Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Help!My Malwarebytes cannot detect click-now-on.me malware

Recommended Posts

  • Replies 52
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

I do not mean anything, I just say I see Firefox in your FRST logs.. Maybe is from a previous install..


FF ProfilePath: C:\Users\W10User\AppData\Roaming\Mozilla\Firefox\Profiles\CILI1oMU.default [2018-01-03]
FF Extension: (Avira Browser Safety) - C:\Users\W10User\AppData\Roaming\Mozilla\Firefox\Profiles\CILI1oMU.default\Extensions\abs@avira.com [2018-01-03]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2017-12-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2017-12-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

How is your internet connection made, is this through a Router..?

Link to post
Share on other sites

Formatting is an option I guess, not sure I would go that way yet. Try resetting all installed browsers...

Reset Browsers to Default Settings 

Please visit each of the following sites and to reset your browsers back to default to prevent unexpected issues.

If you are not using one of the browsers but it is installed, then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection.

Internet Explorer
How to reset Internet Explorer settings

Microsoft Edge
How to Reset Microsoft Edge in Windows 10

Click on Help / Troubleshooting Information then click on the Refresh Firefox button.

Reset Chrome back to defaults to completely clear out issues with Chrome.

  • First, go to >> Google Sync << and sign into your account. Make sure you know your password as this will clear it from the browser.
  • Scroll down until you see the  reset_chrome_sync.png button and then click it to clear your data from the server and remove your passphrase.
  • Now, close all Chrome windows. Chrome cannot be running for the next step. If needed, print this information or use another browser to read the information.
  • Press the Windows key + R at the same time, to bring up the run dialog box.
    • run_command.png
  • Type in (or copy/paste) the following and press Enter:      %localappdata%\Google\Chrome\User Data\Default\
  1. Press Ctrl + A to select all the files and folders.
  2. Hold down Ctrl + A and click once on the files "Bookmarks" and "Bookmarks.bak". This will unselect them. This is what it should look like:

  3. With all the files selected (except for your Bookmarks), press the Delete key and click Yes to delete the files and folders.

Restart your computer now and see if there are no longer any redirects or other browser issues. 


Link to post
Share on other sites

You have Windows 10 Pro installed, if you want to make a fresh start then the tools you need are available on your system. An option to "Refresh" your system is not difficult, that option will save all of your private files, data, pictures videos etc etc and reinstall Windows. Any software you have installed yourself from outside of Windows App store would be lost so would have to be reinstalled.

Have a read here: https://www.tenforums.com/tutorials/4090-refresh-windows-10-a.html  The process is not too difficult, maybe read two or three times to absorb the information. Print off the instructions to aid the process... This way you will not incur PC Shop charges....


Link to post
Share on other sites

thank you for your answer kevin, It is still too technical for me. If you want to do the job for me  (if it is possble from a remote position) I will be more than happy to send you a donation as per your statement LOL 

  I I do not have any file to save  I can lose all. 





Link to post
Share on other sites

Then the easier and more simple fix is a system RESET, that goes back to scratch with nothing saved. Believe me this is so easy for you...

  1. Select Start then "Settings". ...
  2. In the new Window select "Update & security"
  3. From the left pane of new Window click "Recovery"
  4. In the new Window click on "Get started" under "Reset this PC".
  5. Click either "Keep my files" or "Remove everything," depending on whether you want to keep your data files intact.
  6. From there just follow the prompts
  7. If this process fails you will get the option to revert back to where you started. It is probably the easiest set of instructions you will ever need....
Link to post
Share on other sites

hello Kevin,


I do not know why but at the moment I am not experiencing anymore the issue...how come??I did not do anything so far...

I did not even try to do the refresh as per your last suggestion, shall I leave all in this way?? I do not understand,  could it be possible this malware was only temporary??


Thank you



Link to post
Share on other sites

Hello Marco,

I do not believe any Malware is temporary, malware does not usually self fix. It did appear that you had some kind of shortcut exploit. Such exploits will add a URL to the address the shortcut points to, hence when the shortcut is selected the URL is called and the popups appear....

We have not found the source of the popups yet, so it may still reappear. The scans we`ve done and logs produced do not show a definite reason for what is/was happening. Use your system as normal and see if the popups start again.

The popups only happen when you access Chrome or Internet Explorer, do they both have the same home page, that is the page that opens when you select your Browser. I suppose if they are the same then that website could have been exploited. Exploited website can be fixed by the owners...

Thank you,



Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.