Jump to content

Maurice Naggar

Experts
  • Content Count

    18,053
  • Joined

  • Last visited

Everything posted by Maurice Naggar

  1. This Thread/topic is for member Biscuitz13 only. who is the topic starter. If you are not BISCUITZ13 , do NOT post here @Biscuitz13 THis topic is for you and only you. Another person had posed here. But that one has his own thread-topic. Biscuitz13, Is there anything that you need at this point ? It seems to me you wrote that you have got your case taken care of.
  2. @ElPerroLoco please stick with this Topic here. This topic is yours. Do not post in the other user topic. Your last posts really got things confused. Each person has his own Topic.
  3. Thanks for the report. The tagged items with P U P are related to the Chrome browser. [ 1 ] The Chrome Syncing feature gets in the way of cleanups. need you to use Chrome and then go to https://www.google.com/settings/chrome/sync and sign into your account. Scroll down until you see the "reset sync" button and click on the button At the prompt click on "Ok". [ 2 ] I would suggest to download, Save, and then run Malwarebytes ADWCLEANER. Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner. Please download Malwarebytes AdwCleaner from here: Click the blue Download button. ( do not pay attention to the other text displayed on that screen). Be sure to Save the file first, to your system. Saving to the Downloads folder should be the default on your system. Go to the folder where you saved Adwcleaner. Double click AdwcleanerGUI to start it. At the prompt for license agreement, review and then click on I agree. You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner). Then click on Dashboard button. Click the blue button "Scan Now". allow it a few minutes to finish the Scan. Let it remove what it finds. NOTE: When it comes to the section " Pre-installed applications You can skip that. Please find and send the Adwcleaner "C" clean report. In Adwcleaner, click the "Reports" button. Look at the list of reports for the latest date & type "Clean". Double Click that line & it will open in Notepad. Save the file to your system and then Attach that with your reply. [ 3 ] Start Malwarebytes from the Start menu. Click the SCAN button. Select a Threat Scan ( which should be the default). When the scan phase is done, if any item is detected, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical. Then click on Quarantine selected. Attach a copy of that scan-run report ( of Malwarebytes ) Thanks. Keep me advised.
  4. Thanks for the report. I have listed 2 things to do. The first is a small cleanup. [ 1 ] This is for Davide07 only.  Please Close and save any open work files before you start this next step. It may involve a Windows Restart at the end of it. I am sending a custom Fix script which is going to be used by the FRSTENGLISH tool. They will both work together as a pair. Please RIGHT-click the (attached file named) FIXLIST and select SAVE AS and save it directly ( as is) to the Downloads folder The tool named FRSTENGLISH.exe is already on the Downloads folder. Start the Windows Explorer and then, open the Downloads folder. Double click FRSTENGLISH to run the tool. If the tool warns you the version is outdated, please download and run the updated version. Click the Fix button just once, and wait. PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. Some machines take longer than others. If you receive a message that a reboot is required, please make sure you allow it to restart normally. The tool will complete its run after restart. When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run. [ 2 ] Keep going with this. The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. The download links & the how-to-run-the tool are at this link at Microsoft https://docs.microsoft.com/it-it/windows/security/threat-protection/intelligence/safety-scanner-download Let me know the result of this. [ 3 ] Kindly attach the Fixlog.txt with your next reply Let me know if the block notice " Exploit payload process blocked " happens. Fixlist.txt
  5. Hi, @Davide07 My name is Maurice. I will be helping and guiding you, going forward on this case. This Thread/topic is for member Davide07 only. who is the topic starter. If you are not Davide07 , do NOT post here We need to get information from this machine in order to have the proper detail to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-1.4.0.615.exe to run the report You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Do NOT use the button “Start repair” ! Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the ZIP file in your next reply. Thank you.
  6. As far as " Riskware.ExtensionMismatch " see the following write-up in the Malwarebytes Threat Center https://blog.malwarebytes.com/detections/riskware-extensionmismatch/ When you look ( thru File Explorer / Windows Explorer ) at some of those Jpegs ..... did you look close at them if they had double extensions in the file-name ? How confident are you about the origin & security of those Jpegs? As to why the scan ran for so long, a lot has to do with the sheer numbers of files on that drive, the types of files they are.
  7. Hi, Very good tips. If I may just add.....advise all to not be hasty to "click" stuff. Hold off on clicking without some very careful checking, like David suggested. The bad guys use attachments in email as "a" way to move ransomware & spear phishing & other evil. Don't ever be 'automatically' clicking. Also watch out for cleverly worded lures in Email subject lines & body. Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).
  8. Hello Biscuitz13. My name is Maurice. Your case was unfortunately overlooked just because of the sheer number of posts on it. The help team looks for new cases by looking for those that just have a count of 1 post. This one here had a grand total of 8 sequential ( more or less) posts by you + I believe 3 posts by another individual. Thus it appeared to have been replied to. which it was. It happened to be only you. Your last post indicates that a) I am sorry to read of a reversion to a older Windows version ( if that is what it was). If you did a System Restore then that is "perhaps understandable". b) Q: How are things now ? c) Q: Do you need help at this point? If yes, be sure you fill me in on detail. NOTE: Help in Malware removal is One to One. It is not a group thing. I have moved the other person onto his own Topic. Sincerely, Maurice
  9. OK. Since the pc has ESET, it was ESET's to take care of that. ESET would be the first and Primary handler for this. I would still recommend a scan with the Microsoft Safety scanner. Q: Is there anything else that you need at this point?
  10. Hi, @ElPerroLoco My name is Maurice. I will be helping and guiding you, going forward on this case. I am sorry to see that your posts were on a Case for another individual. It would have been far better tht you had created your own Case. I have moved your posts here. In Malware removal help we expect just One person to have his own case and not have other people's issues over layed on top. That is to say, help here is One to One. Not a group thing, Only you and I will be sharing this Topic. Be very sure you do FOLLOW this topic on the forum. We need to get information from this machine in order to have the proper detail to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-1.4.0.615.exe to run the report You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Do NOT use the button “Start repair” ! Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the ZIP file in your next reply. Thank you.
  11. Hi Mimi. I appreciate knowing you are something of a "newbie" when it comes to terminology & computer security. Thanks for running and sending the support tool. The 2 most recent scans with Malwarebytes for Windows reported "no malware" present. Re-reading your first post you said SO it seems to me you are simply seeing some advertising from one of the web browsers on this machine. i would like for you to read and do the suggestions on the following so that these kinds of "push ads" are not so easily able to appear. See this article on our Malwarebytes Blog https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/ You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10), or on Opera. Scroll down to the tips section "How do I disable them". Let me know how it goes. Let me know if you need other help. Sincerely, Maurice
  12. Thanks. But the Adwcleaner report is from June 28. The Norton run of July 19 found nothing to be flagged. Total security risks detected: 0 Total items resolved: 0 Total items that require attention: 0 The Malwarebytes for Windows scan of the 18th found no malware. Ir is not clear why the CPU usage stats are an issue here on this box. It could be the auto-started applications "load" when Windows starts up. To that end, I will suggest later some research steps for you. It could also be that some Windows system services are having some issue. To that end I will recommend you get this Windows updated to Version Build 1903. By the way, the Windows "System Restore" service is off. You need to turn it back ON. See https://www.tenforums.com/tutorials/4533-turn-off-system-protection-drives-windows-10-a.html For now, a special scan at Microsoft. The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. The download links & the how-to-run-the tool are at this link at Microsoft https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download Let me know the result of this.
  13. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks
  14. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks
  15. Hi ChrisWhit. Is there anything else that you need at this point ? Sincerely.
  16. Hello. Thanks for the support tool report. This is a Windows 10 pc. I would like to get you to drill thru the Windows 1o ' Windows Defender history with an eye to finding that tagged-item. We need to know the file-name and location of that item. This is the way to look at the Windows Defender scan history. Go to the Windows Start menu. Click on the Settings icon. Now click on Update & Security. Then click on Open Windows Security. · Click the Virus & threat protection tile and then the Protection history label ( in blue color) Find the latest entry that shows the Win32/Occamy.C . In addition to that, also run this special scan. The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. The download links & the how-to-run-the tool are at this link at Microsoft https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download Let me know the result of this.
  17. Hi, @Poxeh My name is Maurice. I will be helping and guiding you, going forward on this case. We need to get information from this machine in order to have the proper detail to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-1.4.0.615.exe to run the report You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Do NOT use the button “Start repair” ! Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the ZIP file in your next reply. Thank you.
  18. You bet. It goes without saying to practice safe pc use, along with safe daily practices, and beefing up all web browsers. We should also mention that for Windows 10 Edge browser, Microsoft store applet has browser ad blockers. Beyond regular Backups, and keeping up with Microsoft Windows Updates, the following is probably the next most important tips: Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources. First rule of internet safety: slow down & think before you "click". Free games & free programs are like "candy". We do not accept them from "strangers". Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing. Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program. Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).
  19. Hi, Thanks for letting us know. If you should need something else at this point, let me know. You indicated all is well, so I am tagging this thread for closure. All the best to you.
  20. Malwarebytes Premium is not a traditional ( actual ) antivirus. I just want to note, if your Windows is Windows 10, you can save money by doing without the Kaspersky and using the built-in Windows Defender antivirus.
  21. Wishing you the best. Some "safety" tips. Safer practices & malware prevention: Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources. First rule of internet safety: slow down & think before you "click". Free games & free programs are like "candy". We do not accept them from "strangers". Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing. Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program. Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos). Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed. Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next". Use a Standard user account rather than an administrator-rights account when "surfing" the web. See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet. Check in at http://windowsupdate.microsoft.com Windows Update and install any Important Updates offered. Make certain that Automatic Updates is enabled. https://support.microsoft.com/en-us/help/12373/windows-update-faq Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware. For other added tips, read "10 easy ways to prevent malware infection" . Cheers,
  22. You are very welcome. You may delete the FIXLIST.txt file and anything I had you download. I am happy to have helped. My best to you.
  23. OK. Great. Just be sure to monitor that Update run. Leave it to do its things. Keep monitoring. Watch for any prompts later on. Have lots of patience. The actual update run may take a couple of hours or so. Continue to have patience. Your Windows will be more secure once build 1903 is in place. Let me know if there is anything help at this point. Sincerely,
  24. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks
  25. Hi, Yes, thanks for the reminder. When you have a license subscription with 2Checkout, you can add to the number of seats on that subscription.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.