Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected?


  • Please log in to reply
12 replies to this topic

#1 NotaNerd63

NotaNerd63

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 14 February 2016 - 10:10 PM

I have 5 days left on Kaspersky Internet Security. I have had an ongoing problem with "cannot connect to server". Every time I go on my computer I do an update on antivirus software, check Google Chrome update (Chrome shows up in as vulnerability in scan-but when I go to settings I am told to go to cache 433--there isn't one). I have called Kaspersky monthly with this and even re-downloaded the program. I have been on Pinterest, which is causing my browser to jump around, YouTube and Facebook. I picked up Total Security today but am worried I may be infected and would like to get anything problematic out before I download this new product. I ran a virus scan on computer and it says there are no threats, but I noticed when I filled out my sign-up for this site, it wasn't printed as I typed it. My daughter is IT tech and said to get malware bytes. What do you suggest? Kaspersky is tired of hearing from me as I  am tired of calling.



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:07 AM

Posted 15 February 2016 - 09:06 AM

Welcome to BC...

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 NotaNerd63

NotaNerd63
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 25 February 2016 - 02:37 PM

Seems I have to type results. I have not done the Junkware Removal Tool yet. ESET was okay and did not create a log. I have an HP laptop running Windows 7 Home Premium Service Pack 1 (x64). I have AT&T wifi and they went into our computers in 2013 when we went from DSL to wireless.

 

Results of adwcleaner:

C:\ProgramFiles(x86)Conduit

C:\ProgramData\Ask

C:\ProgramData\Conduit

C:\Users\Administrator\AppData\Local\Conduit

C:\Users\Administrator\AppData\LocalLow\Conduit

C:\Users\Administrator\AppData\Roaming\SearchProtect

 

MBAM results:

 

Vendor                                                         Date                                        Type                                          Location

PUP.Optional.ConduitTB.Gen                       02/18/2016                             folder                                         ...t\CommunityAlerts

PUP.Optional.ScorpionSaver                        02/18/2016                             Registry key                              RE\ScorpionSaver

PUP.Optional.OptimizerPro                           02/18/2016                             folder                                         ...ing\OptimizerPro

PUP.Optional.AdPeak                                   02/18/2016                             Registry key                               RE\ScorpionSaver

PUP.Optional.DynConIE                               02/18/2016                             Registry key                               C-EDC606B80DB6

PUP.Optional.OptimizerPro                          02/18/2016                             folder                                           \OptimizerPro\Log

PUP.Optional.DealPly                                   02/18/2016                             file                                                ...m32\tasks\DealPly

PUP.Optional.MyPCBackup                         02/18/2016                             folder                                            ...(x86)MyPCBackup

PUP.Optional.DealPly                                   02/18/2016                             folder                                            ...Files(x86)DealPly

PUP.Optional.OptimizerPro                          02/18/2016                             folder                                           OptimizerPro\Undo

PUP.Optional.Conduit                                   02/18/2016                            Registry key                                  ConduitSearchScopes

PUP.Optional.OptimizerPro                          02/18/2016                             folder                                            OptimizerPro\Backup

PUP.Optional.DealPly                                   02/18/2016                             Registry key                                  ...CHE\TREE\DealPly

PUM.Optional.FireFox Search Override       02/18/2016                             file                                                 ...files\Backup\user.js

PUP.Optional.SearchProtect.AppFish          02/18/2016                             Registry key                                  B-F44D3EE87FA9}

PUP.Optional.MyPCBackup                         02/18/2016                             file                                                  RegisterExtensions.exe

PUP.Optional.MyPCBackup                         02/18/2016                             folder                                             (x86)MyPCBackup

PUP.Optional.DealPly                                  02/18/2016                             folder                                              files(x86)\DealPly

PUP.Optional.OptimizerPro                         02/18/2016                             folder                                              OptimizerPro\Undo

PUP.Optional.Conduit                                  02/18/2016                             Registry key                                    ConduitSearchScopes

PUP.Optional.OptimizerPro                         02/18/2016                              folder                                              OptimizerPro\Backup

 

ESET-there were no results and it did not create a log. I will do the whole thing over to see if anything new pops up.

 

I have 7 days left on the Malwarebytes and intend to buy it for 3 PC's. I have used Kaspersky since 2011 and last year it was just a constant source of irritation as that "cannot connect to my kaspersky portal" happened all year. In 2013 I was hacked by ransomware and had to take my laptop to Staples. They had found 30 viruses. Also Chrome and _old chrome showed up as a vulnerability so I removed it and downloaded FireFox, but I am sure it will show up on the vulnerability list as it did when I ran Kaspersky Internet Security. I just downloaded Kaspersky Total Security but today as I started up, I got the message "cannot connect to my kaspersky portal". I am assuming that I am not protected if it is not connecting?. Chrome runs better than FireFox in my opinion, but I don't know how to get that old chrome out and why would Chrome be a vulnerability? My habit is to update Kaspersky, update any windows updates. I go to my att account to check email, facebook, Pinterest, wikipedia, Netflix, YouTube, sometimes my bank account, and the bank says that site is within the bank-I can transfer money from saving to checking only. I do not use my card on the internet except when I ordered a cup last year from ReplacementsLtd.  I am not sure if I should run Windows 10 and have not put it on as there are things I use that I will lose if I do the download. Your recommendations?



#4 buddy215

buddy215

  • Moderator
  • 13,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:07 AM

Posted 26 February 2016 - 12:11 PM

Rerun MBAM and be sure to allow it to remove/ quarantine what it finds....select all for removal.

 

Rerun AdwCleaner and be sure to select Clean when the scan finishes. Allow it to delete/ quarantine all that it finds.

 

Run the JRT scan. Best to run it from the Desktop....not from downloads or elsewhere.

 

I don't know why you would need to type results....can you not simply copy and paste???

 

Not a good idea to upgrade to 10 for now. But if you have accepted all of the Windows updates you are likely being hassled about upgrading.

 

You can use Download Revo Uninstaller Freeware in Advanced Mode to uninstall Google Chrome.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 NotaNerd63

NotaNerd63
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 26 February 2016 - 01:28 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/18/2016
Scan Time: 10:50 PM
Logfile: Mbamresults.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.19.01
Rootkit Database: v2016.02.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Administrator

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342916
Time Elapsed: 28 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 6
PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [8508fd65e0b964d27dfc405ed23049b7],
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [14797ee4b8e16ccac8b9f2bca260f40c],
PUP.Optional.ScorpionSaver, HKLM\SOFTWARE\Scorpion Saver, , [256891d10990f73fcccc9c1f0bf81de3],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DealPly, , [474688da9900b383bcf66e74a36025db],
PUP.Optional.AdPeak, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, , [464759099801ae8803d28749b44fe917],
PUP.Optional.Conduit, HKU\S-1-5-21-2139079956-1489900270-2923202321-500\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, , [92fbabb7badfac8a89d99b422ad99c64],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 7
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit\Community Alerts, , [058822407920c373dfdc9d2e689a8c74],
PUP.Optional.DealPly, C:\Program Files (x86)\DealPly, , [8d005a088c0d1f17ad8f6c67ad55de22],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup, , [afde52105940cf678307954a25dd5ca4],
PUP.Optional.OptimizerPro, C:\Users\Administrator\AppData\Roaming\Optimizer Pro, , [93fa4e14831625118c0b33ad13ef0df3],
PUP.Optional.OptimizerPro, C:\Users\Administrator\AppData\Roaming\Optimizer Pro\Backup, , [93fa4e14831625118c0b33ad13ef0df3],
PUP.Optional.OptimizerPro, C:\Users\Administrator\AppData\Roaming\Optimizer Pro\Log, , [93fa4e14831625118c0b33ad13ef0df3],
PUP.Optional.OptimizerPro, C:\Users\Administrator\AppData\Roaming\Optimizer Pro\Undo, , [93fa4e14831625118c0b33ad13ef0df3],

Files: 3
PUP.Optional.DealPly, C:\Windows\System32\Tasks\DealPly, , [404d471bdfbae74fecb6c51dbb48cc34],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe, , [afde52105940cf678307954a25dd5ca4],
PUM.Optional.FireFoxSearchOverride, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\Backup\user.js, , [8b0269f9e5b496a0c99ca870867f11ef],

Physical Sectors: 0
(No malicious items detected)


(end)

 

~*~

 

# AdwCleaner v5.035 - Logfile created 19/02/2016 at 00:32:01
# Updated 18/02/2016 by Xplode
# Database : 2016-02-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Administrator - MAGGIE-HP
# Running from : C:\Users\Administrator\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Conduit
Folder Found : C:\Users\Administrator\AppData\Local\Conduit
Folder Found : C:\Users\Administrator\AppData\LocalLow\Conduit
Folder Found : C:\Users\Administrator\AppData\Roaming\SearchProtect

***** [ Files ] *****

File Found : C:\END

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKCU\Software\Classes\CLSID\{DB40EAF2-2025-4F74-B9EF-7C0782F26C84}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FED6A736-129B-49C7-857E-25FC91E87DB3}]
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A498D792D0AD2F4DADF03B3C066122B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C697F962E048A434B8AE269E702964C8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2436 bytes] ##########

 

Sorry, I am not a nerd (I needed help). The youngest finally helped me get this posted. Learn something new every day. Just an old lady and not very computer savvy. Thanks for your help.
 



#6 buddy215

buddy215

  • Moderator
  • 13,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:07 AM

Posted 26 February 2016 - 01:59 PM

You are not deleting or Quarantining what was found by both programs. The logs just show that they scanned and what they found.

Reread my post #4...


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 NotaNerd63

NotaNerd63
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 26 February 2016 - 07:00 PM

# AdwCleaner v5.036 - Logfile created 26/02/2016 at 13:31:32

# Updated 22/02/2016 by Xplode

# Database : 2016-02-24.1 [Server]

# Operating system : Windows 7 Home Premium Service Pack 1 (x64)

# Username : Administrator - MAGGIE-HP

# Running from : C:\Users\Administrator\Downloads\AdwCleaner(1).exe

# Option : Scan

# Support : http://toolslib.net/forum

 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

 

***** [ Files ] *****

 

 

***** [ DLL ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Web browsers ] *****

 

 

*************************

 

C:\AdwCleaner\AdwCleaner[C1].txt - [2756 bytes] - [19/02/2016 00:39:59]

C:\AdwCleaner\AdwCleaner[S1].txt - [2543 bytes] - [19/02/2016 00:32:01]

C:\AdwCleaner\AdwCleaner[S2].txt - [781 bytes] - [26/02/2016 13:31:32]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [853 bytes] ##########

 

~*~

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 2/26/2016

Scan Time: 5:45 PM

Logfile: 

Administrator: Yes

 

Version: 2.2.0.1024

Malware Database: v2016.02.26.07

Rootkit Database: v2016.02.17.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Administrator

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 344287

Time Elapsed: 24 min, 54 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Going to do Junkware next and then ESET


#8 NotaNerd63

NotaNerd63
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 26 February 2016 - 07:17 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.3 (02.09.2016)

Operating System: Windows 7 Home Premium x64 

Ran by Administrator (Administrator) on Fri 02/26/2016 at 19:10:10.92

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

File System: 24 

 

Successfully deleted: C:\Users\Administrator\AppData\Local\{0B02C1E2-E29E-45B6-AE1E-39877AE4E329} (Empty Folder)

Successfully deleted: C:\Users\Administrator\AppData\Local\{0C85350A-541D-4CAA-A1CD-1DEF954580EE} (Empty Folder)

Successfully deleted: C:\Users\Administrator\AppData\Local\{73B86DD0-C1DF-44AE-A7FA-FF553B541E9D} (Empty Folder)

Successfully deleted: C:\Windows\wininit.ini (File) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\639YPWRN (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\86UO9XAU (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HFK42EAA (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQOMY834 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWZHIPHG (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WY43Y7WV (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\639YPWRN (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\86UO9XAU (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HFK42EAA (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQOMY834 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWZHIPHG (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WY43Y7WV (Temporary Internet Files Folder) 

 

 

 

Registry: 3 

 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} (Registry Key)

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} (Registry Key)

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 02/26/2016 at 19:14:40.12

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Administrator (Administrator) on Fri 02/26/2016 at 19:10:10.92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by NotaNerd63, 26 February 2016 - 07:58 PM.


#9 buddy215

buddy215

  • Moderator
  • 13,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:07 AM

Posted 26 February 2016 - 07:54 PM

Open CCleaner and on the left click on Uninstall. You will now see a list of installed programs.

At the bottom right of that page you will see a button when clicked on will allow you to copy and paste that

list of installed programs into your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 NotaNerd63

NotaNerd63
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 26 February 2016 - 08:32 PM

ESET had nothing again. OMG! Sorry about the 10 copies. Moral of story, watch out for old ladies on computers. Kaspersky is undergoing upgrades at their end. This weekend I will purchase the Malwarebytes. Many thanks for your help. I did forget that on facebook my ex-mother-in-law had been hacked and there was a friend's request from her....should have looked before I clicked. Sorry for the trouble and thanks again.

 

Adobe Acrobat Reader DC Adobe Systems Incorporated 2/17/2016 193 MB 15.010.20059

Adobe Flash Player 20 ActiveX Adobe Systems Incorporated 2/9/2016 7.84 MB 20.0.0.306

Adobe Flash Player 20 NPAPI Adobe Systems Incorporated 2/9/2016 8.40 MB 20.0.0.306

AMD System Monitor Advanced Micro Devices, Inc. 6/28/2011 1.47 MB 1.0.5

ATI Catalyst Install Manager ATI Technologies, Inc. 6/28/2011 22.4 MB 3.0.820.0

Blio K-NFB Reading Technology, Inc. 4/28/2011 37.7 MB 2.2.6699

Broadcom 2070 Bluetooth 3.0 Broadcom Corporation 6/28/2011 183 MB 6.3.0.6300

Broadcom 802.11 Wireless LAN Adapter Broadcom Corporation 6/28/2011 5.60.48.61

CCleaner Piriform 2/18/2016 5.14

CyberLink PowerDVD 10 CyberLink Corp. 6/28/2011 226 MB 10.0.3.2714

CyberLink YouCam CyberLink Corp. 6/28/2011 124 MB 3.5.1.3922

Energy Star Digital Logo Hewlett-Packard 6/28/2011 300 KB 1.0.1

Evernote v. 4.2.2 Evernote Corp. 4/28/2011 139 MB 4.2.2.3979

Google Chrome Google Inc. 2/26/2016 48.0.2564.116

HP 3D DriveGuard Hewlett-Packard Company 6/28/2011 6.99 MB 4.1.5.1

HP Connection Manager Hewlett-Packard Company 6/28/2011 33.4 MB 4.0.45.1

HP Documentation Hewlett-Packard 6/28/2011 336 MB 1.2.0.0

HP DVB-T TV Tuner 8.0.64.43 6/28/2011 8.0.64.43

HP MovieStore Hewlett-Packard 6/28/2011 96.6 MB 2.0

HP On Screen Display Hewlett-Packard Company 4/28/2011 1.43 MB 1.1.2

HP Power Manager Hewlett-Packard Company 6/28/2011 3.61 MB 1.2.1

HP Quick Launch Hewlett-Packard Company 4/28/2011 7.14 MB 2.3.6

HP Setup Hewlett-Packard Company 4/28/2011 8.6.4530.3651

HP Setup Manager Hewlett-Packard Company 6/28/2011 8.30 MB 1.1.13253.3682

HP SimplePass 2011 Hewlett-Packard 6/28/2011 50.6 MB 5.1.0.495

HP Software Framework Hewlett-Packard Company 4/28/2011 2.81 MB 4.0.110.1

HP Support Assistant 3/2/2012

IDT Audio IDT 6/28/2011 1.0.6329.0

Kaspersky Total Security Kaspersky Lab 2/19/2016 16.0.0.614

Level Quality Watcher 4/28/2011

Malwarebytes Anti-Malware version 2.2.0.1024 Malwarebytes 2/18/2016 66.0 MB 2.2.0.1024

Microsoft .NET Framework 4.6.1 Microsoft Corporation 1/27/2016 38.8 MB 4.6.01055

Microsoft Office Home and Student 2010 Microsoft Corporation 7/30/2013 14.0.7015.1000

Microsoft Silverlight Microsoft Corporation 1/14/2016 447 MB 5.1.41212.0

Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 4/28/2011 1.69 MB 3.1.0000

Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2/23/2013 296 KB 8.0.61001

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 4/28/2011 788 KB 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 6/28/2011 784 KB 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2/23/2013 788 KB 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 6/28/2011 592 KB 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2/23/2013 600 KB 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 2/12/2015 13.8 MB 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 2/12/2015 11.1 MB 10.0.40219

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2/12/2015 10.0.50903

MSXML 4.0 SP2 (KB954430) Microsoft Corporation 3/4/2012 1.27 MB 4.20.9870.0

MSXML 4.0 SP2 (KB973688) Microsoft Corporation 3/4/2012 1.33 MB 4.20.9876.0

MSXML 4.0 SP3 Parser Microsoft Corporation 4/22/2012 1.47 MB 4.30.2100.0

MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 7/12/2012 1.53 MB 4.30.2114.0

MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 1/10/2013 1.54 MB 4.30.2117.0

MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 4/23/2012 1.53 MB 4.30.2107.0

PlayMemories Home Sony Corporation 7/22/2015 4.3.01.06011

PlayReady PC Runtime x86 Microsoft Corporation 4/28/2011 1.65 MB 1.3.0

Realtek Ethernet Controller Driver Realtek 6/28/2011 7.41.216.2011

Realtek PCIE Card Reader Realtek Semiconductor Corp. 6/28/2011 6.1.7600.80

Revo Uninstaller Pro 3.1.5 VS Revo Group, Ltd. 2/26/2016 37.7 MB 3.1.5

RoxioNow Player RoxioNow 4/28/2011 10.9 MB 1.9.5.103

Synaptics TouchPad Driver Synaptics Incorporated 8/25/2013 46.4 MB 15.3.29.0

Validity WBF DDK Validity Sensors, Inc. 6/28/2011 22.6 MB 4.3.118.0

Windows Live Essentials Microsoft Corporation 4/28/2011 15.4.3508.1109

Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 4/28/2011 5.57 MB 15.4.5722.2


Edited by NotaNerd63, 26 February 2016 - 08:35 PM.


#11 buddy215

buddy215

  • Moderator
  • 13,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:07 AM

Posted 26 February 2016 - 08:54 PM

Unless you are still seeing a lot of ads or your searches are being misdirected....you are good to go.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 NotaNerd63

NotaNerd63
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 26 February 2016 - 08:58 PM

Thanks so much.



#13 buddy215

buddy215

  • Moderator
  • 13,131 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:07 AM

Posted 26 February 2016 - 09:16 PM

You're welcome....happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users