nasdaq

Hi, Are you still with me?

Hi, Are you still with me?

Hi, Looking better. Please run Malwarebytes. Clean all items reported. Run the Farbar Program and post Fresh FRST and Addition.txt logs. Let me know what problem persists.

Hi, Lets proceed with the cleanup. Preparing the USB Flash Drive Boot up your spare PC: Plug in the flash drive, navigate to that drive, right click on it direct and select format. Quick option is adequate. Next, On that same PC download the right version of Farbar program for your system to Desktop or the Flash drive. 64-bit or 32 bit version. Select the one you need. https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ If the files were saved on the Desktopl Move the executable (FRST.exe or FRST64.exe) to your USB Flash Drive Do not plug Flash Drive into sick PC until booted to Recovery Environment. === Boot the compromised PC to Recovery Environment, if you are unsure of that action have a read at the following link, maybe bookmark for future reference... To enter the Recovery Environment with Windows 10, follow the instructions in this tutorial on TenForums https://www.tenforums.com/tutorials/2294-boot-advanced-startup-options-windows-10-a.html From the Windows 10 Tutorial you should get access to the Advanced Startup Options at boot for Windows 10 Select in this order "Troubleshoot" > "Advance Options" > "Command Prompt" Once in the command prompt Plug your USB Flash Drive in the infected computer In the command prompt, type notepad and press on Enter Notepad will open. Click on the File menu and select Open Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter Note: Replace the letter e with the drive letter of your USB Flash Drive FRST will open Click on Yes to accept the disclaimer Click on the Scan button and wait for the scan to complete A log called FRST.txt will be saved on your USB Flash Drive. Attach it in your next reply. p.s. If at any time you need additional information please ask before proceeding. Post the Fixlog.txt and the FRST.txt logs for my review. Wait for further instructions.

Hi, Glad we could help.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Download the version of this tool for your operating system. Farbar Recovery Scan Tool (64 bit) Farbar Recovery Scan Tool (32 bit) and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Wait for further instructions.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === I have identified a bad SmartService infection. You will need access to a spare PC and a USB flash drive that has not been in contact with the sick PC... I need to know first if you can enable the Recovery Environment... Open FRST on the compromised computer: copy/paste the following inside the text area of FRST. Once done, click on the Fix button. A file called fixlog.txt should appear on your desktop. Attach it in your next reply. Start:: CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes CMD: bcdedit.exe /set {default} recoveryenabled yes End:: On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad Copy and paste its content in your next reply. Wait for further instructions. <<<>>>

Hi, Beware that if you ever reinstall chrome the Syncing was not remove these entries will again be reported by Malwarebyres.f

Hi, Lets proceed: Preparing the USB Flash Drive Boot up your spare PC: Plug in the flash drive, navigate to that drive, right click on it direct and select format. Quick option is adequate. Next, On that same PC download the right version of Farbar program for your system to Desktop or the Flash drive. 64-bit or 32 bit version. Select the one you need. https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ If the files were saved on the Desktopl Move the executable (FRST.exe or FRST64.exe) to your USB Flash Drive Do not plug Flash Drive into sick PC until booted to Recovery Environment. === Boot the compromised PC to Recovery Environment, if you are unsure of that action have a read at the following link, maybe bookmark for future reference... To enter the Recovery Environment with Windows 10, follow the instructions in this tutorial on TenForums https://www.tenforums.com/tutorials/2294-boot-advanced-startup-options-windows-10-a.html From the Windows 10 Tutorial you should get access to the Advanced Startup Options at boot for Windows 10 Select in this order "Troubleshoot" > "Advance Options" > "Command Prompt" Once in the command prompt Plug your USB Flash Drive in the infected computer In the command prompt, type notepad and press on Enter Notepad will open. Click on the File menu and select Open Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter Note: Replace the letter e with the drive letter of your USB Flash Drive FRST will open Click on Yes to accept the disclaimer Click on the Scan button and wait for the scan to complete A log called FRST.txt will be saved on your USB Flash Drive. Attach it in your next reply. p.s. If at any time you need additional information please ask before proceeding. Post the Fixlog.txt and the FRST.txt logs for my review. Wait for further instructions.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Windows Firewall is disabled. Restore your Firewall. https://www.computerhope.com/issues/ch000551.htm === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Run the AdwCleaner and Malwarebytes and delete all the items found. Restart the computer and let me know what problem persists. fixlist.txt

Hi, Try this. I changed the commands.

Hi, Great, thank you for the information.

Hi, The file is good and in the correct path. Navigate to this page and follow the instructions suggested by the Moderator in post no. 2. https://answers.microsoft.com/en-us/edge/forum/edge_other-edge_win10/microsoftedgecpexe/9effffbf-171f-46fb-9982-62f9a15c954b Start at the No. 2 and run DISM as suggested. Do no 3 as well. Keep me posted.

Hi, Glad we could help. If all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/ https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/ Simple and easy ways to keep your computer safe and secure on the Internet. ===

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please download Malwarebytes Anti-Malware from here Right-click on the MBAM icon and select Run as administrator to run the tool. Click Yes to accept any security warnings that may appear. Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database. On the left menu pane click the Settings tab, and then select the Protection tab on the top. Under the Scan Options, turn on the button Scan for rootkits and Scan within archives. Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button Note: The scan may take some time to finish, so please be patient. If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button. While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop. The log can also be viewed by clicking the log to select it, then clicking the View Report button. Please post the log for my review. Note: If asked to restart the computer, please do so immediately. === Please download AdwCleaner by Xplode onto your Desktop. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click the Scan button and wait for the process to complete. Click the LogFile button and the report will open in Notepad. IMPORTANT Download the version of this tool for your operating system. Farbar Recovery Scan Tool (64 bit) Farbar Recovery Scan Tool (32 bit) and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Wait for further instructions.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === It's possibly a Syncing issue? Read this article and proceed. Chrome Secure Preferences detection always comes back https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ <<<>>> Let me know what problem persists.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Hi, Please run the Farbar programa in an Administrator account. Post fresh FRST and Addition.txt logs for my review.

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Hi, I have identified a bad SmartService infection. You will need access to a spare PC and a USB flash drive that has not been in contact with the sick PC... I need to know first if you can enable the Recovery Environment... Open FRST on the compromised computer: copy/paste the following inside the text area of FRST. Once done, click on the Fix button. A file called fixlog.txt should appear on your desktop. Attach it in your next reply. On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad Copy and paste its content in your next reply. Wait for further instructions. <<<>>>

Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Reset Chrome... Open Google Chrome, click on menu icon or the 3 vertical dots located right side top of the google chrome. Click "Settings" then "Show advanced settings" at the bottom of the screen. Click "Reset browser settings" button. Restart Chrome. <<<>>> Run MBAM and if items are still repored, execute the instructions suggested by exile360 Please post the Fixlog.txt and let me know if the problem persists. fixlist.txt

Hi, I know, it does the same when I download the new version. Trust it. Dequarantine it it's safe I can assure you.

Hi, ==== I do not think your router is compromised. Make sure it's secured. How to tell if my Wireless is secure. http://www.ehow.com/how_6775466_tell-wireless-secure_.html === Make sure all you important data has a strong password. A strong password has: at least 15 characters uppercase letters lowercase letters numbers symbols, such as ` ! " ? $ ? % ^ & * ( ) _ - + = { [ } ] : ; @ ' ~ # | \ < , > . ? / Syncing in Firefox or Chrome can be probematic. I do not need it and not using it.

Please download Malwarebytes Anti-Malware from here Right-click on the MBAM icon and select Run as administrator to run the tool. Click Yes to accept any security warnings that may appear. Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database. On the left menu pane click the Settings tab, and then select the Protection tab on the top. Under the Scan Options, turn on the button Scan for rootkits and Scan within archives. Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button Note: The scan may take some time to finish, so please be patient. If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button. While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop. The log can also be viewed by clicking the log to select it, then clicking the View Report button. Please post the log for my review. Note: If asked to restart the computer, please do so immediately. === Please download AdwCleaner by Xplode onto your Desktop. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click the Scan button and wait for the process to complete. Click the LogFile button and the report will open in Notepad. IMPORTANT Download the version of this tool for your operating system. Farbar Recovery Scan Tool (64 bit) Farbar Recovery Scan Tool (32 bit) and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Wait for further instructions.

Hi, Glad we could help. If all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/ https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/ Simple and easy ways to keep your computer safe and secure on the Internet. ===

Hi, Malwarebytes shows that these entries are quarantined. If they were deleted and are still found again in MBAM it may be that you are syncing Chrome. If you are Syncing Chrome with other devices. To remove it, you will have to reset the Sync in Chrome. Read this article and proceed. Chrome Secure Preferences detection always comes back https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ <<<>>> Restar the computer when done. If the problem persists please run the Farbar program and post fresh FRST and Addition.txt logs for my review. To refresh the Addition.txt make sure the box to create a new file is checked..

Hi, Any remaining issues?