[DR M]

Yes, the computer is now clean. But please dont install or download anything yet. Its fine to log into bank accounts etc.

[Advertisements]

I thought I had Foxit Reader installed on this computer. There is a folder for it, but I can't get a pdf to recognize Foxit. It's not in Add/Remove Programs. My understanding is that Foxit is more secure than the ubiquitous Adobe Acrobat.

[wayneman50]

I thought I had Foxit Reader installed on this computer. There is a folder for it, but I can't get a pdf to recognize Foxit. It's not in Add/Remove Programs. My understanding is that Foxit is more secure than the ubiquitous Adobe Acrobat.

[DR M]

I thought I had Foxit Reader installed on this computer. There is a folder for it, but I can't get a pdf to recognize Foxit. It's not in Add/Remove Programs. My understanding is that Foxit is more secure than the ubiquitous Adobe Acrobat.

Foxit is not installed in the computer. Perhaps you had it before. Now it's not installed.
 

1. Malwarebytes: I "X'ed" out of the ad a couple hours ago. It will probably be back in a couple more hours.

You installed the free version of the program, so you will be getting the notification. My recommendation is not to uninstall it for that.
 

2.. I'm not finding any extensions. See attached. I did a Chrome update this morning, but that shouldn't have gotten rid of extensions, right?
a. Why were my Firefox bookmarks missing?

I don't know about Chrome. The logs show that you have 3 extensions in the Default profile. As to Firefox, you have extensions missing? In the logs (again), I see that there are several bookmarks.
 

Was it malware/virus or was it something I did?
b. Can you give me a very brief summary of what you did? I know we were scanning for malware, but what else? Cleanup? Performance enhancement? Did you find anything significant?
c. Can/should we clean up the apps I installed for this session with you?

At the end of this cleaning procedure.
 

Strange: After the Restart, I launched File Explorer. There were no files in the Quick Access folder. My most recent files are always there, even after a restart.
4. PC is somewhat slow and slow to reboot, but then it's at least 10 years old. What more can I expect from an old hunk of chips?

I have already told you that there is one more thing pending. And this concerns the computer's upgrade. You are an upgrade behind, and I recommend you to upgrade now, doing an in-place upgrade. This will reinstall and update the operating system and fix any corruptions, without removing any file or program.

• Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
• Save the tool on your Desktop and double click to run it.
• On the License terms page, if you accept the license terms, select Accept.
• On the What do you want to do page, select Upgrade this PC now, and then select Next.
• Follow the instructions and select Keep personal files and apps, when you are asked to.
• It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
• After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

[wayneman50]

I don't know about Chrome. The logs show that you have 3 extensions in the Default profile. So what can I do to delete the extensions you want me to delete? As I showed you in my screen shot, unless I’m looking in the wrong place, no extensions show up on the front end.

 

As to Firefox, you have extensions missing? No. In the logs (again), I see that there are several bookmarks…My question goes back to my original post.  I know you want to answer everything at the end.

 

I’ll get going on the upgrade now.

 

Edited by wayneman50, 30 March 2023 - 03:27 PM.

[wayneman50]

 

• After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

When I came back to the PC, there were no prompts to walk through anything. It appears the update was successful. See screen shot.

 

Attached Thumbnails

• 

[DR M]

Hello and congrats for successfully upgrading your Windows!
 
Let me know if you are still experiencing any specific issue now. The in-place upgrade is supposed to fix corruptions and system's issues.
 
Now... about Firefox profiles:
 
Having a default profile and a default-release one, is something related to the browser's updates. See here: is default-release profile a bug or the new profile name for Firefox 67 upwards and still being phased in | Firefox Support Forum | Mozilla Support
 
In case the default-release profile is been created again, I recommend you to keep it as the default one, customizing as you want and delete the default one. It is suppose to be a profile for older Firefox versions.
 
Briefly what we did:
 
Removed unnecessary security programs and their remnants, old program's remnants, un-necessary tasks, some restrictions in policies, pre-installed software. We also removed adware that was installed in the system. With the in-place upgrade we upgraded the system, fixing corruptions.
 
If no other question:

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.

• Right-click kprm_(version).exe and select Run as Administrator.
• Read and accept the disclaimer.
• When the tool opens, ensure all boxes under Actions are checked.
• Under Delete Quarantines select Delete Now, then click Run.
• Once complete, click OK.
• A log will open in Notepad titled kprm-(date).txt.
• Please copy and paste its contents in your next reply.

[wayneman50]

# Run at 3/31/2023 3:31:45 PM
# KpRm (Kernel-panik) version 2.12.0
# Website https://kernel-panik.me/tool/kprm/
# Run by WAYNE from C:\Users\WAYNE\Desktop
# Computer Name: WAYNE-HP
# OS: Windows 10 X64 (19045) (10.0.19045.0)
# Number of passes: 1

- Checked options -

    ~ Registry Backup
    ~ Delete Tools
    ~ Restore System Settings
    ~ UAC Restore
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines

- Create Registry Backup -

   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
   ~ [OK] Hive C:\Users\WAYNE\NTUSER.dat backed up

     [OK] Registry Backup: C:\KPRM\backup\2023-03-31-15-31-45

- Delete Tools -


  ## AdwCleaner
     [OK] C:\Users\WAYNE\Desktop\AdwCleaner.exe deleted
     [OK] C:\AdwCleaner deleted

  ## ESET Online Scanner
     [OK] C:\Users\WAYNE\Desktop\esetonlinescanner.exe deleted
     [OK] C:\Users\WAYNE\Desktop\esetonlinescanner_enu.exe deleted

  ## FRST
     [OK] C:\Users\WAYNE\Desktop\Addition.txt deleted
     [OK] C:\Users\WAYNE\Desktop\Fixlog.txt deleted
     [OK] C:\Users\WAYNE\Desktop\FRST-OlderVersion deleted
     [OK] C:\Users\WAYNE\Desktop\FRST.txt deleted
     [OK] C:\Users\WAYNE\Desktop\FRST64.exe deleted
     [OK] C:\FRST deleted

  ## Malwarebytes (log)
     [OK] C:\Users\WAYNE\Desktop\Malwarebytes Advanced report.txt deleted
     [OK] C:\Users\WAYNE\Desktop\Malwarebytes report.txt deleted

- Restore System Settings -

     [OK] Reset WinSock
     [OK] FLUSHDNS
     [OK] Hide Hidden file.
     [OK] Show Extensions for known file types
     [OK] Hide protected operating system files

- Restore UAC -

     [OK] Set EnableLUA with default (1) value
     [OK] Set ConsentPromptBehaviorAdmin with default (5) value
     [OK] Set ConsentPromptBehaviorUser with default (3) value
     [OK] Set EnableInstallerDetection with default (0) value
     [OK] Set EnableSecureUIAPaths with default (1) value
     [OK] Set EnableUIADesktopToggle with default (0) value
     [OK] Set EnableVirtualization with default (1) value
     [OK] Set FilterAdministratorToken with default (0) value
     [OK] Set PromptOnSecureDesktop with default (1) value
     [OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

   ~ [OK] RP named Windows Modules Installer created at 03/31/2023 06:05:52 deleted
     [OK] All system restore points have been successfully deleted

- Create Restore Point -

     [OK] System Restore Point created

- Display System Restore Point -

   ~ [I] RP named KpRm created at 03/31/2023 19:39:14

-- KPRM finished in 528.69s --


 

[wayneman50]

When downloading and installing an app, you folks at GTG always tell me to run from the desktop.

1. Why is that?

2. Must it be the desktop itself or would the desktop folder in File Explorer do just as well? It's so much easier to find a new download in File Explorer.

[DR M]

Most of the tools we use are developed to run more effectively when on Desktop. The Desktop folder in File Explorer is the same thing with the actual Desktop.

 

So, no other issues/questions/concerns?

[wayneman50]

I think that's it. It's slow at times, but as I wrote before, it's at least 10 years old.

 

Do you accept financial donations?

[DR M]

Hi, wayneman50.
 
I'm glad I could help. In any case, my assistance is completely free and there is no reason for any donation. If you would like, you can just buy me a coffee here.


Now your computer is clean, here are some final tips about your computer's security from now on:

Some of the following, are from Klein's (2005) article, So how did I get infected in the first place. Since then, the article has been reproduced or linked to in dozens of locations. As a result, many malware experts have continued updating it, to include current operating systems and software program information. My source is Security Garden, and I marked for you the following:

1. Keep your Windows updated!
It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

2. Update 3rd Party Software Programs
Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware.'' It's important to keep everything updated.

3. Update the browsers you use
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. So... Keep them updated.

4. Be careful about what you download and what you open!

• Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.
• Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others, allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner. BUT even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected.
• Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Have this in mind.
• Do not open any files without being certain of what they are!

5. Avoid questionable web sites!
Visit web sites that are trustworthy and reputable. Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders. Also, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is.

6. Registry cleaners/driver boosters/system optimizers
I do not recommend registry cleaners, system optimizers, driver boosters and the like. It is your computer and certainly your choice. However, please consider that modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. With registry cleaner and system optimization software programs, the potential is ever present to cause more problems than they claim to fix. Do note, however, that Microsoft does not support the use of registry cleaners. See Microsoft support policy for the use of registry cleaning utilities.

7. PC means personal computer!
Don't give access to your computer to friends or family who appear to be clueless about what they are doing.

8. Back-up your work!
Make back-ups of your personal files frequently. You never know when you'll have to reformat and start from scratch. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.

9. Must-Have Software
An anti-virus and an anti-spyware program is a necessity for the security of your computer. Be sure that you keep them updated, and that real time protection is enabled. You have now the built-in Windows 10 antivirus, Windows Defender. Together with Malwarebytes, if you run it occasionally, depending on how often you use your computer, can keep you safe.

Happy safe computing.


I'm glad I was able to help you.

[wayneman50]

One more thing: Now that I have Malwarebytes, can you make sure that the settings are optimal for it and Defender, and that they are not conflicting with each other?

[DR M]

Hi.

 

These are the settings you must have enabled/disabled for Malwarebytes, if Defender is the premium security solution:

 

Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:

 

Under the title Scan Options, all the options are checked.
Under the title Windows Security Center (Premium only) the option is NOT checked.
Under the title Potentially unwanted items all options are set to Always.

[wayneman50]

They are all already set that way. The reason I uninstalled Malwarebytes a couple months ago is that it kept giving me popups to buy Premium, and kept starting "free Premium trial"s anyway. I was thinking that I have to go check the settings every time. So it looks like now I have real time protection from Defender and Malwarebytes. They will conflict with each other, right?

 

And I see I have another PUABundler. I wonder what I am doing to keep getting this. I am visiting only legit sites - email, insurance, bank, etc.

Attached Thumbnails

• 
• 

Edited by wayneman50, 02 April 2023 - 03:35 AM.

[DR M]

If you have the settings as above, no, Defender and Malwarebytes won't cause conflicts.

 

Premium Trial is for 14 days. After that, real time protection stops, and you have to perform manual scans with Malwarebytes from time to time, depending on how often you use the computer.

 

As to the detection above, it's from March 28th. Checking your last logs, it is related with this:

 

C:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.dat

 

You can click on Start actions and send it to quarantine.