Download link
     
    Oh My!, Feb 15, 2024
    #70
  21. mark59

    mark59 MajorGeek

    I ran Windows Update and I'm not sure if you would call this a problem.

    It offered me quite a few updates. At one point it asked that I do a restart so I did. It left only one update, Cumulative Update for Windows 10 Version 22H2 for x64-based Ssytems (KB5034763). It downloaded but it said on the screen Downloaded 100% and stayed like that for over an hour. I thought this is not going to change to I restarted the PC. After the restart I opened Windows Update which now said the above update was installing. When it said the instal had reached 44% it requested I restart the PC so I did.

    It is now saying that Windows is up-to-date.
     
    mark59, Feb 16, 2024
    #71
  22. Oh My!

    Oh My! Malware Expert Staff Member

    Great, Windows should update itself now.

    Are there any remaining questions or concerns?
     
    Oh My!, Feb 16, 2024
    #72
  23. mark59

    mark59 MajorGeek

    Thank you very much for your help. I appreciate all the time and effort that's gone in to helping me. I have no remaining questions or concerns.

    Do threads in the specialist forum get closed? I know in some other fora threads can be closed. I'm only asking as I'll feel happier Windows will update itself next there's an update available. So if there is an issue (hoping there won't be) next time it tries to update I can re-visit this thread and say it's not working as it should.

    Thanks!
     
    mark59, Feb 16, 2024
    #73
  24. Oh My!

    Oh My! Malware Expert Staff Member

    No, the topics here are not closed. Simply pop back in if something comes up.
     
    Oh My!, Feb 16, 2024
    #74
Page 2 of 2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds