nasdaq

Hi, This is the first time you give me the filename. This file is required by Outlook. Try to repair the Offie application you have. https://support.office.com/en-us/article/Repair-an-Office-application-7821d4b6-7c1d-4205-aa0e-a6b40c5bb88b Is you Office Application a paid Microsoft product and you have a license for it? In all I would not worry about this False Positive notice.

Hi, I suspect that it's comming from your Prefetch file. C:\Windows\Prefetch\WINSTORE.APP.EXE-4E2C28F6.pf [2018-05-20 17:47][2018-05-20 20:06] 000033514 _____ () 94EC2DBB4CF51ED512A0764F6FB18729 [Bestand niet getekend] Each time you turn on your computer, Windows keeps track of the way your computer starts and which programs you commonly open. Windows saves this information as a number of small files in the prefetch folder. The next time you turn on your computer, Windows refers to these files to help speed the start process. Prefetch files are great artifacts for forensic investigators trying to analyze applications that have been run on a system. Windows creates a prefetch file when an application is run from a particular location for the very first time. This is used to help speed up the loading of applications. For investigators, these files contain some valuable data on a user’s application history on a computer. From the Run command box execute Prefetch Accept the notice to continue. Right click on this entry C:\Windows\Prefetch\WINSTORE.APP.EXE-4E2C28F6.pf Select Delete. Close the Windows. Restart the computer normally. How is it now?

Hi, It could be Syncing issue? Are you Syncing Chrome with other devices? To remove it you will have to reset the Sync in Chrome. Read this article and proceed. Chrome Secure Preferences detection always comes back https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ <<<>>> Restart the computer normally. Again Removed the file at C:\Users\chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk. Then restored the original Chrome.lnk to "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Restart the computer normally to reset the registry. How is it now?

Hi, All the copies of CTFMON.EXE are signed and good. This entry New Value in the Run key is suspicious. Will remove it. Copy the text IN THE QUOTE BOX below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved Right click the .reg file and allow it to merge with the registry.

Hi, Are you Syncing Chrome with other devices? If applicable follow these instructions. To remove it you will have to reset the Sync in Chrome. Read this article and proceed. Chrome Secure Preferences detection always comes back Restart the computer normally when completed. Keep me posted.

Hi, Remove and reinstall Chrome using the following instructions. Follow the instructions as listed. Remove Chrome from your Computer and reinstall a fresh copy later. Before you remove Chrome Export your Bookmarks Chrome will export your bookmarks as a HTML file, which you can then import into another browser. How To: http://ccm.net/faq/31791-how-to-backup-your-google-chrome-bookmarks If you sync you account you must remove it before you save your bookmarks etc... Delete Your Google Chrome Browser Sync Data if you sync with other defices. <- Important ... https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ Clear your Chrome cache and cookies https://support.google.com/chromebook/answer/183083?hl=en Remove Chrome using the the instructions on this page. https://support.google.com/chrome/answer/95319?hl=en Re-install Chrome and the Bookmarks. ==== Let me know if the problem persists.

Hi, Let see what I can find. Run the Farbar program .exe as an Administrator. In the Search text area, copy and paste the following: *storeedgefd.dsx* Once done, click on the Search File search button and wait for FRST to finish the search On completion, a log will open in Notepad. Copy and paste its content in your next reply ===

Hi, Run the RogueKiller and remove these. ¤¤¤ Bestanden : 4 ¤¤¤ [PUP.Gen1][Map] C:\Users\Remco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time -> Verwijderd [PUP.Gen1][Map] C:\Users\Remco\AppData\Local\PackageAware -> Verwijderd [PUP.AutoIt.Gen][Bestand] C:\Program Files (x86)\LinuxLive USB Creator\tools\VirtualBox\Virtualize_This_Key.exe -> Verwijderd [PUP.Gen1][Map] C:\Users\Remco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time -> ERROR [3] === Please use Chrome and search for this string. Include the Qotes" "communicate with the external site config.edge.skype.com on IP 13.107.3.128" The IP address 13.107.3.128 if from Microsoft. https://www.abuseipdb.com/whois/13.107.3.128 Did you try to reach Microsoft? You can possibly check with the Microsoft Outlook forum for advice.

Hi, The logs are clean. (most of the pages are blocked by your product) Can you provide me with a screen shot of one of these blocked pages.

Hi, The logs look good. As for Eset because I cannot copy and paste the text (it's an image) I cannot use the Translator. Can you translate the text and post the exact URL that is blocking the Eset notice. p.s. The AdwCleaner and MBAM logs are clean. Do you have logs that shows what was removed? Post if you have some

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Hi, Ditch67 If you still need help with this computer please post fresh FRST and Addition.txt logs for my review. Wait for further instructions.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === This answers is for DayofJustice only. Note to : Evan24 Sorry but you are not authorized to post in someone else log. If you need help start you own topic. === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Reset Chrome... Open Google Chrome, click on menu icon or the 3 vertical dots located right side top of the google chrome. Click "Settings" then "Show advanced settings" at the bottom of the screen. Click "Reset browser settings" button. Restart Chrome. <<<>>> Please post the log and let me know of any remaining issues. fixlist.txt

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please download Malwarebytes Anti-Malware from here Right-click on the MBAM icon and select Run as administrator to run the tool. Click Yes to accept any security warnings that may appear. Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database. On the left menu pane click the Settings tab, and then select the Protection tab on the top. Under the Scan Options, turn on the button Scan for rootkits and Scan within archives. Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button Note: The scan may take some time to finish, so please be patient. If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button. While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop. The log can also be viewed by clicking the log to select it, then clicking the View Report button. Please post the log for my review. Note: If asked to restart the computer, please do so immediately. === Please download AdwCleaner by Xplode onto your Desktop. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click the Scan button and wait for the process to complete. Click the LogFile button and the report will open in Notepad. IMPORTANT If you click the Clean button all items listed in the report will be removed. If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click the Scan button and wait for the process to complete. Check off the element(s) you wish to keep. Click on the Clean button follow the prompts. A log file will automatically open after the scan has finished. Please post the content of that log file with your next answer. You can find the log file at C:\AdwCleanerCx.txt (x is a number). === Download the version of this tool for your operating system. Farbar Recovery Scan Tool (64 bit) Farbar Recovery Scan Tool (32 bit) and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Wait for further instructions.

Hi, Please run the Farbar program and check the box "Shortcut.txt". Scan the computer. Please post the log for my review.

Hi, I need more information. Run the Farbar program .exe as an Administrator. This time use the File Search button. In the Search text area, copy and paste the following: ctfmon.exe Once done, click on the Search File search button and wait for FRST to finish the search On completion, a log will open in Notepad. Copy and paste its content in your next reply ===

Hi, The images are parked at Cloudfront.net it is a legitimate and safe content delivery network owned by Amazon, however cyber criminals are abusing this CDN to deliver malicious content. This CloudFront.net redirect is usually caused by adware installed on your computer. === Please run the Malwarebytes and if some items are found please post that log for my review. Please download AdwCleaner by Xplode onto your Desktop. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click the Scan button and wait for the process to complete. Click the LogFile button and the report will open in Notepad. IMPORTANT If you click the Clean button all items listed in the report will be removed. If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click the Scan button and wait for the process to complete. Check off the element(s) you wish to keep. Click on the Clean button follow the prompts. A log file will automatically open after the scan has finished. Please post the content of that log file with your next answer. You can find the log file at C:\AdwCleanerCx.txt (x is a number). === --RogueKiller-- Download & SAVE to your Desktop Download RogueKiller Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or above, right-click the program file and select "Run as Administrator" Accept the user agreements. Execute the scan and wait until it has finished. If a Windows opens to explain what [PUM's] are, read about it. Click the RoguKiller icon on your taksbar to return to the report. Click open the Report Click Export TXT button Save the file as ReportRogue.txt Click the Remove button to delete the items in RED Click Finish and close the program. Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next. =======

Hi, Glad we could help. If all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/ https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/ Simple and easy ways to keep your computer safe and secure on the Internet. ===

Hi, Glad we could help. If all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/ https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/ Simple and easy ways to keep your computer safe and secure on the Internet. ===

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === AANDACHT: Systeemherstel is uitgeschakeld ATTENTION: System Restore is disabled Turn System Restore On for Drives in Windows 10 http://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Reset Chrome... Open Google Chrome, click on menu icon or the 3 vertical dots located right side top of the google chrome. Click "Settings" then "Show advanced settings" at the bottom of the screen. Click "Reset browser settings" button. Restart Chrome. <<<>>> Please post the log and let me know of any issues with this computer. fixlist.txt

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Please post the log and let me know of any issues with this computer. fixlist.txt

Hi, Glad we could help.

Hi, Any remaining issues?

Hi, This is the culprit. ShortcutWithArgument: C:\Users\chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://hao.169x.cn/?v=108 Delete this .lnk in bold. C:\Users\chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Restart the computer normally. How is it now?

Hi, Lets find out more about this file. Run the Farbar program .exe as an Administrator. In the Search text area, copy and paste the following: ctfmon.exe Once done, click on the Search Registry button and wait for FRST to finish the search On completion, a log will open in Notepad. Copy and paste its content in your next reply ====

Hi, Lets try this again. Remove Chrome Syncing. Read this article and proceed. Chrome Secure Preferences detection always comes back https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ <<<>>> Just remove then Syncing, when done restart the computer normally. Run Malware bytes and delete the enty if listed. Restart the computer normally. Run MBAM and hope that it's been deleted. Keep me posted.