[spidergirl79]

Um I guess I should browse the web then to see if I get any redirects. It seems okay, I havent seen the Utop.it widget in a while.

[Advertisements]

Yes do that and see how things go.

 

There are some leftovers of Avira still showing in your logs. They are not active now and won't interfere with your PC but if you do decide at some point that you do want to remove them you could try re-installing Avira and then uninstalling it again. Hopefully it will take everything with it in the uninstall. AVs are notorious for leaving bits and pieces behind.

 

Come back and tell how your browsing goes.

 

After that and all going well, I will give you some instructions to clear away the tools we have been using.

[emeraldnzl]

Yes do that and see how things go.

 

There are some leftovers of Avira still showing in your logs. They are not active now and won't interfere with your PC but if you do decide at some point that you do want to remove them you could try re-installing Avira and then uninstalling it again. Hopefully it will take everything with it in the uninstall. AVs are notorious for leaving bits and pieces behind.

 

Come back and tell how your browsing goes.

 

After that and all going well, I will give you some instructions to clear away the tools we have been using.

[emeraldnzl]

Further to my last post.

 

The FRST log shows your System Drive (C: drive) as only having 1.47 GB (1.26%) space free. There is less then 5% of your drive free. You are in danger of messing up the Master File Table of your computer.

Under 15% free is less than optimum.

I suggest you uninstall any old programs and back up and remove any data you don't need. Maybe you can move some data to drive D:

[spidergirl79]

Some movies I bought from Itunes are probably the major cloggers. I'll run windirstat to see where these problem is. It wasn't like that until very recently. I'm still browsing around. Nothing so far. Soooo about those things from France/Isreal...does that mean my computer was being spied on or something from people from those countries? What did those mean? I'm pretty good with computers generally, but am illiterate compared to computer geeks.

[emeraldnzl]

Hello again spidergirl79,
 

Soooo about those things from France/Isreal...does that mean my computer was being spied on or something from people from those countries?

 
I don't know for sure but when I research those entries I find that most infections are in Europe. One site reports that the changes are made by an unwanted program CloudScout which has an executable called Cloudguard.exe.
 
That fits in with your opening post statement about CloudScout. I think it likely just redirects you browsers but if it were me, I would play safe and change all my passwords and monitor my credit card and banking accounts to make sure nothing untoward is going on.
 

I'm still browsing around. Nothing so far.

 
Great news.
 
Unless problems have surfaced since you posted that then I think you are good to go.
 
We have a couple of last steps to perform and then you're all set.

To clear away the tools we have been using download Delfix from here.

Put a check (tick) in the following boxes:

• Remove disinfection tools
• Purge System Restore
• Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.
 
 
-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

So many of us use Facebook nowadays. Go here for a guide to Facebook security.

------------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

• Download Java for Windows
  
  Reboot your computer.
  You also need to unininstall older versions of Java.
  
     
• Click Start > Control Panel > Add or Remove Programs
     
• Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!

[spidergirl79]

Thank you! here is the txt:

 

# DelFix v10.8 - Logfile created 05/12/2014 at 14:47:03

# Updated 29/07/2014 by Xplode

# Username : Margaret JOH - MARGARETJOH-PC

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

 

~ Removing disinfection tools ...

 

Deleted : C:\Qoobox

Deleted : C:\FRST

Deleted : C:\AdwCleaner

Deleted : C:\AdwCleanerDebug.txt

Deleted : C:\AdwCleaner[R1].txt

Deleted : C:\AdwCleaner[R2].txt

Deleted : C:\AdwCleaner[S1].txt

Deleted : C:\ComboFix.txt

Deleted : C:\Users\Margaret JOH\Downloads\Desktop\Addition.txt

Deleted : C:\Users\Margaret JOH\Downloads\Desktop\AdwCleaner.exe

Deleted : C:\Users\Margaret JOH\Downloads\Desktop\FRST.txt

Deleted : C:\Users\Margaret JOH\Downloads\Desktop\FRST64.exe

Deleted : C:\Users\Margaret JOH\Downloads\Desktop\JRT (1).exe

Deleted : C:\Users\Margaret JOH\Downloads\ComboFix.exe

Deleted : C:\Users\Margaret JOH\Downloads\DDS_Nightcrawler09_AF_AM.zip

Deleted : C:\Users\Margaret JOH\Downloads\esetsmartinstaller_enu(1).exe

Deleted : C:\Users\Margaret JOH\Downloads\esetsmartinstaller_enu.exe

Deleted : C:\Users\Margaret JOH\Downloads\Extras.Txt

Deleted : C:\Users\Margaret JOH\Downloads\FSS.exe

Deleted : C:\Users\Margaret JOH\Downloads\FSS.txt

Deleted : C:\Users\Margaret JOH\Downloads\JRT.exe

Deleted : C:\Users\Margaret JOH\Downloads\hijackthis.log

Deleted : C:\Users\Margaret JOH\Downloads\OTL.Txt

Deleted : C:\Users\Margaret JOH\Downloads\OTL (1).exe

Deleted : C:\Users\Margaret JOH\Downloads\OTL.exe

Deleted : C:\Users\Margaret JOH\Downloads\rkill.exe

Deleted : C:\Users\Margaret JOH\Downloads\rkill64.exe

Deleted : C:\Windows\grep.exe

Deleted : C:\Windows\PEV.exe

Deleted : C:\Windows\NIRCMD.exe

Deleted : C:\Windows\MBR.exe

Deleted : C:\Windows\SED.exe

Deleted : C:\Windows\SWREG.exe

Deleted : C:\Windows\SWSC.exe

Deleted : C:\Windows\SWXCACLS.exe

Deleted : C:\Windows\Zip.exe

Deleted : HKLM\SOFTWARE\OldTimer Tools

Deleted : HKLM\SOFTWARE\AdwCleaner

Deleted : HKLM\SOFTWARE\Swearware

Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

 

~ Cleaning system restore ...

 

Deleted : RP #461 [Removed AVG 2015 | 12/03/2014 03:53:07]

Deleted : RP #462 [Removed AVG 2015 | 12/03/2014 03:54:22]

Deleted : RP #463 [avast! antivirus system restore point | 12/03/2014 04:00:40]

Deleted : RP #464 [Windows Update | 12/03/2014 04:09:46]

Deleted : RP #466 [Revo Uninstaller Pro's restore point - ShowPass Smartbar Engine | 12/04/2014 09:09:52]

Deleted : RP #468 [Revo Uninstaller Pro's restore point - AVG 2015 | 12/04/2014 09:13:41]

Deleted : RP #469 [Removed Boingo Wi-Fi | 12/05/2014 08:16:18]

Deleted : RP #470 [Removed Skype™ 6.11 | 12/05/2014 08:18:05]

Deleted : RP #472 [Removed service pack backup files | 12/05/2014 08:41:11]

Deleted : RP #474 [Revo Uninstaller Pro's restore point - Facebook Messenger 2.1.4814.0 | 12/05/2014 10:24:08]

 

New restore point created !

 

########## - EOF - ##########

[spidergirl79]

Last night I did a little disc clean up to empty up some space on my C:, I got about 12 gig free, WOW after running that tool I went from 12 gig free to 34!! NICE 

[emeraldnzl]

Glad it's working for you.

 

I will keep this topic open for a day two in case any issues arise.

[spidergirl79]

Awesome! Sorry I couldn't donate more, I'm currently between jobs! I really appreciate the help, thanks so much.

[emeraldnzl]

 

Sorry I couldn't donate more, I'm currently between jobs!

 

 

Donation is not important or required but very nice of you to think  of it.
 

thanks so much.

 
You are very welcome.

[spidergirl79]

[emeraldnzl]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.