Search Results for 'malwarebytes'

WCHS wrote:

… but it’s not clear about what to do if you do NOT have Bitlocker enabled, ….I am Win10, 21H2, Secure Boot State is ON.

Hi WCHS:

Further to alejr’s post # 2471526, I believe the Bitlocker Recovery prompt that says “BitLocker needs your recovery key to unlock your drive because Secure Boot policy has unexpectedly changed” will only appear on some devices after KB5012170 (Security Update for Secure Boot DBX: August 9, 2022) is installed if:

• You have a Windows 11 OS, and
• BitLocker drive encryption is enabled (see the makeuseof.com article How to Check BitLocker’s Status in Windows 10 and the attached image that shows what Control Panel | System and Security | BitLocker Drive Encryption used to look like when I had BitLocker drive encryption enabled on my Win 10 Pro machine).

So far, I haven’t heard of any Win 10 machines that are affected by this issue.

Unlike the Windows 11 v21H2 list of Known Issues <here> which specifically documents the KB5012170 / BitLocker Recovery prompt issue, the Windows 10 v21H2 list of Known Issues <here> only notes that the KB5012170 might fail to install with a 0x800f0922 error. This issue is still under investigation but the details <here> show that this 0x800f0922 installation error (which can occur with both Win 10 and Win 11) can sometimes be fixed “by updating the UEFI bios to the latest version before attempting to install KB5012170“.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.13.208-1.0.1740 * Macrium Reflect Free v8.0.6867 * Inspiron 5583/5584 BIOS v1.20.0

2 users thanked author for this post.

WCHS, windbg

Hi Paul:

The General tab of System Configuration (msconfig) shows my Dell Inspiron / Win 10 Pro v21H2 machine uses Selective startup, but the Boot tab indicates this is likely because I have Macrium Reflect Free installed. When I created my Macrium rescue media (e.g., a bootable USB thumb drive) as instructed <here> I also added the Macrium Reflect rescue environment to my Windows boot menu.  Now when I boot up my computer I see a screen with a 10 second countdown that allows me to boot normally into Windows (the default) or enter the Macrium Reflect recovery environment directly without having to boot up from my USB thumb drive.

Do you know if there’s any software on your Dell XPS / Win 11 machine that might have modified your Window boot menu? If you have Dell SupportAssist Remediation (a.k.a.  Dell SupportAssist OS Recovery) installed, for example, I wonder if that’s enough to change the Startup type on the General tab of mscofig from Normal to Selective.
———-
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.13.208-1.0.1740 * Dell Update for Windows Universal v4.6.0 * Macrium Reflect Free v8.0.6867

1 user thanked author for this post.

windbg

Deanna McElveen wrote:

Good, free antivirus software is quickly becoming a rarity as more and mors smaller companies like Avast and AVG get gobbled up by large companies. I cannot recommend any good ones that won’t constantly bug you about buying something (looking at you Avast and AVG). Malwarebytes is well worth the $39 per year.

This is not really surprising because keeping even a second-string antivirus program current is not a cheap undertaking.  The nagging is, I think, the price one pays for “free”.

That said, top-grade security software is almost always on sale for pretty reasonable prices.  Yes, the price is only good for a year or two and renewals are going to be a good deal more expensive, but one can always buy a new subscription when the time comes rather than allowing the “old” one to renew.

Also, it never hurts to check with your ISP.  A number of them offer name-brand security suites as part of their service.  One may not like the brand offered but it is effectively free.

1 user thanked author for this post.

windbg

lmacri wrote:

I’m not sure if this is related to KB5012170 (Security Update for Secure Boot DBX: August 9, 2022) but there are Dell users posting in ecarpenter’s 11-Aug-2022 Inspiron 7391 Bios Update Enabled Bitlocker that they have been unable to boot their machines and log into Windows since their August 2022 Patch Tuesday were installed because they are seeing a message saying “Bitlocker needs your recovery key to unlock your drive because Secure Boot Policy has unexpectedly changed“….

Hi Susan:

Richard Speed’s 15-Aug-2022 Microsoft’s Secure Boot Fix Sends Some PCs Into BitLocker Recovery on theregistry.com seems to confirm that KB5012170 is the cause. That article states in part:

“Register reader Anthony got in touch to tell us that out of the 400 PCs his company managed, 2 percent (all Windows 11) booted to a BitLocker recovery screen after the update….The recovery process restores access to data and requires the user to supply a lengthy password (or a domain administrator can get the password via Active Directory Domain Services). Anthony told us he was able to log into Azure and retrieve the recovery keys.“

Kudos to ann_droid for posting a link to that article in ecarpenter’s Inspiron 7391 BIOS Update Enabled Bitlocker in the Dell forum.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.13.208-1.0.1740 * Macrium Reflect Free v8.0.6867 * Inspiron 5583/5584 BIOS v1.20.0

After the last batch of Windows updates I have had some printer issues, but that was resolved by the manufacturer with a work around. But here within the last week or two. I have been experiencing either a slow start or an unresponsive start at my welcome screen to my Windows 10 21H2 machine. It doesn’t happen all the time, but when it does. I usually have to wait about a minute so before I can enter my PIN. Now, I have upgraded my SSD from a 250GB to a 2.0TB SSD within the last month.

Now, I was experiencing issues with my Total Defense antivirus software and my Malwarebytes software on my phone with the accessibility feature. It was recommended that I uninstall Malwarebytes for the time being to see if it happens again. So, I am either wondering if I am having a similar issue with my desktop PC, or perhaps an issue with the recent batch of Windows updates. How can I be sure of which scenario could it be? Is there any way of checking what the issue could be on my own?

I have a Win 10 Pro laptop and when I performed a reset to factory condition in August 2020 I vaguely recall now that I had to opt out of BitLocker encryption during the initial OBEE setup of my system.  Prior to my reset to factory condition I had deliberately enabled BitLocker but found it caused some unexpected issues (luckily, I had the recovery key backed up on a USB thumb drive and kept a hard copy printout of the key stored in a safe place) and decided not to use BitLocker after the reset.

That MS support article Overview of BitLocker Device Encryption in Windows also states that “Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby“.  My post # 2444880 in “Modern” Standby in Newer PCs shows that my Inspiron 5584 does not support the Modern Standby sleep state, which might be another reason why BitLocker encryption was not enabled on my system after my reset to factory condition.
————–
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.12.204-1.0.1725 * Macrium Reflect Free v8.0.6867 * Inspiron 5583/5584 BIOS v1.20.0

Hi Susan:

I’m not sure if this is related to KB5012170 (Security Update for Secure Boot DBX: August 9, 2022) but there are Dell users posting in ecarpenter’s 11-Aug-2022 Inspiron 7391 Bios Update Enabled Bitlocker that they have been unable to boot their machines and log into Windows since their August 2022 Patch Tuesday were installed because they are seeing a message saying “Bitlocker needs your recovery key to unlock your drive because Secure Boot Policy has unexpectedly changed“. Both users insist that BitLocker has never been enabled before on their system and neither has any idea what their recovery key is.

The OP ecarpenter suspects a BIOS update triggered the problem on their Inspiron 7391 (“Literally the only thing I was doing was Windows updated and decided to do the Dell BIOS update last“), but user nobox posted <here> that they’re sure it was a Windows update that triggered this problem on their Vostro 5515.

Everything still looks fine on my Inspiron 5584 per my post # 2469714.
—————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.12.204-1.0.1725 * Macrium Reflect Free v8.0.6867 * Inspiron 5583/5584 BIOS v1.20.0

1 user thanked author for this post.

windbg

Marvin,

Good, free antivirus software is quickly becoming a rarity as more and mors smaller companies like Avast and AVG get gobbled up by large companies. I cannot recommend any good ones that won’t constantly bug you about buying something (looking at you Avast and AVG). Malwarebytes is well worth the $39 per year.

Have a look at our bootable selections here:
https://www.oldergeeks.com/downloads/category.php?id=229
I’m a big fan of Antivirus Live CD.

Deanna
OlderGeeks.com

1 user thanked author for this post.

SupremeLaW

Hey, all.

A few reports of CleanSweep2 and hits with anti-virus software. These are totally false positives due to some of the things the program does for you. If you are using a “falsely-detect-them-all-as-malware-and-let-the-gods-sort-them-out” kind of antivirus program, there are many more intelligent solutions out there. Give Malwarebytes a try. We run it on all 14 of our family and business computers. If we get a hit on Malwarebytes, we get real concerned because false positives rarely happen with it.

Here is the VirusTotal report for the zip file:

https://www.virustotal.com/gui/file/9bbf34cf3f2074789dc5da09148b52414ff94d25ca6276b28db1031be4942f68

There are two hits (false hits) for the actual executable on VirusTotal:

(Note: These two hits are from Cynet and SecureAge APEX. If you ever use VirusTotal, you already know that these two would find viruses in a picture of a baby seal.)

https://www.virustotal.com/gui/file/2dc02144053620126c9ddabc47b7ab33d1dce25f6b5c771945a2f0f6efa6952a

Deanna

OlderGeeks.com

3 users thanked author for this post.

WSjaflady, SupremeLaW, satrow

Thanks to everyone who posted tips about how to restore the Windows Recovery Environment. Lots of good information here I’ve squirreled away in case I ever need it.

One thing I’m still not clear about. Why would the partition for the Windows Recovery Environment be missing on some systems in the first place? For example, is it normal for users to loose their Windows Recovery Environment partition after a clean reinstall of Win 10 or Win 11 using the Media Creation Tool (MCT)?  Could a malware attack deliberately target and delete the Windows Recovery Environment partition?

The MS support article Windows Recovery Environment (Windows RE) states that “By default, WinRE is preloaded into the Windows 10 and Windows 11 for desktop editions (Home, Pro, Enterprise, and Education)…” After reading the comments is this thread I confirmed that I was able to enter my Windows Recovery Environment (Ctrl+Alt+Del to bring up the login screen, click on Shutdown, and select Restart while holding the Shift key) and could run a Microsoft Defender offline scan, so I assume I’m good to go for now.
———-
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.12.204-1.0.1725 * Macrium Reflect Free v8.0.6867

WCHS wrote:

I still have KB5012170 hiddden, so it hasn’t run yet. I wonder what will happen, were it installed?

Hi WCHS:

Sorry, I have no idea how a BIOS update might effect the installation of KB5012170 (Security Update for Secure Boot DBX: August 9, 2022) or the status of Secure Boot on your Dell computer. Our models use different Dell BIOS versions – the support page <here> for your Inspiron 5482 2-in-1 recommends Dell Inspiron 5480/5488/5482/5580/5582 and Vostro 5481/5581 System BIOS v2.15.1 (released 21-Jul-2022), while the support page <here> for my Inspiron 5584 laptop recommends Dell Inspiron 5583/5584 System BIOS v1.20.0 (released 04-Aug-2022).

I reset my Inspiron 5584 to factory condition on 30-Aug-2020, which rolled my Win 10 Pro OS back to v1903.  The attached image of a Belarc Advisor report captured a few days later shows my Secure Boot was already disabled in Sept 2020.  I’m not certain, but as far as I know Secure Boot was disabled by default on my Inspiron 5584 when it shipped from the factory in Aug 2019 (see my 13-May-2021 post in DanDaMiniFig’s Dell G7 17 7790 Possible SupportAssist Error in the Dell forum for further information). Also note that I’m currently using Dell Inspiron 5583/5584 System BIOS v1.18.0 (released 13-Apr-2022) and don’t plan to update my BIOS to the latest v1.20.0 until I’m sure my August 2022 Patch Tuesday updates haven’t caused any adverse effects.
—————
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.12.204-1.0.1725 * Macrium Reflect Free v8.0.6867 * Inspiron 5583/5584 BIOS v1.18.0

1 user thanked author for this post.

WCHS

lmacri wrote:

Windows Update successfully installed the following Aug 2022 Patch Tuesday updates on my Win 10 Pro v21H2 laptop and I haven’t noticed any negative effects so far…

Hi Susan:

Further to my post # 2469714, I use MS Outlook 2019 (MS Office Home & Business 2019 Version 2017 Build 15427.20194) and so far I have not noticed the issue described in the 11-Aug-2022 MS support article Outlook Closes Shortly After It Is Opened. My free Microsoft Outlook email account (<username>@live.com) uses Microsoft Exchange.
—————
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.12.204-1.0.1725 * Macrium Reflect Free v8.0.6867

Hi Susan:

Windows Update successfully installed the following Aug 2022 Patch Tuesday updates on my Win 10 Pro v21H2 laptop and I haven’t noticed any negative effects so far:

• KB5016616: 2022-08 Cumulative Update for Win 10 Version 21H2 x64 (OS Build 19044.1889)
• KB5012170: 2022-08 Security Update for Secure Boot DBX for Win 10 x64
• KB890830: Windows Malicious Software Removal Tool x64 – v5.104

I did not receive this month’s KB5015733 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, but that’s expected since I have the Windows Update settings in my Local Group Policy Editor configured to only deliver stable .NET Framework updates that include a security patch.

Regarding the KB5012170 security update for Secure Boot DBX, also note that my BIOS Mode is UEFI and my system supports Secure Boot. I checked the status of Secure Boot in System Information (I entered msinfo32 in a Run dialog box) and confirmed that Secure Boot was disabled both before and after my Aug 2022 Patch Tuesday updates were installed (see attached image).

The only minor glitch I noticed this month was that it took several minutes for the status of KB5016616 [2022-08 Cumulative Update for Win 10 Version 21H2 x64 (OS Build 19044.1889)] to change from “Downloading – 100%” to “Pending Install“, but this isn’t unusual on my machine – I’ve reported this before for previous Patch Tuesdays. I also took the extra precaution this month of temporarily disabling my Malwarebytes Premium real-time protection after Windows Update started downloading my Aug 2022 Patch Tuesday updates – I don’t think this was necessary but some Win 11 users reported <here> in the Malwarebytes forum that Malwarebytes interfered with installation of KB5015814 during last month’s July 2022 Patch Tuesday updates.
———–
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1889 * Firefox v103.0.2 * Microsoft Defender v4.18.2205.7-1.1.19500.2 * Malwarebytes Premium v4.5.12.204-1.0.1725 * Macrium Reflect Free v8.0.6867

2 users thanked author for this post.

jburk07, WCHS

Facebook gets around tracking privacy measure by encrypting links

https://www.malwarebytes.com/blog/news/2022/07/facebook-gets-round-tracking-privacy-measure-by-encrypting-links?bsft_aaid=18a8abbd-b7b6-422b-8352-283554e9475a&bsft_eid=6e3b9a77-e858-33ca-3ba7-237b8cb288be&bsft_clkid=40ef2402-ca32-453f-96aa-0d4d860b01b0&bsft_uid=30431b72-abb9-4546-a40f-c0e727ad0ab1&bsft_mid=37f4484d-4f3c-49f8-aebc-2b42213238ad&bsft_mime_type=html&bsft_ek=2022-08-08T16%3A30%3A36Z&bsft_lx=21&bsft_tv=23

* _ ... _ *

2 users thanked author for this post.

OscarCP, ClearThunder

Hi RetiredGeek:

Does Control Panel | Programs | Programs and Features show that you have Dell SupportAssist Remediation (a.k.a. SupportAssist OS Recovery) installed on your problem laptop? Your error message asks you to contact Dell Support, which suggests that you might have Dell emergency recovery software installed on your computer (or perhaps even a third-party antivirus – Dell computers often ship with a one-year trial of McAfee LifeSafe) that is preventing your system from booting into the “normal” Windows recovery environment when you try to run a Microsoft Defender Offline Scan.

Note that I’m not a fan of either SupportAssist or Dell SupportAssist Remediation/SupportAssist OS Recovery. I have disabled the services for Dell SupportAssist, Dell TechHub and Dell SupportAssist Remediation at Start | Windows Administrative Tools | Services to ensure none of these programs can start automatically at boot-up on my Inspiron laptop.
————–
Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1826 * Firefox v103.0.1 * Microsoft Defender v4.18.2205.7-1.1.19400.3 * Malwarebytes Premium v4.5.12.204-1.0.1725 * Macrium Reflect Free v8.0.6867 * Dell SupportAssist v3.11.4.29 * Dell SupportAssist Remediation v5.5.3.16171 * Dell Update Windows Universal v4.5.0 * Fusion Service v2.0.58 * Inspiron 5583/5584 BIOS v1.18.0

1 user thanked author for this post.

windbg