[andydude00]

Could you clarify the steps I am sorry I do not understand? Also this brought onetab back, though it lost all links(not a problem though). What other steps do we take to make sure I am not infected anymore? I see a redirect every once in a while but its not a regular occurrence. 

[Advertisements]

Let us run through some checks with a few scanners that look at other areas of your system and then go from there.

 

FIRST >>>>

Junkware Removal Tool
Please download JRT from here to your desktop.

Note: Temporarily disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.

Double click the JRT.exe file to run the application.

The application will open an Command Prompt window and run from there (this is normal for this program, so not to be alarmed).

When it is asked, press any key to allow the program to continue / run.

This will create a log on the desktop; please copy and paste the JRT.txt log text in your next post.

Note: After the log file is created, please enable your protection software / reboot your system and verify your protection software is enabled.


SECOND >>>>

AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
You will see the following console:


Click the Scan button and wait for the scan to finish.

After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Waiting for action. Please uncheck elements you don't want to remove.

Click the Clean button.

Everything checked will be deleted.

When the program has finished cleaning a report appears.

Once done it will ask to reboot, allow this


On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

Optional:
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.


LAST >>>>

Malwarebytes' Anti-Malware
Please start Malwarebytes' Anti-Malware.

When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link


Once the program has loaded and updated, select "Scan Now >>" to start the scan.


The scan may take some time to finish, so please be patient.

If any malware is found, you will be presented with a screen like the one below.


If any malware is found, make sure that everything is checked, and click Remove Selected.
When the scan is complete, click [font color="#0000ff"]View detailed log >>[/font] to view the results.
The report screen will open.
At the bottom click on Export and select as txt file, save the file to your desktop and click OK.  When the export is complete, select OPEN.
The log file will be opened in your default text file viewer (usually Notepad); select the whole text (Ctrl + A) and copy (Ctrl + c) it to paste here in a reply.
 

[dbreeze]

Let us run through some checks with a few scanners that look at other areas of your system and then go from there.

 

FIRST >>>>

Junkware Removal Tool
Please download JRT from here to your desktop.

Note: Temporarily disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.

Double click the JRT.exe file to run the application.

The application will open an Command Prompt window and run from there (this is normal for this program, so not to be alarmed).

When it is asked, press any key to allow the program to continue / run.

This will create a log on the desktop; please copy and paste the JRT.txt log text in your next post.

Note: After the log file is created, please enable your protection software / reboot your system and verify your protection software is enabled.


SECOND >>>>

AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
You will see the following console:


Click the Scan button and wait for the scan to finish.

After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Waiting for action. Please uncheck elements you don't want to remove.

Click the Clean button.

Everything checked will be deleted.

When the program has finished cleaning a report appears.

Once done it will ask to reboot, allow this


On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

Optional:
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.


LAST >>>>

Malwarebytes' Anti-Malware
Please start Malwarebytes' Anti-Malware.

When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link


Once the program has loaded and updated, select "Scan Now >>" to start the scan.


The scan may take some time to finish, so please be patient.

If any malware is found, you will be presented with a screen like the one below.


If any malware is found, make sure that everything is checked, and click Remove Selected.
When the scan is complete, click [font color="#0000ff"]View detailed log >>[/font] to view the results.
The report screen will open.
At the bottom click on Export and select as txt file, save the file to your desktop and click OK.  When the export is complete, select OPEN.
The log file will be opened in your default text file viewer (usually Notepad); select the whole text (Ctrl + A) and copy (Ctrl + c) it to paste here in a reply.
 

[andydude00]

Will do in the morning. Sorry for not posting earlier work has been rough.

[andydude00]

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.7 (07.03.2016)

Operating System: Windows 10 Home x64 

Ran by User (Administrator) on Tue 08/23/2016 at  0:16:54.94

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

File System: 8 

 

Successfully deleted: C:\ProgramData\1467008746.bdinstall.bin (File) 

Successfully deleted: C:\ProgramData\1469654400.bdinstall.bin (File) 

Successfully deleted: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla (Folder) 

Successfully deleted: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ajpgkpeckebdhofmmjfgcjjiiejpodla_0.localstorage-journal (File) 

Successfully deleted: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ajpgkpeckebdhofmmjfgcjjiiejpodla_0.localstorage (File) 

Successfully deleted: C:\WINDOWS\prefetch\YOUTUBEFREEDOWNLOADER.EXE-52E1304F.pf (File) 

Successfully deleted: C:\WINDOWS\SysWOW64\REN51F6.tmp (File) 

Successfully deleted: C:\WINDOWS\SysWOW64\RENB06F.tmp (File) 

 

 

 

Registry: 1 

 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE (Registry Value) 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 08/23/2016 at  0:18:24.33

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[andydude00]

ADW 

 

      # AdwCleaner v6.010 - Logfile created 25/08/2016 at 02:16:10

# Updated on 12/08/2016 by ToolsLib

# Database : 2016-08-24.2 [Server]

# Operating System : Windows 10 Home  (X64)

# Username : User - OWNER

# Running from : C:\Users\User\Downloads\adwcleaner_6.010.exe

# Mode: Scan

# Support : https://toolslib.net/forum

 

 

 

***** [ Services ] *****

 

No malicious services found.

 

 

***** [ Folders ] *****

 

No malicious folders found.

 

 

***** [ Files ] *****

 

No malicious files found.

 

 

***** [ DLL ] *****

 

No malicious DLLs found.

 

 

***** [ WMI ] *****

 

No malicious keys found.

 

 

***** [ Shortcuts ] *****

 

No infected shortcut found.

 

 

***** [ Scheduled Tasks ] *****

 

No malicious task found.

 

 

***** [ Registry ] *****

 

Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

 

 

***** [ Web browsers ] *****

 

No malicious Firefox based browser items found.

No malicious Chromium based browser items found.

 

*************************

 

C:\AdwCleaner\AdwCleaner[C1].txt - [6105 Bytes] - [25/06/2016 01:28:51]

C:\AdwCleaner\AdwCleaner[S1].txt - [5715 Bytes] - [25/06/2016 01:25:58]

C:\AdwCleaner\AdwCleaner[S2].txt - [1251 Bytes] - [25/08/2016 02:16:10]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1324 Bytes] ##########

 

 

 

  # AdwCleaner v5.200 - Logfile created 25/06/2016 at 01:25:58

# Updated 14/06/2016 by ToolsLib

# Database : 2016-06-23.1 [Server]

# Operating system : Windows 8.1  (X64)

# Username : User - OWNER

# Running from : C:\Users\User\Downloads\adwcleaner_5.200.exe

# Option : Scan

# Support : https://toolslib.net/forum

 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

Folder Found : C:\Program Files (x86)\Digital Coupon Printer

Folder Found : C:\Users\User\AppData\Local\PackageAware

Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall

 

***** [ Files ] *****

 

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_getresultshub-a.akamaihd.net_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_getresultshub-a.akamaihd.net_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_audioinbox.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_audioinbox.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_land.pckeeper.software_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_land.pckeeper.software_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ocdn01.topsmartdeals.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ocdn01.topsmartdeals.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searchassist.verizon.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searchassist.verizon.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.adnetworkperformance.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.adnetworkperformance.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.terraclicks.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.terraclicks.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.uploadedtab.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.uploadedtab.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage

File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage

File Found : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

File Found : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage

File Found : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

 

***** [ DLL ] *****

 

 

***** [ WMI ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Web browsers ] *****

 

[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : chphlpgkkbolifaimnlloiipkdnihall

 

*************************

 

C:\AdwCleaner\AdwCleaner[S1].txt - [5563 bytes] - [25/06/2016 01:25:58]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5636 bytes] ##########

[dbreeze]

Can you post this log please?  C:\AdwCleaner\AdwCleaner[C1].txt

[andydude00]

 # AdwCleaner v5.200 - Logfile created 25/06/2016 at 01:28:51

# Updated 14/06/2016 by ToolsLib

# Database : 2016-06-23.1 [Server]

# Operating system : Windows 8.1  (X64)

# Username : User - OWNER

# Running from : C:\Users\User\Downloads\adwcleaner_5.200.exe

# Option : Clean

# Support : https://toolslib.net/forum

 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

[-] Folder Deleted : C:\Program Files (x86)\Digital Coupon Printer

[-] Folder Deleted : C:\Users\User\AppData\Local\PackageAware

[-] Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall

 

***** [ Files ] *****

 

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_getresultshub-a.akamaihd.net_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_getresultshub-a.akamaihd.net_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_audioinbox.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_audioinbox.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_land.pckeeper.software_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_land.pckeeper.software_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ocdn01.topsmartdeals.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ocdn01.topsmartdeals.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searchassist.verizon.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searchassist.verizon.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.adnetworkperformance.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.adnetworkperformance.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.terraclicks.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.terraclicks.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.uploadedtab.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.uploadedtab.com_0.localstorage-journal

[#] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage

[#] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

[-] File Deleted : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage

[-] File Deleted : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

[#] File Deleted : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage

[#] File Deleted : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

 

***** [ DLLs ] *****

 

 

***** [ WMI ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Web browsers ] *****

 

[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chphlpgkkbolifaimnlloiipkdnihall

 

*************************

 

:: "Tracing" keys deleted

:: Winsock settings cleared

 

*************************

 

C:\AdwCleaner\AdwCleaner[C1].txt - [5880 bytes] - [25/06/2016 01:28:51]

C:\AdwCleaner\AdwCleaner[S1].txt - [5715 bytes] - [25/06/2016 01:25:58]

 

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6026 bytes] ##########

[dbreeze]

Thanks.  Does Malwarebytes find anything?  How is your system running now?

[andydude00]

Malware found 2 things and it cleaned them. The computer is running good, but I worry that there is some sort of virus on here even though I rarely get the pop ups. Is my computer clean enough for me to do online banking? Thank you for all of the help.

[andydude00]

Malware found 2 things and it cleaned them. The computer is running good, but I worry that there is some sort of virus on here even though I rarely get the pop ups. Is my computer clean enough for me to do online banking? Thank you for all of the help.

[dbreeze]

If you ran a scan with MBAM to find those items, then the log file should be in History > App Logs > Scan log.  Double click on this to open the report window and click on Export > Copy to Clipboard and Paste the report in a reply here.

 

You have Win8.1 with Bitdefender Total Security 2016; this should be a fine combination if BD is up to date and active (there should be no conflicts with Win8.1 and BD).  Do you have the security running in AutoPilot mode?

[andydude00]

MBAM Log

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 9/3/2016

Scan Time: 12:30 PM

Logfile: 

Administrator: Yes

 

Version: 2.2.1.1043

Malware Database: v2016.09.03.05

Rootkit Database: v2016.08.15.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 10

CPU: x64

File System: NTFS

User: User

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 347602

Time Elapsed: 10 min, 59 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 2

PUP.Optional.OnClickAds, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage, Quarantined, [9031f5782c6ed165194707e2030023dd], 

PUP.Optional.OnClickAds, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage-journal, Quarantined, [3b867feec9d137ff93cde603b350649c], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

[andydude00]

Security is running in autopilot mode. Bitdefender is 2016.

[dbreeze]

SafePay (part of Bitdefender TS 2016) should be enough to do your online banking safely.  I would not do the banking through the regular browser as there is (or at lest was) too many ad trackers in it.

 

Does MBAM or AdwCleaner find anything now?

[andydude00]

They have not found anything. Is there anything we can do to make my computer safe enough where I don't have to worry? What can we do to remove the trackers? What can I do to prevent more trackers from coming? Thanks!