Jump to content


Trusted Advisors
  • Posts

  • Joined

  • Last visited


0 Neutral

About Android8888

  • Birthday 08/25/1969

Contact Methods

  • Website URL

Profile Information

  • Location
  • Interests
    IT, malware fighting, reverse engineering, electrical and electronic engineering, technology, cinema.

Recent Profile Visitors

3,874 profile views
  1. @JusTRun7 Is your problem solved or do you still need help with it? Android8888
  2. Hi, These are legit files from Microsoft. The two detections are false positives. Don't worry with them. It appears you ran RogueKiller in Safe Mode. Tools need to be run in Normal Mode. Please restart the computer in Normal Mode and run RogueKiller again, then post its log for my review.
  3. Hi JusTRun7, The files detected by SecureAPlus are not essentially malicious. This happens when too many security programs are used simultaneously, causing conflicts between them and detecting false positives. You are using too many security programs at the same time (AVG, Kaspersky, Malwarebytes, SecureAPlus). Please uninstall Secure Aplus and leave only Malwarebytes and just one antivirus installed. Then run the scan with RogueKiller according to my previous instructions here and post the created log. I need to see that log to proceed. Thank you. Android8888
  4. Hello, Let's run the following scan. Please download the correct portable free version (32-bit or 64-bit) of RogueKiller for your system and save the file to your computer Desktop. Right-click on the file and select Run as administrator to start the tool.Click Yes to accept the UAC security warning that may appear.Click Accept to agree with the EULA (End User License Agreement) and close the browser tab it will open.Now click the Scan blue button and under the Standard Scan (recommended) click on the Scan button.When the scan is complete, click on Results button. NOTE: DO NOT delete anything it find. All listed items that he can find should be carefully analyzed.Then click on Report button.Click Export button and select "Text file".Give a name to the file such as RKlog.txt and save it to the Desktop or in a location where you can easily find it.Click the Finish button and close RogueKiller window.Copy and paste the entire contents of that log into your next reply. Let me see the content of the log and wait for further instructions. Thank you, Android8888
  5. Hi, All your logs were looking good. FRST logs did not show signs of any of those threats that you mentioned. Let's just run one more scan using Microsoft Safety Scanner to ensure all is clean. This is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. The download links and the how-to-run-the tool are at the following link at Microsoft. https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download I will need to see the scan results. The log is named MSERT.log and it will be located in %SYSTEMROOT%\debug\msert.log which in most cases is C:\Windows\debug\msert.log. Please attach that log to your next reply for my review. Android8888
  6. Hello Your logs look good. What type of notifications are you getting? Is it by e-mail or in Internet browsers?
  7. Hello JustRun7 and I'm Android 8888 and I'll be helping you with your computer issues. Please ask questions if anything is unclear. I suggest printing out each set of instructions or copy them to a Notepad file and reading the entire post before proceeding. It will make following them easier. Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach that file in to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. Please download the latest version of AdwCleaner by Malwarebytes and save the file to your computer Desktop. Right-click on AdwCleaner.exe and select Run as Administrator to start the tool.Click Yes to accept the UAC security warning that may appear.Click Agree to accept the EULA (End User License Agreement).Click the Scan Now blue button and wait until the scan is complete.Once the scan completes, make sure that every item listed in the different tabs is checked unless your want to keep the item(s) or suspect that it is a false positive.NOTE: If you are in doubt about any of the identified malware entries detected, please do not proceed to the next "Clean" step. Just select Log Files on the left pane and double-click the AdwCleaner[Sxx].txt name, where xx is replaced by a number (the largest number is from the more recent log and is the one I need to see). Copy and paste the entire contents of the scan log into your next reply for my review.IF you are satisfied that all of the checked entries are malware-related, click on the Quarantine button.Now you may also be asked to Run Basic Repair or skip it. This is optional. I would suggest you skip it for now.Once the cleaning process is complete, AdwCleaner will ask you to restart your computer.Close all other open windows and allow it to restart.After the restart, Notepad will open with the AdwCleaner cleaning log when logging in. The log can also be found at C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt (where xx is replaced by a number, the largest number is from the more recent log and is the one I need to see).Please attach that log into your next reply. Please download Malwarebytes from here and install it on your computer. Open Malwarebytes with administrator privileges.Go to "Settings" (upper right corner wheel), "Security" tab, and ensure that "Automatic quarantine" button is turned On.Now scroll down a bit until "Scan options" and ensure the Scan for rootkits button is turned On.Close the "Settings" panel and click the Scan blue button to perform a new scan.Once the scan is completed click on the View report button, then on Export and select Export to TXT.Save the file as a Text file to your Desktop or other location you can find it.Please attach that file in your reply. Please attach the 3 logs in your reply and let me know how is the computer running now. Thank you. Android8888 fixlist.txt
  8. Hello @Amelia_Belli and Please read the content of the topic I'm infected - What do I do now?, run the scans and attach the requested logs for my review. Then wait for further instructions. Thank you. Android8888
  9. @AcousticChic It's been past almost two weeks since my last post. Do you still need assistance with this issue?
  10. @supersonicsjm There was no need to run the previous FRST fix again. Just the new scan with Malwarebytes after resetting Chrome Sync. Resetting Sync will clear everything in your Chrome Sync history. This does not remove the items from your Desktop or mobile browsers, it only clears the various caches stored on the server. Now, test the computer for a couple of days and let me know if the problem is solved. Thank you. Android8888
  11. Hi, Are you syncing Chrome with other devices? If you do, that can be causing the problem. Read carefully the instructions at the link https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/ and execute the steps as instructed. Then, let me know if that solved the issue.
  12. Hello @gesturepoke and I apologize for the delay in responding to your topic. My screenname is Android8888 and my real name is Rui and will be glad to help you. Please feel free to ask questions if anything is unclear to you. Please read carefully the instructions at https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/ and execute the steps in the order listed. Let me know if the problem persist. Thank you. Android8888 (Rui)
  13. @supersonicsjm How is the computer running? Is the problem solved? Thank you.
  14. @AcousticChic You can delete all Registry items found by AdwCleaner. Re-run AdwCleaner and delete these: PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\searchenginejournal.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.searchenginejournal.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\searchenginejournal.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.searchenginejournal.com PUP.Optional.SpeedBrowser HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\browser.exe PUP.Optional.SpeedBrowser HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\browser.exe You can keep the Preinstalled Software. Let me know if are running in any difficulties. Also, I need to see the Malwarebytes log after scanning, not the service log. Please attach that log for my review. Thank you.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.