Jump to content

Android8888

Trusted Advisors
  • Content Count

    697
  • Joined

  • Last visited

Everything posted by Android8888

  1. @AcousticChic It's been past almost two weeks since my last post. Do you still need assistance with this issue?
  2. @supersonicsjm There was no need to run the previous FRST fix again. Just the new scan with Malwarebytes after resetting Chrome Sync. Resetting Sync will clear everything in your Chrome Sync history. This does not remove the items from your Desktop or mobile browsers, it only clears the various caches stored on the server. Now, test the computer for a couple of days and let me know if the problem is solved. Thank you. Android8888
  3. Hi, Are you syncing Chrome with other devices? If you do, that can be causing the problem. Read carefully the instructions at the link https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/ and execute the steps as instructed. Then, let me know if that solved the issue.
  4. Hello @gesturepoke and I apologize for the delay in responding to your topic. My screenname is Android8888 and my real name is Rui and will be glad to help you. Please feel free to ask questions if anything is unclear to you. Please read carefully the instructions at https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/ and execute the steps in the order listed. Let me know if the problem persist. Thank you. Android8888 (Rui)
  5. @supersonicsjm How is the computer running? Is the problem solved? Thank you.
  6. @AcousticChic You can delete all Registry items found by AdwCleaner. Re-run AdwCleaner and delete these: PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\searchenginejournal.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.searchenginejournal.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\searchenginejournal.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.searchenginejournal.com PUP.Optional.SpeedBrowser HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\browser.exe PUP.Optional.SpeedBrowser HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\browser.exe You can keep the Preinstalled Software. Let me know if are running in any difficulties. Also, I need to see the Malwarebytes log after scanning, not the service log. Please attach that log for my review. Thank you.
  7. Hello @AcousticChic Please read carefully and execute the instructions at the link that @AdvancedSetup posted in his previous post and before turning on Chrome Sync, execute the fix with FRST and also the scans as instructed. Thank you.
  8. My screenname is Android8888 and my real name is Rui and will be glad to help you with your malware issues. Please feel free to ask questions if anything is unclear to you. After looking to your logs I will ask you to proceed with the instructions below. First step is uninstalling AdBlocker version 1.0.3.5 using the method below: Click on Start > Settings wheel > Apps/ProgramsSelect the program AdBlocker version 1.0.3.5 from the list and click Uninstall.Follow the prompts to complete the removal process. Next step, remove these two Chrome extensions using the method below: Optimum IncognitoSearches Search Open Google Chrome; Type chrome://extensions in the address bar and press Enter; Click the trash can icon by the extension to remove. A confirmation dialog appears, click Remove. Next step, run the following fix with FRST. Warning: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to the operating system. Now follow the instructions below to execute a script fix on your system using FRST, and provide the log in your next reply. Download the attached fixlist.txt file (at the bottom of this post), and save it on your Desktop (or wherever your FRST64.exe executable is located); DO NOT open or modify that file!Right-click on the FRST executable and select Run as Administrator;Click on the Fix button;On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;Please attach the Fixlog.txt in your next reply; Next step, run a scan with Malwarebytes as instructed below: Open Malwarebytes.Go to "Settings" (upper right corner wheel), "Security" tab, and ensure that Automatic quarantine button is turned On.Now scroll down a bit until "Scan options" and ensure the Scan for rootkits button is turned On.Close the "Settings" panel and click the Scan blue button to perform a new scan.Once the scan is completed click on the View report button, then on Export and select Export to TXT.Save the file as a Text file to your Desktop or other location you can find it.Please attach that file in your reply. Next step, run a scan with AdwCleaner as instructed below: Please download AdwCleaner by Malwarebytes to your Desktop. Close all open programs and Internet browsers.Right click on AdwCleaner.exe and select Run as administrator to run the tool.Click the Scan button and wait for the process to complete.Click the LogFile button and the report will open in Notepad. IMPORTANT:If you click the Clean button all items listed in the report will be removed.If you find some false positive item(s) or program(s) that you wish to keep, Close the AdwCleaner window.Close all open programs and Internet browsers.Right click on AdwCleaner.exe and select Run as administrator to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.The log can also be found at C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt (where xx is replaced by a number, the largest number is from the more recent log and is the one I need to see).Please attach that log file in your next reply. In your next reply please attach these logs for my review: Fixlog.txt Malwarebytes log AdwCleaner clean log. Let me know if the problem persists. Thank you. Android8888 (Rui) fixlist.txt
  9. Hello @Tnavear It has been 5 days without a response from you. Do you still need assistance?
  10. Hi, I'm glad you managed to restore most of your important tabs. Okay, please keep me posted.
  11. Hello @supersonicsjm Thank you for the logs. Please read this link and try to restore your Chrome tabs. Also, are you still having that initial error in Chrome? Thank you. Android8888 (Rui)
  12. Hi supersonicsjm, Thank you for the logs. Please execute the following: Warning: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to the operating system. Now follow the instructions below to execute a script fix on your system using FRST, and provide the log in your next reply. Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST64.exe executable is located); DO NOT open or modify that file!Right-click on the FRST executable and select Run as Administrator;Click on the Fix button;On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;Please attach the Fixlog.txt in your next reply; Next step, Open Malwarebytes.Go to "Settings" (upper right corner wheel), "Security" tab, and ensure that Automatic quarantine button is turned On.Now scroll down a bit until "Scan options" and ensure the Scan for rootkits button is turned On.Close the "Settings" panel and click the Scan blue button to perform a new scan.Once the scan is completed click on the View report button, then on Export and select Export to TXT.Save the file as a Text file to your Desktop or other location you can find it.Please attach that file in your next reply. Please attach the logs and let me know if the issue with Chrome was solved. Thank you. Android8888 (Rui) fixlist.txt
  13. Hello @supersonicsjm and My screenname is Android8888 and my real name is Rui and will be glad to help you with your computer issues. Please feel free to ask questions if anything is unclear to you. Please DO NOT RUN ANY additional scans or anti-malware tools on your own while you are being assisted in this topic. For now, follow the instructions below to download and execute a scan on your system with Farbar Recovery Scan Tool (FRST), and attach its two logs in your next reply. Download the right version of FRST for your operating system: FRST 32-bitFRST 64-bit Note: Only the right version will run on your system, the other will throw an error message. So if you don't know what your system's version is, simply download both of them, and the one that works is the one you should be using. Move the executable (FRST.exe or FRST64.exe) on your Desktop.Right-click on the file and select Run as Administrator to open the tool.Accept the disclaimer by clicking on Yes, and FRST will then search for updates which should take a few seconds.Make sure the Addition.txt box is checked.Click on the Scan button and wait. The tool will do a back-up of the Registry which should take a few seconds and then starts scanning your system.When the scan is complete, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then it will open two Notepad files.Copy attach both FRST.txt and Addition.txt files in your next reply for my review. Please attach the requested logs and wait for further instructions. Thank you. Android8888 (Rui)
  14. Hello @Tnavear Thank you for your patience. One thing before we start, your Drive C is only 3.9% of free space Drive c : () (Fixed) (Total:222.89 GB) (Free:8.81 GB) NTFS Looking to its total capacity I presume this is an SSD (Solid State Drive). SSDs will slow down its performance when they start to get full. To avoid the SSD slowing down, it is wise not to fill the SSD to full capacity, or store large and infrequently accessed files on it. I recommend you uninstall some programs you don't need or don't use anymore to free up to 30% disk space. If you want to keep all programs, another option is to buy a new SSD with more capacity. 500 GB is a good option. For now, proceed with the instructions below and execute the fix with FRST. Warning: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to the operating system. Now follow the instructions below to execute a script fix on your system using FRST, and provide the log in your next reply. Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST64.exe executable is located); DO NOT open or modify that file! Right-click on the FRST executable and select Run as Administrator; Click on the Fix button; On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad; Please attach the Fixlog.txt in your next reply for my review. Please attach the Fixlog.txt and let me know how is the computer running now. Thank you. Android8888 (Rui) fixlist.txt
  15. Hello Tnavear and welcome to Malwarebytes. My screenname is Android8888 and my real name is Rui and will be glad to help you with your computer issues. Please feel free to ask questions if anything is unclear to you. I will analyze your logs and I'll be back later with a response for you. Please DO NOT RUN ANY additional scans or anti-malware tools on your own while you are being assisted in this topic. Thank you for your understanding. Android8888 (Rui)
  16. Okay, any time you need help don't hesitate and feel free to ask here. We at Malwarebytes will certainly do what we can to help. Best regards and stay safe. Android8888
  17. Hi @andremelo90 I saw your new topic at Malwarebytes for Home Support > False Positives > Website Blocking. It appears your issue is resolved, isn't it? If so, please let me know so we can close this topic as well.
  18. Hi Alex, Thank you for the ESET log. How is the machine running? Is there anything suspicious on its behavior?
  19. Your logs are clean. Concerning the popups you are experiencing from Malwarebytes Premium version, the program offers 4 layers of active protection: Web Protection Malware Protection Ransomware Protection Exploit Protection In this case Malwarebytes Web Protection is blocking the application NoPing.exe from connecting the IP address 203.23.128.148 which is located at Hong Kong and does not have good reputation by several antivirus scanner engines. Take a look at this report: https://www.virustotal.com/gui/ip-address/203.23.128.148/detection However if you think this may be a false positive I suggest you create a new topic here for Research team to review and whitelist the site if it proves to be an FP. Are there any issues or concerns with the machine?
  20. Hi, @andremelo90 Thank you for your patience. I have analyzed your logs carefully and I would need to see a new set of logs from FRST to ensure that the suspected infection is not a false positive. Please run a new scan with FRST and attach the fresh logs (FRST.txt and Addition.txt) for my review. Then wait for further instructions.
  21. Hello andremelo90 and I'm Android8888 and I'll be helping you with your malware issues. Please ask questions if anything is unclear. Your system is infected with a Rootkit which is a stubborn and nasty infection. Please DO NOT RUN ANY additional scans or anti-malware tools on your own while you are being assisted in this topic, otherwise can get things worst. It's getting late, so I'll be back with a fix tomorrow. Thank you for your understanding. Android8888
  22. Good. I'm glad to know that! Let's try one final check with Microsoft Safety Scanner. The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. The download links and the how-to-run-the tool are at the following link at Microsoft. https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download I will need to see the scan results. The log is named MSERT.log and it will be located in %SYSTEMROOT%\debug\msert.log which in most cases is C:\Windows\debug\msert.log. Please attach that log to your next reply.
  23. Hi Alex, Yes, please restart the computer now and let me know how is it behaving.
  24. No problem. Forget RevoUninstaller. I included Driver Booster in the new fixlist.txt file attached to this post. Please proceed with the instructions below. Please download the fixlist.txt attached to this post and save it to your Desktop. Warning: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to the Operating System. Now follow the instructions below to execute a script fix on your system using FRST, and provide the log in your next reply. Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST64.exe executable is located); DO NOT open or modify that file! Right-click on the FRST executable and select Run as Administrator; Click on the Fix button; On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad; Please attach the Fixlog.txt in your next reply and let me know how is the computer running. fixlist.txt
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.