Paperi

A tiny update thought would be good to tell. Closed the browser I run in a sandbox and I have it enabled to purge everything thats in the sandbox when it closes. But I still found two cookies bitdefender reads as viruses. Also google again thinks I'm a bot. Any help?

Bump.

A tiny update, thought it would help so ran a quick & full scan with Malwarebytes & Windows Malicious Software Removal Tool. All came out clean. Here is the log from Malwarebytes full scan. Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2014.03.29.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16521 Koti :: KOTI-PC [administrator] Protection: Enabled 30.3.2014 3:38:17 mbam-log-2014-03-30 (03-38-17).txt Scan type: Full scan (C:\|D:\|E:\|G:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 612056 Time elapsed: 1 hour(s), 21 minute(s), 11 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Oddly enough I seem to have the same issue. Used Open DNS & Spybot Proxy, websites denied access. When I enabled default setting & disabled the proxy they started working, started suddenly so no idea what could be the issue.

Derp, sorry about that post. Noscript was blocking this. Posting that below, pardon again. Hello there, So recently my email was hacked and I received a virus to my computer. Changed my password and put an extra layer of security on my email & reformated the drive which Windows was installed on and then reinstalled it. Ran AV scans with couple different full AV programs. Bitdefender, Malwarebytes & Spybot, nothing comes up on last two but on Bitdefender I keep getting Cookies as viruses, also for some reason the scan settings keep changing every time I start a scan, even when the settings are on manual. Also now google thinks I'm a bot and asks me to verify myself by filling few captchas, dropped proxies after my websites denied connection my computer. Running my browser in a sandbox though. So ran HijackThis and received some results. Wondering if you could check this out, rather paranoid at the moment especially since the hack to my email happened while I was at the hospital. Thank you in advance. Below is the my HijackThis log. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 1:43:20, on 30.3.2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16521) FIREFOX: 28.0 (fi) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\SysWOW64\HsMgr.exe C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Sandboxie\32\SbieSvc.exe C:\Users\Koti\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe" /Auto O4 - HKCU\..\Run: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard O4 - HKCU\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" O4 - HKCU\..\Run: [bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" O4 - HKCU\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Samsung Magician.lnk = C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AdvancedSystemCareAntivirus (ASCAntivirusSrv) - IOBit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: SafeBox - Bitdefender - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10414 bytes

Hello there, So recently my email was hacked and I received a virus to my computer. Changed my password and put an extra layer of security on my email & reformated the drive which Windows was installed on and then reinstalled it. Ran AV scans with couple different full AV programs. Bitdefender, Malwarebytes & Spybot, nothing comes up on last two but on Bitdefender I keep getting Cookies as viruses, also for some reason the scan settings keep changing every time I start a scan, even when the settings are on manual. Also now google thinks I'm a bot and asks me to verify myself by filling few captchas, dropped proxies after my websites denied connection my computer. Running my browser in a sandbox though. So ran HijackThis and received some results. Wondering if you could check this out, rather paranoid at the moment especially since the hack to my email happened while I was at the hospital. Thank you in advance. Below is the my HijackThis log. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 1:43:20, on 30.3.2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16521) FIREFOX: 28.0 (fi) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\SysWOW64\HsMgr.exe C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Sandboxie\32\SbieSvc.exe C:\Users\Koti\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe" /Auto O4 - HKCU\..\Run: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard O4 - HKCU\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" O4 - HKCU\..\Run: [bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" O4 - HKCU\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')