nasdaq

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Your logs are clean of malware. Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Reset Chrome... Open Google Chrome, click on menu icon or the 3 vertical dots located right side top of the google chrome. Click "Settings" then "Show advanced settings" at the bottom of the screen. Click "Reset browser settings" button. Restart Chrome. <<<>>> Please post the Fixlog.txt and let me know of any issues pending. fixlist.txt

Hi, I think you have a wrong perception about the Restore point. Read about it. https://www.lifewire.com/what-is-a-restore-point-2625988 === I suggest you restore it now. This will ensure that any change to the systems from then on will be register in a new restore point. For example in my suggested fix these 3 registry settings will be fixed. Winlogon\Notify\ScCertProp: wlnotify.dll [X] Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION as will be the other entries. After the execution the program a new restore point will be created. If by any chance I make a mistake or something goes wrong then you will be able to restore your system to the previous restore point. I can assure you this will not happen. After the fix and the Restart of the computer if the problem persists let me know.

Hi, It's an option. Try this. Open a Command prompt on your Win 8.1 https://www.lifewire.com/how-to-open-command-prompt-2618089 At the Prompt type CD C:\Windows\System32 Regsvr32 ctfmon.exe Hit the Enter key. Conltinue type CD C:\Windows\SysWOW64 Regsvr32 ctfmon.exe Hit the Enter key. Type EXIT to return to the operating system. Hope that helps.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === ATTENTION: System Restore is disabled Turn your System Restore ON - Windows Help https://support.microsoft.com/en-us/help/17228/windows-protect-my-pc-from-viruses <<<>>> Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Reset your Maxthon browser to the default setting. https://ccm.net/faq/12570-maxthon-reset-your-browser-to-default-settings Restart the computer normally. Let me know if the problem persists. p.s. Are you Syncing this Browser with other devices? http://www.maxthon.com/mx5/features/cloud-sync/ The Syncing may be the issue. fixlist.txt

Hi, Please navigate to this page. I suggest you download and run the repair, upgrade using the Windows 10 ISO file. See the last post of this Microsoft article. https://answers.microsoft.com/en-us/edge/forum/edge_speed-edge_win10/microsoftedgecpexe-leaks/10c2c367-a415-4be3-a90a-1f8287841480 How that helps.

Hi, Yes, and if all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/ https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/ Simple and easy ways to keep your computer safe and secure on the Internet. ===

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please download AdwCleaner by Xplode onto your Desktop. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click the Scan button and wait for the process to complete. Click the LogFile button and the report will open in Notepad. IMPORTANT If you click the Clean button all items listed in the report will be removed. If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click the Scan button and wait for the process to complete. Check off the element(s) you wish to keep. Click on the Clean button follow the prompts. A log file will automatically open after the scan has finished. Please post the content of that log file with your next answer. You can find the log file at C:\AdwCleanerCx.txt (x is a number). === Download the version of this tool for your operating system. Farbar Recovery Scan Tool (64 bit) Farbar Recovery Scan Tool (32 bit) and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Let me know what problems persists.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Have you tried to delete the cookies in the browser you used to reach Amazon? It may help. Your Addition.txt log is clean. Can you post the FRST.txt log that was created by running the Farbar program. I will review it.

Hi No. The aswMBR.exe tool we used was created by Avast. Nothing to worry about.

Hi, Glad we could help. If all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/ https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/ Simple and easy ways to keep your computer safe and secure on the Internet. ===

Hi, Looking good. Avast is protecting the BIOS. This file is from AVAST aswVmm.sys

Hi, From what I see it's clean. Play it safe and run this scan. Sophos Virus Removal Tool Please download Sophos Virus Removal Tool and save it to your computer's Desktop. Right-click the icon and select Run as administrator. Click Yes to accept any security warnings that may appear. Click the Next button. Select 'I accept the terms in the license agreement', then click Next twice. Click the Install button and wait until the installation is complete. Click the Finish button. The tool created a shortcut icon on the Desktop of your computer. Now, double-click the Sophos Virus Removal Tool shortcut icon to run the tool. Click Yes to accept any security warnings that may appear. After it updates and a "Start Scanning" button appears in the lower right: Disconnect from the Internet or physically unplug your Internet cable connection. Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver. Temporarily disable your anti-virus and real-time anti-spyware protection. Windows Vista and above: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log Please post the contents of the log in your next reply and note any errors encountered. ===

Hi, I'm not sure but you may be having some hardware issues, driver etc... We will check your BIOS and Master boot record. Read carefully and follow these steps. TDSS Download TDSSKiller and save it to your Desktop. Doubleclick on TDSSKiller.exe to run the application. Then click on Start Scan. If a suspicious file is detected, the default action will be Skip, click on Continue. If an infected file is detected, the default action will be Cure, click on Continue. Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable. It may ask you to reboot the computer to complete the process. Click on Reboot Now. If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here. If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. === Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it. Click the "Scan" button to start scan. Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT Please paste the contents of that log in your next reply. There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply. === Wait for further instructions.

Hi, Did you run the cftmon.exe from this folder and all was well? C:\Windows\WinSxS\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_8e3b87ba644efd23\ctfmon.exe

Hi, Good work nothing left in the registry. === If all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/ https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/ Simple and easy ways to keep your computer safe and secure on the Internet. ===

Hi Clean everything. The settings will be replaced by the default values. Restart the computer to reset the registry.

Hi, Check with the Malwarebytes' Engineers. https://forums.malwarebytes.com/forum/41-malwarebytes-3-support-forum/ Start a new topic in that forum They may be able to suggest a fix or even provide a new option for Gamers.

Hi, I did not ask you to createa any file. If you download the fixlist.txt attached place it in the Folder were the Farbar program is running. Open the Farbar program and hit the Fix button. It's your call if you want to reset Firefox. If After the restart of the computer the problem persists you will have to reset as suggested. I opened the two links this morning and I found nothing about the obsolete links. The instructions may have changed with the latest version of Firefox not sure.

Hi, It may be a dead link. Run the Farbar program .exe as an Administrator. In the Search text area, copy and paste the following: github.com Once done, click on the Search Registry button and wait for FRST to finish the search On completion, a log will open in Notepad. Copy and paste its content in your next reply ====

Hi, Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === p.s. The fix will remove these two shortcuts. After the restart please DO NOT create a new shotcut. When all is well you can create a new one as you like. fixlist.txt

Hi, No! It can come from running a program, a downloaded program that you installed etc...

Hi, If this is again found by Eset I would contact them. They may be interested in evaluating the file and stop the False positive if found to be so.

Hi, Is the problem solved?

Hi, --RogueKiller-- Download & SAVE to your Desktop Download RogueKiller Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or above, right-click the program file and select "Run as Administrator" Accept the user agreements. Execute the scan and wait until it has finished. If a Windows opens to explain what [PUM's] are, read about it. Click the RoguKiller icon on your taksbar to return to the report. Click open the Report Click Export TXT button Save the file as ReportRogue.txt Click the Remove button to delete the items in RED Click Finish and close the program. Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next. =======

Hi, === Malwarebytes has deleted a temporary file in a Temp folder. C:\USERS\ANDREW\APPDATA\LOCAL\TEMP\BITC763.TMP These files are created when needed by a program you run. Keep an eye on this issue with Malwarebytes. Let me know in a few days if all is well.