Maurice Naggar

Moderators
  • Content count

    16,559
  • Joined

  • Last visited

1 Follower

About Maurice Naggar

Profile Information

  • Location
    USA
  • Interests
    Security, Windows, Windows Update, malware prevention

Recent Profile Visitors

69,290 profile views
  1. Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!
  2. Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!
  3. Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!
  4. Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!
  5. Kudos. That's great news. Let me know if you need other help.
  6. Hi, Did you look for the blue-color icon on the taskbar for the Malwarebytes icon? on the right hand side near the clock ? If not there, did you look at and click the white color single "up arrow chevron" to see if the icon is there and grouped along with the other hidden auto-started apps? Click on the white up-arrow-chevron and see if Malwarebytes is there. Another way to look is to bring up Windows Task Manager and then see if you see the Malwarebytes services. Another view and quick visual checkup : I would like for you to start the Malwarebytes Anti-Malware program. Please look at the Dashboard screen. Does it have the 3rd bar from the top show "Your system is fully protected" ? Click the *Settings* icon >> then *Detection and Protection* are the 2 protections on for Malware protection + Malicious website protection ?
  7. Hello BTDHero. The ransomware removes itself after they have done their dirty deed. We have no decryptor. But I believe others have one or two that you may try. But first, be sure you make SAVE Backup copies of these documents onto external storage before trying the decryptor. If you saw *.crypt* in the filename extensions, then this falls under the classification of a CryptXXX ransomware. Go slow and careful and see if this writeup matches what you are looking at. and before doing anything, Copy off all your messed-up user files to a clean USB-external-flash drive for safety before you do anything. Check out articles at Bleepingcomputer http://www.bleepingcomputer.com/news/security/gomasom-crypt-ransomware-decrypted/ Also check out http://support.kaspersky.com/11333#block1 and this https://support.kaspersky.com/viruses/disinfection/8547 at Kaspersky, see if that fits your situation. If it happens that what this is, is a version 3 of cryptxxx, there is no known decryptor that I know of. plus http://www.bleepingcomputer.com/forums/t/597512/uniquekeydrcom-ransomware-support-topic-adds-crypt-extension-to-files/page-3#entry3895897 I always regret to see anyone be a victim to these types of malicious destructive infections. The news is never good. This infection is not a normal type of infection. It is very vicious and has done all the damage already before it even gives you the first clue. By the time you see the first warning, it is all done & has damaged your personal documents. If your computer is on a network, physically disconnect it from the network. There is nothing we can do to restore *the files you did not backup.* However, I think Kaspersky had a decryptor that may help you out. This infection relies mostly on user execution via opening an attachment from an unknown email source. We can remove the infection but can't cure or resurrect the corrupted /encrypted documents & files. Note: These ransomwares do disable Windows System Restore and do get all restore points deleted. They also disable the Volume Shadow Copy service.
  8. Hello. I will be guiding you as we go forward. I do need to see diagnostic information from this system. I would like to ask that you always attach any report or file I ask for, from time to time. Before we proceed further, please read all of the following instructions carefully. If there is anything that you do not understand kindly ask before proceeding. If needed, please print out these instructions. Please do not post logs using CODE, QUOTE, or FONT tags. Just always attach files / reports. Please enable your system to show hidden files: How to see hidden files in Windows Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly Removing malware can be unpredictable, it is unlikely, but things can go wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen / flash drive Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. The removal of malware is not instantaneous; please be patient. Often we are also in a different Time Zone. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. You can check here if you're not sure if your computer is 32-bit or 64-bit As we go along, from time to time, Windows User Account Control ( U A C ) will prompt whether to allow a tool or procedure to proceed forward. Approve the Windows’ UAC prompt on by clicking on Continue or Yes. When we are done, I'll give you instructions on how to clean up all the tools and logs Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. Your topic will be closed if you haven't replied within 3 days. I would suggest you do all you can with these tips on Chrome browser. You can force Chrome to start in reduced mode, called Incognito mode, by putting a parameter at startup. First, close any prior instances of Chrome via Task Manager. Then press Windows-key+R for the RUN option and then put a command line similar to this {do use COPY & PASTE} chrome.exe -incognito Starting Chrome in Incognito mode may work for you, and allow you to make "changes" or tweaks in it. Note also, Incognito mode is also an option in the Chrome menu {as long as it can start}. Other suggestions, for Chrome, while Chrome is running: Press & hold SHIFT+CTRL+Del keys to get menu for clearing browsing data: Check "Empty the cache" "Delete cookies and other site and plug-in data" and press Clear browsing data button Still in Chrome, press ALT+F then Settings Click Extensions on the left. Closely review the browser extensions that are listed. Disable any that you are not familiar with or that you do not trust. Also see these Google - Chrome articles and take appropriate measures !! Reset browser settings https://support.google.com/chrome/answer/3296214 Search engine and other settings taken over by an unwanted program https://support.google.com/chrome/answer/2765944?hl=en&ref_topic=3227046 fyi, the general Google Chrome help online http://support.google.com/chrome
  9. You are welcome. I do wish you well.
  10. You are welcome. I am glad to help. Is this machine a tablet by any chance? or is it a little notebook type? Does the manufacturer offer it new with Windows 10 ? What is the model number at Lenovo? Do you have a link to their catalog page?
  11. I seriously doubt that the Win1o build is at the root of these issues. I truly suspect it is the microprocessor on the system board is not up to minimum requirements to run this operating system. Look again at my citations ( link at Microsoft). The processor has to be at minimum 1 Ghz. and by the way, yes an Intel i5 would have been much better choice. You have indicated that Malwarebytes reported no infection. That is why I do not believe there is one. You can run all sorts of tests but I doubt there is any "virus" or "malware". Situation is more like either a unsteady installation but more likely the underpowered processor. and by the way, I would not under-estimate the BSOD Stop code. It is not from a malware. But fits in with having a processor that is only rated at 0.80GHz Its not meeting the minimal required.
  12. I'm marking this thread for closure. I wish you well.
  13. Hi. We need to break down & separate all the issues you described. The major concern is the Windows STOP crashes. The BSOD. Thanks for the screen images. Those are genuine Windows 10 crashes. Notice the stop code Critical process died. I will likely wind up recommending we switch your case over to the sub-forum on BSOD. We have a dedicated sub-forum for that purpose. BUT see my very last note below, since it appears that your hardware does not meet the minimum requirement to run Windows 10 ! NOTE: I would like to ask you about your hardware. The report shows the system board as Intel Core M-5Y10c CPU @ 0.80GHz what exactly is this ? It does not seem to meet the minimum requirements to run Windows 10 see https://www.microsoft.com/en-US/windows/windows-10-specifications The minimum is listed as Processor: 1 gigahertz (GHz) or faster processor or SoC On the less major scale but somewhat more pressing is that bogus Firefox screen. That is not something that Mozilla Firefox does. Here is what needs to be done for Firefox. Press and hold the Windows key and tap R key to get the Windows RUN box. Then type in firefox.exe and tap Enter. Then press and hold SHIFT+ CTRL + tap the DELete key on keyboard. Follow the dialog to delete all cache files. Then using Firefox menu, press ALT key and select H for Help. Then select About Firefox. Follow the dialog to check for and get the latest Firefox release. I show that version 48.0.2 is the latest release. Having done that, this should get Firefox back to normal. Some good tips here for Firefox and the rest of your browsers. Use a good browser extension ( add on) ad blocker. If your pc has no ad blocker add-on for your browser(s), I would suggest uBlock Origin. For Mozilla Firefox, use the Mozilla page at this link https://addons.mozilla.org/addon/ublock-origin/ For Google Chrome, see https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm For Internet Explorer browser: https://adblockplus.org/en/internet-explorer For Opera browser, see https://addons.opera.com/en-gb/extensions/details/ublock/ *ALSO this too* To help totally block these types of "popups" I would recommend to *only use Firefox browser* that also has the add-on for *NoScript Suite Lite.* and just only use that when surfing the web. Tips and how to's for Noscript suite are on this page link http://mybrowseraddon.com/noscript-lite.html We have a free version Malwarebytes Anti-Exploit (MBAE) that protects against exploit attacks in your browsers and Java, and a paid version that also protects additional applications such as MS Office. https://downloads.malwarebytes.org/file/mbae_current/ I would recommend you install the Anti-Exploit in free use mode. ( that is, if you do not have it from before). Further, Take deeper looks on the options and security settings of each web browser. Make sure that the POPUP blocker is ON. Set the option on for rejecting (decline) 3rd-party cookies. For now, I would suggest that you drill thru and review the list of automated STARTUP drivers/programs that auto-start with each Windows start session. Press Windows-key + R key for the RUN option. Then type in Taskmgr.exe and tap Enter. Wait for the GUI to fully populate for Task Manager. Then click on the tab Startup. Look over the whole list looking to see what can be turned off ( temporarily). Keep and write down the list of what you do. Lenovo and other hardware drivers are ok to keep on. And same for antivirus and any other security app, as well as any network drivers. Turn off *CCleaner*. Turn off AV Spybot - Search and Destroy Turn off iTunes Apple update. Keep a list. The whole intent is to trim down all auto starts down the bare bones essentials. Then do a Windows RESTART. The principles of this exercise is to find out if one the auto started apps is causing or leading-to the STOP code Windows crash. A general guideline is on this Microsoft article ( granted it mentions earlier versions of Windows, but it does cover Windows 10). https://support.microsoft.com/en-us/kb/929135 The STOP code crash is the major issue in this case. The one that is somewhat of a middling type ( meaning, somewhat lesser priority) is that "black screen with the flash cursor". That is hard to guess as to what that is ! BUT, if that happens again, what you could try are (a) press the space bar and see what happens (b) press the Escape key & see (c) move the mouse around and round in the hopes that the screen will refresh (d) type in explorer.exe and tap Enter key & wait a while ( have lots of patience) and see if the GUI for Windows Explorer comes on. (e) press and hold Windows-flag-key on keyboard and then tap E key to see if Windows Explorer comes on
  14. Hello. I only see ( from the reports) that Internet Explorer 11 crashed a few times. What exactly is on the so called BSOD? ( and are you super sure it is the real one ?) If your screen's Windows desktop goes dark it may be that the system is busy with other things. When did this "dark screen thing on the desktop" start to happen? Is it every time you start Windows ? Did you recently reboot today? RESTART does a lot of wonders sometimes. You stated you did a Windows 10 REFRESH. That should have got Windows back to shape. You also state that our M B AM reported no malware. What about doing a scan with the resident antivirus ? Before you do anything else, do the following: Before we do anything else, I would like for you to do two safety precautions for your Windows 10 installation. Get a hold of a large enough, new/clean USB flash-thumb drive and make a Windows 10 Recovery Drive ( which comes in real handy in dire situations). Checkout the write-up by Brink at Tenforums ( which is an excellent Windows 10 help resource ) How to Create a USB Recovery Drive in Windows 10 Second, Study this excellent guide and see about applying this safety adjustment for Windows 10 startup How to Enable or Disable F8 Advanced Boot Options in Windows 10 You want to ENABLE F8 as an option on bootup. Do those 2 things and let me know after that is in place. I very much recommend those procedures.
  15. Hi. Our Malwarebytes software is not a anti "virus". Ours does not substitute for nor is it a replacement, for "antivirus". We do not turn "off" any other application when you install ours. The other thing I wanted to point out is: If you have Windows 8, 8.1, or Windows 10, the Windows Defender in those versions IS a antivirus. It is a good one. The one included on Windows 10 is especially good, since it also includes the ability to run Windows Defender Offline.