Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: back so soon under attack...

  1. #11
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    267

    Default

    juliet it's a Lenovo ideapad 330. i think just a tad under middle of the road i think

  2. #12
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,813

    Default

    How you coming along with the Fixscript I created for you to run?

    Please copy and paste its contents in your next reply.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    **

    System File Checker tool <== have you run this yet?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #13
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    267

    Default

    Juliet I thought I posted the frst report and the windows page is why I'm on my phone with you, it's because in safe mode it says windows help select your product but nothing is there???

  4. #14
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    267

    Default

    Running the DISM now

  5. #15
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    267

    Default

    well command prompt gives this C:\Users\ronny>For more information, refer to the help by running DISM.exe /?.
    more was unexpected at this time.

    C:\Users\ronny>
    C:\Users\ronny>The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log
    'The' is not recognized as an internal or external command,
    operable program or batch file.

    C:\Users\ronny>
    C:\Users\ronny>C:\Users\ronny>sfc /scannow
    'C:\Users\ronny' is not recognized as an internal or external command,
    operable program or batch file.

    C:\Users\ronny>
    C:\Users\ronny>Windows Resource Protection could not start the repair service.
    'Windows' is not recognized as an internal or external command,
    operable program or batch file.

  6. #16
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    267

    Default

    tried to post the DSIM from my pc and got 404 error too large to post

  7. #17
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    267

    Default

    here is the fixlog...

    Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
    Ran by ronny (08-10-2019 13:24:32) Run:1
    Running from C:\Users\ronny\Desktop
    Loaded Profiles: ronny (Available Profiles: ronny)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    CloseProcesses:
    CreateRestorePoint:
    Task: {14D92110-62E1-4DFC-AF69-90B8267352A3} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
    Task: {31473F18-652A-46FE-AD09-70FC2DD2193D} - \Lenovo\ImController\TimeBasedEvents\aba76a82-dd41-4e86-8c43-f9ecab7da124 -> No File <==== ATTENTION
    Task: {56C52AC1-4093-48BD-BD1F-0EE5C79A2134} - \Lenovo\ImController\TimeBasedEvents\c8a3cf5c-bef0-47a7-9ea8-7391dfba9ff0 -> No File <==== ATTENTION
    Task: {72AFA575-B5B7-4F9E-A73A-DEF06AD8224D} - \Lenovo\ImController\TimeBasedEvents\ea2167a5-22e8-49e1-8ea8-62af4fe7cb97 -> No File <==== ATTENTION
    Task: {BE77526C-BEAF-4E49-86F6-D04BC84A3FF2} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
    Task: {EBF36B46-CBDF-45A6-B321-60F118CB9CC3} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
    Task: {ED066DF5-E55B-4A40-B888-00144190843A} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
    SearchScopes: HKU\S-1-5-21-4109447768-91167649-2371174200-1001 -> DefaultScope {1DE58705-3063-4F2A-835E-EB8A8011C103} URL =
    CHR Extension: (Chrome Media Router) - C:\Users\ronny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-30]
    S2 ImControllerService; "%SystemDrive%\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" [X]
    FirewallRules: [{9ED2A87C-9EC4-413C-AF33-32D93891E375}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
    FirewallRules: [{5A6D8FE2-0692-4E73-B43F-F3BD38CCD56F}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
    FirewallRules: [{68A18C2B-DA57-474E-87B7-4F1B95611589}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16010.9126.2116.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe No File
    EmptyTemp:
    C:\Windows\Temp\*.*

    *****************

    Processes closed successfully.
    Restore point was successfully created.
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14D92110-62E1-4DFC-AF69-90B8267352A3}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14D92110-62E1-4DFC-AF69-90B8267352A3}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31473F18-652A-46FE-AD09-70FC2DD2193D}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31473F18-652A-46FE-AD09-70FC2DD2193D}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\aba76a82-dd41-4e86-8c43-f9ecab7da124" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56C52AC1-4093-48BD-BD1F-0EE5C79A2134}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56C52AC1-4093-48BD-BD1F-0EE5C79A2134}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\c8a3cf5c-bef0-47a7-9ea8-7391dfba9ff0" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72AFA575-B5B7-4F9E-A73A-DEF06AD8224D}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72AFA575-B5B7-4F9E-A73A-DEF06AD8224D}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\ea2167a5-22e8-49e1-8ea8-62af4fe7cb97" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE77526C-BEAF-4E49-86F6-D04BC84A3FF2}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE77526C-BEAF-4E49-86F6-D04BC84A3FF2}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBF36B46-CBDF-45A6-B321-60F118CB9CC3}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBF36B46-CBDF-45A6-B321-60F118CB9CC3}" => removed successfully
    C:\WINDOWS\System32\Tasks\LenovoUtility Task => moved successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Task" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED066DF5-E55B-4A40-B888-00144190843A}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED066DF5-E55B-4A40-B888-00144190843A}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
    "HKU\S-1-5-21-4109447768-91167649-2371174200-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
    CHR Extension: (Chrome Media Router) - C:\Users\ronny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-30] => Error: No automatic fix found for this entry.
    HKLM\System\CurrentControlSet\Services\ImControllerService => removed successfully
    ImControllerService => service removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9ED2A87C-9EC4-413C-AF33-32D93891E375}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A6D8FE2-0692-4E73-B43F-F3BD38CCD56F}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68A18C2B-DA57-474E-87B7-4F1B95611589}" => removed successfully

    =========== "C:\Windows\Temp\*.*" ==========

    C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
    C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
    C:\Windows\Temp\InfInstallerLog._19-10-04_09-43-11-562.log => moved successfully
    C:\Windows\Temp\InfInstallerLog._19-10-07_09-53-24-345.log => moved successfully
    C:\Windows\Temp\lnonpnpsamp.log => moved successfully
    C:\Windows\Temp\MpCmdRun.log => moved successfully
    C:\Windows\Temp\MpSigStub.log => moved successfully
    C:\Windows\Temp\sa.9NCGJX5QLP9M_0__.Public.InstallAgent.dat => moved successfully

    ========= End -> "C:\Windows\Temp\*.*" ========


    =========== EmptyTemp: ==========

    BITS transfer queue => 8937472 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 721879874 B
    Java, Flash, Steam htmlcache => 5763 B
    Windows/system/drivers => 19456 B
    Edge => 20720893 B
    Chrome => 125716405 B
    Firefox => 198670594 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 256 B
    LocalService => 256 B
    LocalService => 256 B
    NetworkService => 128744 B
    NetworkService => 128744 B
    ronny => 590181918 B

    RecycleBin => 7967255 B
    EmptyTemp: => 1.6 GB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 13:28:48 ====

  8. #18
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    267

    Default


  9. #19
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    267

    Default

    i've meant to tell you juliet, that in all of this something has def helped as it is now possible/ as opposed to the other day when i reappeared when this was just a mad circus so it is getting up now and seemingly trying to behave.

  10. #20
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,813

    Default

    I think something with the operating system has gone bonkers.
    Might not be your fault (windows updates), sit still a day or two and lets see if it improves more.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •