Artemis Trojan and Co
#16
Posted 15 January 2015 - 12:13 PM
#17
Posted 15 January 2015 - 12:17 PM
#18
Posted 15 January 2015 - 12:26 PM
#19
Posted 15 January 2015 - 12:55 PM
Ok
Attached Files
#20
Posted 15 January 2015 - 12:58 PM
Does IE have the same problems?
#21
Posted 15 January 2015 - 01:24 PM
Slightly better. Flickering slowed again.It will have moments when it's processing high and seems to get all weird. I noticed too that Adobe Flash player 16.0 r0 32 bit will sometimes run high in memory. I think depending on what website I'm on. Not sure yet since I'm just paying more attention to it lately. Also I see two of these background processes. Is that normal.Only one will read high and the other will be low.
IE is ok for now. When I did all I mentioned to it yesterday, while searching on Bing some of its graphiics disappeared and some of its lettering that suppose to be white were blue. That lasted until I restarted IE then no more issues with it. Also, while I was on Facebook last night I clicked thier icon to get back to my main page and I recieved a pop up asking if I wanted to leave this page or stay on it. I would stay and kept clicking another link to take me to my other page and I go the same message. I closed it out and reopened with no problems.
#22
Posted 15 January 2015 - 01:29 PM
Meant to say that most issues I been having with redirect attempts and so on has been on Firefox. Like I mentioned at the start, what ever I use often I began to have issues. I use Firefox often now, but it was Chrome that I used 90% of the time. IE seldom.
#23
Posted 15 January 2015 - 01:45 PM
Please download and run this tool, and post the report for me: http://www.bleepingc...ortcut-cleaner/
#24
Posted 15 January 2015 - 02:04 PM
Yes.Shortcut Cleaner 1.3.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingc...ortcut-cleaner/
Windows Version: Windows 8.1
Program started at: 01/15/2015 03:02:27 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\OpheliaR\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\OpheliaR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\OpheliaR\Desktop
0 bad shortcuts found.
Program finished at: 01/15/2015 03:02:29 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)
#25
Posted 15 January 2015 - 02:17 PM
When you are re-directed, what kind of sites are you sent to?
#26
Posted 15 January 2015 - 02:50 PM
Same site, but a link thats on the site will open at any time. No particular site and it's not constant, but enough to have me concerned. On this site the times I post will be a different post time next time I log in. That's another thing. I can log out and close tab, just to come back to site and I'm still logged in. That happens on both IE and Firefox on several sites I use often and on Chrome when I had it. One time I logged out of a game that I use only one of my email addresses and next time I played it another of my email address was entered in it. I probably cleared out most of the junk through various scans prior to inquiring about it.
#27
Posted 16 January 2015 - 12:38 PM
Step 1: Run SecurityCheck
Download Security Check by screen317 from here or here.
- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Please download Malwarebytes' Anti-Malware from Here.
Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
- Select the language and click OK.
- Accept the agreement
- Please uncheck the box next to Enable the Free Trial (unless you would like to try it) and check the box next to Launch Malwarebytes' Anti-Malware, then click on finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Scan Now".
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click on Quarantine All,.
- When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
- Upon restart, launch Malwarebytes Antimalware and select History.
- Double click on the last scan done, then on Copy to Clipboard.
- To submit your reply, click on Add Reply, then right click on the window and select Paste.
- Submit your reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
Step 3: Run online scan.
Run ESET Online Scanner:
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
- Please go here then click on:
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
- Select the option YES, I accept the Terms of Use then click on:
- When prompted allow the Add-On/Active X to install.
- Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
- Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on:
- The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically. The scan may take several hours.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
- Now click on:
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Things I need in your next reply:
- SecurityCheck log
- MBAM log
- ESET log
- How is the computer running now?
#28
Posted 17 January 2015 - 07:45 AM
Much better performance since my last reply.......
Results of screen317's Security Check version 0.99.93
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 16.0.0.257
Mozilla Firefox (35.0)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Malwarebytes Anti-Exploit mbae-svc.exe
Malwarebytes Anti-Exploit mbae64.exe
Malwarebytes Anti-Exploit mbae.exe
Windows Defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 1/17/2015
Scan Time: 3:01:14 AM
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.17.01
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: OpheliaR
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 451082
Time Elapsed: 1 hr, 1 min, 22 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1b589d04af633944ad8c4664b803c953
# engine=21842
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-01-07 10:16:28
# local_time=2015-01-07 05:16:28 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5129 16777214 100 97 233962 106922004 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 44585481 0 0
# scanned=330658
# found=12
# cleaned=8
# scan_time=40470
sh=15306C92941D1B8CA6105A359566DC15C78FDE87 ft=0 fh=0000000000000000 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\OpheliaR\AppData\Local\Temp\rninst~0\ui_data\stubinst_pkg_en-us.cab"
sh=8F510D9BFD520EAFBA846BC618C8B704B2A2464A ft=1 fh=8adad6b861d75364 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="C:\Users\OpheliaR\AppData\Local\Temp\rninst~0\ui_data\ask\ASKInstaller.exe"
sh=69B97D06E0549BC68C233B7692B2950CB90F2040 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="C:\Users\OpheliaR\AppData\Local\Temp\rninst~0\ui_data\ask\ask_en.cab"
sh=1CC66D39A1BAF4B3282897FF951FD6AFCD022269 ft=1 fh=d70db284cac258da vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\OpheliaR\AppData\Local\Temp\rninst~0\ui_data\inst_config\OCSetupHlp.dll"
sh=15306C92941D1B8CA6105A359566DC15C78FDE87 ft=0 fh=0000000000000000 vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\OpheliaR\AppData\Local\Microsoft\Windows\INetCache\IE\6NEB4OBW\stubinst_pkg_en-us[1].cab"
sh=69B97D06E0549BC68C233B7692B2950CB90F2040 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\OpheliaR\AppData\Local\Microsoft\Windows\INetCache\IE\EV9OVO90\ask_en[1].cab"
sh=1997580424FE070468F692B8F4641BF9B30BC5D0 ft=1 fh=24659b6f80c7090d vn="Win32/Toolbar.Montiera.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\OpheliaR\Desktop\Old Firefox Data\tc97cbjx.default\extensions\[email protected]\uninstall.exe"
sh=205EA3A873C765FF2E0F78FB1834D6EB44C21BF3 ft=1 fh=a409751ddc77dac3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\OpheliaR\Downloads\ccsetup501.exe"
sh=46333729F6FAC1BC033402486DD15592B3622599 ft=1 fh=c1cae6d82910f6dd vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\OpheliaR\Downloads\zaSetupWeb_133_209_000-5400_123.exe"
sh=9B5AA9D21F25F281DCD07094AAEE9BD4CF03F12D ft=1 fh=1c058e4f2945e215 vn="Win32/Toolbar.Montiera.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Users\OpheliaR\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall.exe"
sh=8490554F15357EA162494EE1763509959F3EBAEB ft=1 fh=58b66b725959d138 vn="Win32/Toolbar.Montiera.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Users\OpheliaR\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall_d.exe"
sh=E4772585CEB9AA369A292D03667C7AA76E9EA04A ft=1 fh=274da3f94e245cf7 vn="Win32/Toolbar.Montiera.E potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows.old\Users\OpheliaR\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm4ffx.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1b589d04af633944ad8c4664b803c953
# engine=22013
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-01-17 01:14:22
# local_time=2015-01-17 08:14:22 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 11718381 0 0
# scanned=328243
# found=0
# cleaned=0
# scan_time=14301
#29
Posted 19 January 2015 - 09:55 AM
Download TFC to your desktop
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
#30
Posted 19 January 2015 - 11:06 AM
Okay. Temp files done. Really I have just a few questions and just deal with the minor stuff later.
You asked if I reinstalled Windows. What was the indicator and should I be concerned? This weekend I checked my other user sides and so far so good. They both started up as if it was the first time I been on them. Again, I did refresh and had one restore within last couple months. So will that show up as a reinstall?
What causes about:blank to replace my homepage on IE?
Also is there another way to uninstall Chrome so I can reinstall it? On MalwareBytes Anti-Exploit its shows up under the tab Shields, says Google Chrome (and plug-ins) as an application and under Filename says chrome.exe, but I can't seem to find it. I want to get rid of all it's contents. It was one of the apps that messed up badly at the start of all this. Other than that, I thank you for your help and patience.
Edited by GeekGirl40, 19 January 2015 - 11:07 AM.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users