MKDB

Thanks for your feedback @kelizabeth.
Everything seems to be fine here.
 
Thank you for your cooperation, we're done.
 
Final Step
Right-Click on FRST64 and choose Rename. Rename FRST64 into Uninstall. Run Uninstall. FRST and it’s files/folders will be deleted. If the tool needs a restart, please make sure you let the system restarts normally.  
 
A few final recommendations:
Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.
https://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/ Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/ Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/  Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security Malwarebytes Browser Guard
  Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee   Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser   Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ uBlock Origin
Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm  Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak  Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin  
Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/
Hopefully, we've been able to assist you with correcting your system issues.
Thank you for using Malwarebytes.
 
 

We do another FRST-Fix (this should finish in a few seconds and will remove the malicious extension) and a new scan with FRST for check-up.
Keep on the good work @trajik. 😉
 
 
Step 1
Please download the attached fixlist.txt file and save it to the location where you ran FRST from ( C:\Users\howtr\Downloads\ ). Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
Close all open programs and save your work. Run FRST again. Press the Fix button only once and wait. Please be patient. If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart. FRST will create one log now (Fixlog.txt) in the same directory the tool is run. Please attach this logfile to your next reply.  
 
Step 2
Run FRST again. Do not change any settings. Press the Scan button. FRST will create two logs now (FRST.txt + Addition.txt) in the same directory the tool is run. Please attach these logfiles to your next reply.  
 
 
fixlist.txt

Hi @veydolusta,
how are things going?
According to Malware Research Team, the task that was already deleted by Maurice Naggar in the first fix was indeed part of clipboard hijacker that replaces crypto coin addresses.
 
After you have run KVRT, please do the following two steps for me.
Thanks again!
 
 
Step 1
Please download the attached fixlist.txt file and save it to the location where you ran FRST from ( C:\Users\HP\Downloads\ ). Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
Close all open programs and save your work. Run FRST again. Press the Fix button only once and wait. Please be patient. If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart. FRST will create one log now (Fixlog.txt) in the same directory the tool is run. Please attach this logfile to your next reply.  
 
 
Step 2
Run FRST again. Do not change any settings. Press the Scan button. FRST will create two logs now (FRST.txt + Addition.txt) in the same directory the tool is run. Please attach these logfiles to your next reply.  
 
 
Fixlist.txt

Hello @Androo !
 
 
Thank you for your cooperation, we're done.
 
Final Step
Right-Click on FRST64 and choose Rename. Rename FRST64 into Uninstall. Run Uninstall. FRST and it’s files/folders will be deleted. If the tool needs a restart, please make sure you let the system restarts normally.  
 
 
 
A few final recommendations:
Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.
https://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/ Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/ Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/  Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security Malwarebytes Browser Guard
  Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee   Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser   Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ uBlock Origin
Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm  Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak  Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin  
Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/
Hopefully, we've been able to assist you with correcting your system issues.
Thank you for using Malwarebytes.
 
 

As this topic seems to be solved, I do not follow it any longer.
Take care @JoeBobby.

Hi @Rescpt,
 
Excuse me, but I did NOT get any privat messages from you.
I check my inbox every day and usually reply within 24 hours.
 
Let me know how we proceed. Thanks!

Hi @Ribzed and
 
My name is MKDB and I will assist you.
 
Please follow the steps in the given order and post back the logs as an attachment when ready. Thank you very much for your cooperation. Temporarily disable your antivirus or other security software first. Make sure to turn it back on once the scans are completed. Temporarily disable Microsoft SmartScreen to download software below if needed. Make sure to turn it back on once the scans are completed. As English is not my native language, please do not use slang or idoms. It may be hard for me to understand.  
 
Push Notifications on your browser appear to be enabled. Please read the following article (including information on how to remove them):
Browser push notifications: a feature asking to be abused
 
After removing those push notifications, reboot your system and let me know how things are going.
Thank you!

Hi @YoussefM,
do you still need help? If so, please follow my instructions and post the logfile.
Thank you.

Did Malwarebytes' Anti-Malware find anything in the past @r14v8? If so, can you attach those logfiles as well for me, please?
 
 
 
Step 1
Please download the attached fixlist.txt file and save it to the location where you ran FRST from ( Desktop ). Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
Close all open programs and save your work. Run FRST again. Press the Fix button only once and wait. Please be patient. If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart. FRST will create one log now (Fixlog.txt) in the same directory the tool is run. Please attach this logfile to your next reply.  
 
 
Step 2
If you already have Malwarebytes installed, then open Malwarebytes and click on the Scan button. It will automatically check for updates and run a Threat Scan. If you don't have Malwarebytes installed or if you don't run the newest version yet, please download it from here and install it. Once the MBAM dashboard opens, click on Settings (gear icon). Click on Security tab and make sure that all four Scan options are enabled. Close Settings and click on the Scan button on the dashboard. Once the scan is completed make sure you have it quarantine any detections it finds. If no detections were found click on the Save results drop-down, then the Export to TXT button and save the file as a Text file to your desktop. If there were detections then once the quarantine has completed click on the View report button, then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply. If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply. If Malwarebytes won't run, then please skip to the next step and let me know in your next reply that the scanner would not run.  
 
 
Step 3
Please download AdwCleaner and save it to your desktop.
Double-click to run it. Accept the End User License Agreement. Click Scan Now. When finished, if items are found please click Next / Quarantine. Maybe your PC will be rebooted, AdwCleaner will be opened automatically. Click View Log File. AdwCleaner will open one log (AdwCleaner[Cxx].txt). Please attach the log to your next reply.
 
 
 
 
fixlist.txt

Hi @silhouette29,
thank you very much for your logfiles.
It seems that here is a false positive of AdwCleaner regarding "Plash Player Pro" @jboursier , a logfile can be found here. You may need to reinstall it @silhouette29.
 
I would like you to run a fix with FRST (Step1) and do another scan (Step2).
Moreover, please report back about the message from MB as asked by @TwinHeadedEagle.
Thank you!
 
 
 
Step 1
Please download the attached fixlist.txt file and save it to the location where you ran FRST from ( C:\Users\Kikiam\Desktop\ ). Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
Close all open programs and save your work. Run FRST again. Press the Fix button only once and wait. Please be patient. If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart. FRST will create one log now (Fixlog.txt) in the same directory the tool is run. Please attach this logfile to your next reply.  
 
 
Step 2
Run FRST again. Do not change any settings. Press the Scan button. FRST will create two logs now (FRST.txt + Addition.txt) in the same directory the tool is run. Please attach these logfiles to your next reply.  
 
 
 
 
 
fixlist.txt

Thank you for your feedback @Illu.
 
After consultation with @Maurice Naggar, I can forward this information to you:
 
The issue ( of block notices) that started out this case were due to attempted probes from the outside.
The real-time protection of Malwarebytes for Windows is keeping the pc safe.  They will continue to do so, given that you have Malwarebytes Premium.
Here are some general conclusions & some tips.
The blocks are on addresses that are attempting to do a forced  attempt to exploit remote-desktop-protocol. 
The Real Time Protection of Malwarebytes for Windows  is actively doing it's job to protect the system.
I  would recommend that if you have a internet-connection-router hardware at home,  that you look over this article
"How to Enable Your Wireless Router's Built-in Firewall"
https://www.lifewire.com/how-to-enable-your-wireless-routers-built-in-firewall-2487668
 
In most cases the attempted probes will automatically stop on their own. If it continues you can add the IP to the local firewall to prevent it from contacting the computer period.
If you wish to do so, here is one how-to guide for the Windows software firewall
https://www.interserver.net/tips/kb/add-ip-address-windows-firewall/
Additionally or alternatively, if this is on Windows 10 PRO  and if you do not need or use Remote Desktop,  you can turn that off.
https://www.tenforums.com/tutorials/92433-enable-disable-remote-desktop-connections-windows-10-pc.html
 
 
Here is how to block a port number in Windows
https://thegeekpage.com/how-to-block-ports-in-windows-10-firewall/
 
How to Change the port number for RDP
https://tunecomp.net/change-remote-desktop-port-windows-10/
 
ALSO see this Malwarebytes support article
 
 
 
 

Sorry for being unclear. I mean: Can you post the previous MB logfile where "PUP.Optional.Sweetpack" was detected, please?
 
 
 
Step 1
Please download the attached fixlist.txt file and save it to the desktop or location where you ran FRST from. Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
Close all open programs and save your work. Run FRST again. Press the Fix button only once and wait. Please be patient. If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart. FRST will create one log now (Fixlog.txt) in the same directory the tool is run. Please attach this logfile to your next reply.  
 
 
Step 2
Run FRST again. Do not change any settings. Press the Scan button. FRST will create two logs now (FRST.txt + Addition.txt) in the same directory the tool is run. Please attach these logfiles to your next reply.  
fixlist.txt