Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    BORN Ontario child registry data breach affects 3.4 million people

Featured Deal: Get started in AI or make your own with this $19.97 course bundle

Latest Buyer's Guide:    Best VPNs to unblock Stan outside Australia in 2023

Generic User Avatar

Firefox send / Rcv packets ip127.0.0.1

Started by Sunnybolero143 , Sep 03 2023 07:01 AM

  • This topic is locked This topic is locked
13 replies to this topic

#1 Sunnybolero143

Sunnybolero143

  • Avatar image
  • Members
  • 63 posts
  • OFFLINE
    •  
  • Local time:02:26 AM

Posted 03 September 2023 - 07:01 AM

Hi 

 

Hope someone can help clarify this.... I recently Installed Firefox again on my laptop (Lenovo IdeaPad 3 15ITL6) running windows 11

 

I have TCPView and looked at connections.  I saw (below) that Firefox is sending and recieving packets to and from 127.0.0.1 , I had read that this address is a loopback and should not be sending or recieving packets. 

 

is this ok?

 

 

 

updated with snapshot of the TCPview

 

Attached Files


Edited by Sunnybolero143, 03 September 2023 - 07:42 AM.

BC AdBot (Login to Remove)

 

#2 Sunnybolero143

Sunnybolero143
  • Topic Starter

  • Avatar image
  • Members
  • 63 posts
  • OFFLINE
    •  
  • Local time:02:26 AM

Posted 03 September 2023 - 07:35 AM

ok it seems i have problems loading the snapshot

 

can anyone tell me how I can... copied it in jpeg file  and was saving (taking a long time) after saved is not showing, used full text editor on edit above.. still not showing it


#3 Sunnybolero143

Sunnybolero143
  • Topic Starter

  • Avatar image
  • Members
  • 63 posts
  • OFFLINE
    •  
  • Local time:02:26 AM

Posted 03 September 2023 - 07:38 AM

ok hopefully this works

Attached Files


Edited by Sunnybolero143, 03 September 2023 - 07:41 AM.

#4 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 32,303 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:26 AM

Posted 03 September 2023 - 08:45 AM

Download and install min-toolbox from here: https://www.bleepingcomputer.com/download/minitoolbox/
 
minitoolbox.png
 
With the following:
 
Last 10 error messages from the logs
Installed Application
Problematic Devices 
List users and partitions

My Linux Systems Specifications: My Desktop - https://dpaste.com/AKGGCBGSW - My Server - https://dpaste.com/8M228Z6ZM - My laptop Arch - https://dpaste.com/FKSMU4MM2

-----------------------------------------------------------------------------

Masters of Science in Computer and Digital Forensics - Stevenson University 
-----------------------------------------------------------------------------
US Navy Veteran - 2002 to 2006 - Blue and Gold and Proud to Serve - Honor, Courage, and Commitment
 

#5 Sunnybolero143

Sunnybolero143
  • Topic Starter

  • Avatar image
  • Members
  • 63 posts
  • OFFLINE
    •  
  • Local time:02:26 AM

Posted 03 September 2023 - 09:08 AM

@Cryptodan

 

I uninstalled Firefox , just in case.. should i reinstall before i do this?


#6 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 32,303 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:26 AM

Posted 03 September 2023 - 09:16 AM

Yes

My Linux Systems Specifications: My Desktop - https://dpaste.com/AKGGCBGSW - My Server - https://dpaste.com/8M228Z6ZM - My laptop Arch - https://dpaste.com/FKSMU4MM2

-----------------------------------------------------------------------------

Masters of Science in Computer and Digital Forensics - Stevenson University 
-----------------------------------------------------------------------------
US Navy Veteran - 2002 to 2006 - Blue and Gold and Proud to Serve - Honor, Courage, and Commitment
 

#7 Sunnybolero143

Sunnybolero143
  • Topic Starter

  • Avatar image
  • Members
  • 63 posts
  • OFFLINE
    •  
  • Local time:02:26 AM

Posted 03 September 2023 - 09:30 AM

here is the output

 

MiniToolBox by Farbar  Version: 13-05-2022
Ran by ianbu (administrator) on 03-09-2023 at 15:26:38
Running from "C:\Users\ianbu\Downloads"
Microsoft Windows 11 Home  (X64)
Model: 82H8 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/03/2023 10:56:36 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Disabled performance counter data collection from the "BITS" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.
 
Error: (09/03/2023 10:56:36 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1011) (User: NT AUTHORITY)
Description: The Close procedure in Extensible Counter DLL "C:\Windows\System32\bitsperf.dll" for the "BITS" service generated exception 3221225477 at address 0x7ffd9edf233d. The performance data returned by the counter DLL will not be returned in the Perf Data Block.
 
Error: (09/03/2023 09:45:57 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-FJB874NT)
Description: Faulting application name: MbamBgNativeMsg.exe, version: 4.0.0.126, time stamp: 0x645000d3
Faulting module name: MbamBgNativeMsg.exe, version: 4.0.0.126, time stamp: 0x645000d3
Exception code: 0xc0000409
Fault offset: 0x00000000001f5aa5
Faulting process id: 0x0x1e7c
Faulting application start time: 0x0x1d9de425bd0a714
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
Report Id: b118bb26-29a5-4a52-a38d-73008a3a1d03
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/02/2023 05:24:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (09/02/2023 05:24:46 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (09/02/2023 05:24:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (09/02/2023 05:24:46 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (09/02/2023 06:07:49 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (09/02/2023 05:47:44 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (09/02/2023 05:47:38 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {977e864f-23be-4bb7-8689-8616aa48731d}
 
 
System errors:
=============
Error: (09/03/2023 12:18:39 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-FJB874NT)
Description: Event-ID 10010
 
Error: (09/03/2023 11:45:52 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Energy Server Service queencreek service did not shut down properly after receiving a preshutdown control.
 
Error: (09/03/2023 10:56:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Energy Server Service queencreek service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/03/2023 10:54:22 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-FJB874NT)
Description: Event-ID 10010
 
Error: (09/03/2023 10:52:13 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Energy Server Service queencreek service did not shut down properly after receiving a preshutdown control.
 
Error: (09/03/2023 08:49:19 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-FJB874NT)
Description: Event-ID 10010
 
Error: (09/03/2023 07:57:27 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Energy Server Service queencreek service did not shut down properly after receiving a preshutdown control.
 
Error: (09/03/2023 05:05:55 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-FJB874NT)
Description: Event-ID 10010
 
Error: (09/02/2023 07:05:45 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-FJB874NT)
Description: Event-ID 10010
 
Error: (09/02/2023 05:24:46 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Energy Server Service queencreek service did not shut down properly after receiving a preshutdown control.
 
 
Windows Defender:
================
Date: 2023-09-02 05:52:55
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2023-09-01 16:57:17
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2023-08-31 05:45:13
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2023-08-30 06:04:44
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2023-08-30 05:01:32
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
 
Date: 2023-07-05 12:56:44
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.391.3621.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.23050.3
Error code: 0x80240022
Error description: The program can't check for definition updates.  
 
Date: 2023-07-05 12:56:44
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.391.3621.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.23050.3
Error code: 0x80240022
Error description: The program can't check for definition updates.  
 
Date: 2023-05-14 06:11:38
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007041d
Error description: The service did not respond to the start or control request in a timely fashion. 
Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the device. 
 
Date: 2023-04-12 05:44:12
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.321.69.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17300.4
Error code: 0x8007045b
Error description: A system shutdown is in progress.  
 
Date: 2023-04-02 03:20:05
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.321.69.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17300.4
Error code: 0x8007045b
Error description: A system shutdown is in progress.  
 
CodeIntegrity Errors:
====================
Date: 2023-09-03 15:26:06
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a582115f5de863e1\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. 
 
Date: 2023-09-03 15:22:35
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. 
 
 
=========================== Installed Programs ============================
 
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.141 - Google LLC)
Intel® Chipset Device Software (HKLM-x32\...\{901bcbf9-3fc2-492d-8f11-e8ca2175adf6}) (Version: 10.1.18800.8277 - Intel® Corporation)
Intel® Computing Improvement Program (HKLM\...\{0D8810A6-1D38-4885-9690-948CD0B7CA6F}) (Version: 2.4.10577 - Intel Corporation)
Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 3.10.0.63 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.72.0 - Lenovo Group Ltd.)
Malwarebytes version 4.6.1.280 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.1.280 - Malwarebytes)
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.169.0813.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 117.0 (x64 en-US)) (Version: 117.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20170 - Microsoft Corporation) Hidden
 
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.30201.210.0_x64__rz1tebttyb220 [2023-08-10] (Dolby Laboratories)
Elevoc Vocplus System -> C:\Program Files\WindowsApps\ElevocTechnologyCo.Ltd.ElevocVocplusSystem_1.0.29.0_x64__ttaqwwhyt5s6t [2023-02-07] (Elevoc Technology Co., Ltd.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2307.14.0_x64__k1h2ywk1493x8 [2023-08-17] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.4.18.0_x64__5grkq8ppsgwt4 [2023-07-22] (LENOVO INC) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2307.24002.0_x64__8wekyb3d8bbwe [2023-08-03] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-06-25] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.21.0_x64__8wekyb3d8bbwe [2023-06-30] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-06] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-17] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.61661.0_x64__8wekyb3d8bbwe [2023-06-23] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2023-08-11] (Microsoft Corporation)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5180.0_x64__8j3eq9eme6ctt [2023-08-12] (INTEL CORP) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-02-06] (Netflix, Inc.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.7423.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Corporation) [Startup Task]
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.148.0_x64__pwbj9vvecjh7j [2023-08-23] (Amazon Development Centre (London) Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.35.271.0_x64__dt26b99r8h8gj [2023-02-08] (Realtek Semiconductor Corp)
Smart Microphone Settings -> C:\Program Files\WindowsApps\ElevocTechnologyCo.Ltd.SmartMicrophoneSettings_1.1.49.0_x64__ttaqwwhyt5s6t [2023-02-12] (Elevoc Technology Co., Ltd.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Studios) [MS Ad]
WinDbg Preview -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2306.14001.0_x64__8wekyb3d8bbwe [2023-07-09] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-08-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-08-11] (Microsoft Windows)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-18] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-03-18] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-07-27] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.934.1904.0_x86__8wekyb3d8bbwe [2023-07-27] (Microsoft Corporation)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 76%
Total physical RAM: 7975.3 MB
Available physical RAM: 1861.43 MB
Total Virtual: 10286.11 MB
Available Virtual: 2141.35 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:173.69 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LAPTOP-FJB874NT
 
Administrator            DefaultAccount           Guest                    
ianbu                    WDAGUtilityAccount       
 
 
**** End of log ****

#8 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 32,303 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:26 AM

Posted 03 September 2023 - 11:02 AM

Download and install Speccy - https://www.ccleaner.com/speccy

Run it, and then go to File and Publish Snapshot. Post the resulting link in your next reply

My Linux Systems Specifications: My Desktop - https://dpaste.com/AKGGCBGSW - My Server - https://dpaste.com/8M228Z6ZM - My laptop Arch - https://dpaste.com/FKSMU4MM2

-----------------------------------------------------------------------------

Masters of Science in Computer and Digital Forensics - Stevenson University 
-----------------------------------------------------------------------------
US Navy Veteran - 2002 to 2006 - Blue and Gold and Proud to Serve - Honor, Courage, and Commitment
 

#9 Sunnybolero143

Sunnybolero143
  • Topic Starter

  • Avatar image
  • Members
  • 63 posts
  • OFFLINE
    •  
  • Local time:02:26 AM

Posted 03 September 2023 - 11:33 AM

I ran it , but got a notification

 

Window security 

 

Unauthorised changes Blocked

 

Controlled folder access Blocked  C:\ Prorgram\ Speccy64.exe  from making changes to memory...

 

but i did find where to trun it off .... here is published snapshot

 

http://speccy.piriform.com/results/dPvhfpL3qbjAshyWZHGlF0w


#10 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 32,303 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:26 AM

Posted 03 September 2023 - 11:47 AM

Now this is odd

IGCCSVC_DB: AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAwP5ZA9hBFkKOy7nTXnxqVQQAAAACAAAAAAAQZgAAAAEAACAAAABBtpe7JadLqA83M8hiJL7RrxNqR3hQVq+MCkDZmQ2VzAAAAAAOgAAAAAIAACAAAAAt/HnAxD0V+4XEjC3vak+8hjhqLmJrNCmSIwKeq4QiaGAAAAAIY9ouaYjViGw5HhiekXxjYsTl097AxsZUgJgrgm

I would open up a post in the malware section

My Linux Systems Specifications: My Desktop - https://dpaste.com/AKGGCBGSW - My Server - https://dpaste.com/8M228Z6ZM - My laptop Arch - https://dpaste.com/FKSMU4MM2

-----------------------------------------------------------------------------

Masters of Science in Computer and Digital Forensics - Stevenson University 
-----------------------------------------------------------------------------
US Navy Veteran - 2002 to 2006 - Blue and Gold and Proud to Serve - Honor, Courage, and Commitment
 

#11 Sunnybolero143

Sunnybolero143
  • Topic Starter

  • Avatar image
  • Members
  • 63 posts
  • OFFLINE
    •  
  • Local time:02:26 AM

Posted 03 September 2023 - 12:27 PM

Thank you Cryptodan

 

I posted there and also asked Malwarebytes on it as well


#12 MoxieMomma

MoxieMomma

  • Avatar image
  • BC Advisor
  • 1,125 posts
  • OFFLINE
    •  
  • Gender:Not Telling
  • Local time:08:26 PM

Posted 03 September 2023 - 12:52 PM

The OP is now being assisted here:

https://www.bleepingcomputer.com/forums/t/789314/help-needed-odd-in-speccy-igccsvc-db/

@Sonnybolero143:

Have you also posted about this same issue at the Malwarebytes forum?
If so, please provide the link.

Thanks

#13 Sunnybolero143

Sunnybolero143
  • Topic Starter

  • Avatar image
  • Members
  • 63 posts
  • OFFLINE
    •  
  • Local time:02:26 AM

Posted 03 September 2023 - 02:17 PM

Sure

 

here is the link.  They were looking at a different issue... when i asked about the 127.0.01 problem,, I ask for clarity on here and then this was new issue was flagged, so i kept them in the loop as well

 

https://forums.malwarebytes.com/topic/301782-ransomware-protection-turned-off-windows-defender-firewall-settings/page/2/#comment-1586839


#14 Chris Cosgrove

Chris Cosgrove

  • Avatar image
  • Global Moderator
  • 25,007 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Scotland
  • Local time:02:26 AM

Posted 03 September 2023 - 03:44 PM

Since the OP now has an active topic in V&M Removal this topic is closed pending the outcome.

 

If you still have problems after any malware is removed and your computer declared clean then you can either PM any Mod and ask for this topic ot be re-opened - do include a link to this topic - or start a new topic on the problem, whichever you think better..

 

Chris Cosgrove


Back to Networking


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Internet & Networking
  3. Networking
  4. Privacy Policy
  5. Rules ·