--use-spdy%3Doff

[CanOworms]

I recently got a fake email with an infected Word document, which I foolishly opened. Now, anytime I click on a link in an Outlook Email, my browser (Chrome) opens the link, but also opens 2 other unwanted tabs:

 --use-spdy%3Doff

and

-disable-http2 popups

After some googling, I downloaded and ran Malwarebytes, which found and quarantined several items.

The problem still exists. It ONLY happens with I click a link from within an Outlook email. If I click on a link from gmail.com there is no problem.

Also, if I try to open Edge or Firefox, they will not open and I get a message that MWB has blocked an exploit.

I also tried Zemana with the same results.

HELP!!

[nasdaq]

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

If the problem persists IN CHROME and you Sync Chrome with other devices reset the Sync.

Read this article and proceed.

Chrome Secure Preferences detection always comes back
https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
<<<>>>

If you problem is not solved run this program.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs  for my review.

Wait for further instructions

 

[CanOworms]

Okay, I downloaded and ran FAddition.txtFRST.txtRST. The two files are attached.

[nasdaq]

Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

[nasdaq]

Are you still with me?

[CanOworms]

Oh, sorry, I didn't see your reply. I'll try it.

 

[AdvancedSetup]

Are you still with us @CanOworms

[CanOworms]

Well, the problem seems to have taken care of itself. Even though I never had the chance to follow your last instructions, the extra windows have stopped opening, and all browsers SEEM to be working normally. MWB does occasionally notify me that it has blocked malicious sites. Should I continue with your instructions, or do you think all is okay?

 

[AdvancedSetup]

Yes, I would recommend you follow his directions

Ron

 

[nasdaq]

CanOworms please follow the instructions on post no. 4.

Post the Fixlog.txt for my review.

[CanOworms]

Okay, here's the file. 

Fixlog.txt

[nasdaq]

Is the problem solved?

[CanOworms]

48 minutes ago, nasdaq said:

Is the problem solved?

As I stated above, the problem seemed to go away sometime after post #3 on the 3/7/19. Maybe MWB took care of it. No more extra windows popping up. MWB does occasionally catch some malicious items, and routinely give me clean scans. Do you think it's all taken care of? I appreciate your help.

[nasdaq]

Malwarebytes is protecting you.

Stay safe.

 

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks