Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

3x credit card stolen victim seeking advice


  • This topic is locked This topic is locked
10 replies to this topic

#1 rcjiang

rcjiang

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:05 PM

Posted 21 February 2015 - 01:35 PM

In the past 6 months i've had fraudulent charges committed on my credit card. the only thing I know there is a correlation is the card is my 1st Master Card (barclays) i have always been a visa user no issue. My Amex which I still use for costco purposes has not been compromised before. Also when there is fraud I seem to be in Orlando or just left Orlando within a couple of days. I travel here alot to visit the girlfriend.

 

I don't download anything that I don't know (usually it's updating software). java, adobe, microsoft, Other than that i rarely download anything. I surf different websites but usually it's like the same sites that millions of people go to. Even the pornsites i go to are among the top 3 in web traffic. I really don't have much activity on my computer. I use windows essentials and keep it updated daily, 

 

i use google adblock so i'm never clicking on those pesky popups that i people see so i'm not being brought to some unknown third party site. Maybe it's not pc related and maybe when i make a purchase at a restaurant the waiter/waitress is making a copy of my information. But I feel like i need to explore this avenue too just in case.

 

Does anyone have suggestions on what I might have if i'm not downloading anything? What types of things can you get that would steal credit card info from just surfing the web or streaming a video from a tv streaming site based out of the uk? (that might be the most unsecure site i visit) not sure if thats correct im just saying it as a novice. any help on suggested programs scans would be nice as well.

 

i'm aggravated and i have only myself to blame for my misfortune but I seriously need help :( and don't have a clue what to do or where to start.

 

thanks,



BC AdBot (Login to Remove)

 


m

#2 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 21 February 2015 - 09:24 PM

If your credit card details have been repeatedly stolen, then you may have a keylogger on your computer. Keyloggers are programs which log what you type. If you have a keylogger installed on your system by a hacker, then your banking information may be compromised--the passwords you type end up getting logged by the keylogger. Therefore, I recommend you to change your banking passwords from a clean computer; you should notify your bank if your credit card gets stolen again.

 

Pornography warning

 

You have told me that you visit pornography websites in your forum post. Visiting pornography websites may expose your computer to all kinds of malware. Here's an exerpt from the "How Malware Spreads" forum post on this website:

 

Dangers of Porn Sites:

Websites related to pornography that appear to be compromised were found by Trend Micro engineers loading malicious JavaScript which redirects users onto malicious domains that ultimately lead to the download of an MBR rootkit onto the affected system.

Porn Sites Lead to MBR Rootkit

 

I will be asking you to run a few scans. After the scans are done, you may be sent to the Malware Removal Logs forum if any keyloggers or other problems which we might not be able to fix here were detected.

 

Rcljiang, let's start with some important instructions:

  • Avoid installing or uninstalling programs during the malware removal process, because doing so can cause discrepancies between the information in different log files created by different programs at different times.
  • Do NOT run tools such as Combofix unless instructed by a BleepingComputer staff member. These tools can break your computer if used improperly, so you should only run them if you know what you are doing or if the person who told you to use Combofix knows what they're doing.
  • If you want to, you should back up all important documents and files to an external storage device or online file backup service. Malware infections--and attempts to fix them--can prevent your computer from booting up, making your files unaccessable; this means that backing up your files to an USB flash drive or to an online service like Dropbox before attempting to remove malware is a good idea.

 

Step 1: Please download MiniToolBox by Farbar, and save it to your desktop.

 

Run the program. Please select the following options:

 

  1. Flush DNS
  2. Report IE proxy settings
  3. Reset IE proxy settings
  4. Report FF proxy settings
  5. Reset FF proxy settings
  6. List content of Hosts
  7. List installed programs
  8. List restore points

After the program finishes its job, it will create a log file called "Result.txt" on your desktop. Post the contents of that file in your next reply.

 

Step 2: Run ESET online scanner

 

  1. Using Internet Explorer, navigate to http://www.eset.com/us/online-scanner-popup/ (If you used another web browser, such as Firefox, you will have to download an installer file)
  2. Read through the program's terms of use. If you agree with it, check the checkbox which confirms that you accepted the program's terms of use. If you do not agree with its terms of use, then notify me and I can find another virus cleaning solution for you.
  3. Accept any security warnings which may appear.
  4. Click on the advanced settings part, and select "Scan for potentially unsafe applications","remove found threats", and "Scan archives".
  5. Check "scan for potentially unwanted applications".
  6. Click "start".
  7. Eset will download updates and scan your computer; this may take a few minutes to a few hours.
  8. When the scan completes, click "list threats".
  9. Click "Export", and save the log file to your desktop.
  10. Post the contents of the log file to your next forum post. Please note that if ESET does not detect anything, it may not necessarily generate a log file.

Step 3: Please download AdwCleaner by Xplode, and save it to your desktop.

 

  1. Click on the "scan" button.
  2. The tool will scan your computer for adware; this may take a few minutes.
  3. After the scan has finished, click on the "Report" button. A logfile, AdwCleaner[R0].txt, will show.
  4. After viewing the log, close the log file window. View the list of adware detections, and uncheck ones that you do not want to remove(i.e. the ones which you're sure to be benign).
  5. Press the "Clean" button. You will be requested to restart your computer.
  6. After restarting your computer, a log file called AdwCleaner[S0].txt will show. Post the contents of that log file in your next reply.

 

Step 4: Please download Junkware Removal Tool by thisisu to your desktop.

  1. Please turn off your antivirus program before running the tool to avoid conflicts. Remember to turn your antivirus back on afterwards.
  2. Run the program. If you are using Windows Vista or above, right-mouse click JRT.exe and select "Run as Administrator" instead of double-clicking.
  3. The tool will start scanning your computer. A DOS box will appear; this is normal and indicates that the tool is working.
  4. After the scan finishes, a log file called JRT.txt will appear on your desktop. Post the contents of that log file in your next reply.

Edited by jh1234l, 21 February 2015 - 09:55 PM.


#3 rcjiang

rcjiang
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:05 PM

Posted 24 February 2015 - 08:45 PM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Raymond Chin (administrator) on 24-02-2015 at 19:10:35
Running from "C:\Users\Raymond Chin\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
 
 
=========================== Installed Programs ============================
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.10 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2AE2789B-454A-0A8D-D848-38F1F7070C73}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
BisonCam (HKLM-x32\...\{5BBC4803-C96E-4D3E-9D1D-2E43774C4062}) (Version: 9.2.1.71.42 - BisonCam)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Citrix Access Gateway Endpoint Analysis (HKLM\...\{B1C873A0-ECFC-4481-A23F-0B418758FE37}) (Version: 9.2.49.8 - Citrix Systems, Inc.)
Citrix Authentication Manager (x32 Version: 2.0.0.41479 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.1.0.64094 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Definition Update for Microsoft Office 2010 (KB2956079) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{03F28B72-0BEC-4998-95D9-4AA9418D0041}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hotkey 3.3020 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 3.3020 - NoteBook)
Hotkey 3.3020 (x32 Version: 3.3020 - NoteBook) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.11.0000.1384 - Intel Corporation) Hidden
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.10.0.0136 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.10.0.0307 - Intel Corporation) Hidden
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.26.6 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.62.0 - JMicron Technology Corp.)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Logitech Unifying Software 2.00 (HKLM\...\Logitech Unifying) (Version: 2.00.43 - Logitech)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.7.0205.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Miro (HKLM-x32\...\Miro) (Version: 6.0 - Participatory Culture Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.14.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
THX TruStudio Pro (HKLM-x32\...\{82F99DC9-389A-4528-940C-88248731A620}) (Version: TAMB-CVS1D-1-LB R07 - Creative Technology Limited)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A4F91D60-654C-4892-BFD3-0D41ADA649B6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A12F43A5-CF0B-44E3-942F-2441CD442F0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{0B7744D2-1FDD-4843-9987-7CE11B79F370}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D1C4AD0B-CC79-41D2-8D6A-571E7B30658C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C1954E2B-1672-4E5C-B564-F8CB2D08345B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{E762A933-274B-4860-B066-A39FAB0838FD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{A7AA9E77-A9F4-4596-8AFD-4910FF258C3D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2956054) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{54F6ECE6-BAB4-4E7D-ADB0-072FC951A280}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8FDB127C-B5F8-459C-B3BF-098C4270201F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{82148027-13B5-4920-97F3-6A44A29B83D0}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8FDB127C-B5F8-459C-B3BF-098C4270201F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DEFF916D-4268-49CF-8FF3-E26253582E13}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{FC666DD5-8A58-401B-9B1E-2CBB451932E8}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DF548669-AAED-467B-A074-AE2B72A4A871}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2956129) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{433A91E3-5A83-41A6-828A-DCED3EE9EDA8}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VitalSource Bookshelf (HKLM-x32\...\{5a7d1457-77fa-4cd8-9796-fa3396f44c69}) (Version: 6.05.0037 - Ingram Content Group)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WebCam Installer (HKLM-x32\...\{AAE521B6-2F19-447F-8CB6-6D1E3A19F3ED}) (Version: 3.32 - WebCam)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
========================= Restore Points ==================================
 
12-02-2015 06:05:13 Windows Update
15-02-2015 13:02:48 Windows Update
16-02-2015 21:43:48 Removed Ventrilo Client for Windows x64
16-02-2015 21:44:36 Removed Mumble 1.2.8
19-02-2015 01:07:29 Windows Update
24-02-2015 23:47:18 Windows Update
 
**** End of log ****

C:\Program Files (x86)\Conduit\CT3289663\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application deleted - quarantined
C:\Users\Raymond Chin\AppData\Local\Temp\95A8_ccsetup326.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Raymond Chin\AppData\Local\Temp\airCCDE.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Raymond Chin\AppData\Local\Temp\airFDE0.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
C:\Users\Raymond Chin\AppData\Local\Temp\BackupSetup.exe MSIL/MyPCBackup.D potentially unwanted application deleted - quarantined
C:\Users\Raymond Chin\AppData\Local\Temp\tbInte.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\Users\Raymond Chin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6ee7768c-24a8d7e2 a variant of Java/Exploit.CVE-2013-0422.CF trojan cleaned by deleting - quarantined
C:\Users\Raymond Chin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\272d5f8-2cf682be multiple threats cleaned by deleting - quarantined

# AdwCleaner v4.111 - Logfile created 24/02/2015 at 20:35:50
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Raymond Chin - CHIN-PC
# Running from : C:\Users\Raymond Chin\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Raymond Chin\AppData\LocalLow\Conduit
File Deleted : C:\END
File Deleted : C:\Users\Raymond Chin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\Raymond Chin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Google Chrome v40.0.2214.115
 
 
-\\ Chromium v
 
 
*************************
 
AdwCleaner[R0].txt - [3357 bytes] - [24/02/2015 20:30:46]
AdwCleaner[S0].txt - [3173 bytes] - [24/02/2015 20:35:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3232  bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Raymond Chin on Tue 02/24/2015 at 20:41:52.77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/24/2015 at 20:44:20.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#4 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 26 February 2015 - 07:56 PM

It appears as if a Trojan was removed by ESET online scanner. I recommend you to go to the Malware Removal Logs forum for a closer look.

Please follow the preparation guide for posting in the Malware Removal Logs forum, and post a new topic called "Trojan detected, wonder what else is on my computer". Make sure to include a link back to this forum topic, so that BleepingComputer staff members can see the logs posted here.

 
C:\Users\Raymond Chin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6ee7768c-24a8d7e2 a variant of Java/Exploit.CVE-2013-0422.CF trojan cleaned by deleting - quarantined


#5 Eddie7

Eddie7

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:06:05 PM

Posted 26 February 2015 - 10:34 PM

It be a keyloggers or a trojan. I would run some scan on your computer first.

#6 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:08:05 PM

Posted 26 February 2015 - 11:47 PM

It be a keyloggers or a trojan. I would run some scan on your computer first.


Please follow the instructions given by jh1234l.

A member of the Malware Removal Team will help you. If needed, your helper will recommend other tools to use.

#7 rcjiang

rcjiang
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:05 PM

Posted 27 February 2015 - 08:36 AM

OMG this is horrible :(

 

I always see these java updates occasionally and i've always heard java has many security holes too :(

 

But if i see the java update pop up cause i'm going to a particular website I don't install . if i boot up pc and i go to google.com and it pops up saying i have an update on bottom right. I open tray and install :(

 

 

thank you jh1234l. i'll follow your further instructions but also wanted to check if i'm ok now since it was deleted?



#8 Phantom010

Phantom010

  • Members
  • 944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:09:05 PM

Posted 27 February 2015 - 11:08 AM

You haven't told us if you were making online transactions with your credit cards. If not, I'd be looking elsewhere...

 

Only surfing the Web, if your credit card informations aren't stored on your computer, will not get them stolen.

 

As for the Trojan, absolutely nothing tells us it's the culprit, and the tools you've run so far are pretty basic compared to the ones the malware removal team will have you run. So, more malware may be found.


Edited by Phantom010, 27 February 2015 - 11:08 AM.


Please stick around after posting. Helpers are never far. Don't disappear for a week!
Our help is free, so please have the courtesy to reply in a timely manner. Thank you!


#9 rcjiang

rcjiang
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:05 PM

Posted 27 February 2015 - 11:14 AM

You haven't told us if you were making online transactions with your credit cards. If not, I'd be looking elsewhere...

 

Only surfing the Web, if your credit card informations aren't stored on your computer, will not get them stolen.

 

As for the Trojan, absolutely nothing tells us it's the culprit, and the tools you've run so far are pretty basic compared to the ones the malware removal team will have you run. So, more malware may be found.

 

I do indeed make online purchases with the card that keeps getting compromised. In the last 6 months I think the only place i've bought anything is amazon and airlines and grubhub. 



#10 Phantom010

Phantom010

  • Members
  • 944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:09:05 PM

Posted 27 February 2015 - 12:06 PM

You can get all the porn you want on the Internet for free. So, never use your credit card on a porn site (not saying you did)!

 

Always be careful when making online transactions in WiFi hotspots. If you can, avoid them. You never know who could be in the middle...

 

Keep Windows up-to-date, and make sure your antivirus is enabled at all times with the latest definition updates. Also keep your firewall enabled, especially in WiFi hotspots.

 

If your credit card has a PIN number, always be careful when typing it in a machine. Credit card frauds are always possible (hidden camera in store...).

 

Does the credit card company know for a fact your card was compromised online?



Please stick around after posting. Helpers are never far. Don't disappear for a week!
Our help is free, so please have the courtesy to reply in a timely manner. Thank you!


#11 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:08:05 PM

Posted 28 February 2015 - 03:09 PM

Malware Removal Logs topic is here http://www.bleepingcomputer.com/forums/t/568516/trojan-detected-wonder-what-else-is-on-my-computer/

 

This topic is closed.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users