Wesken

Okay, will do, thanks for your help!

Okay, thanks for that info My computer is running fine.

Updated Java and uninstalled older versions. adwCleaner log: # AdwCleaner v4.106 - Report created 01/01/2015 at 18:29:15 # Updated 21/12/2014 by Xplode # Database : 2015-01-01.1 [Live] # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Grandmaster - ASUS_LAPTOP # Running from : C:\Users\Grandmaster\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Mozilla Firefox v34.0 (x86 en-US) -\\ Pale Moon v -\\ Google Chrome v39.0.2171.95 [C:\Users\Grandmaster\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} [C:\Users\Grandmaster\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} [C:\Users\Ninja\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} [C:\Users\Ninja\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} ************************* AdwCleaner[R0].txt - [1413 octets] - [01/01/2015 02:58:17] AdwCleaner[R1].txt - [1473 octets] - [01/01/2015 18:27:57] AdwCleaner[s0].txt - [1402 octets] - [01/01/2015 18:29:15] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1462 octets] ########## I apologize for the error, but I absentmindedly ran the eset online scanner without un-checking the remove found threats and checking the scan archives and scan for potentially unsafe applications options. I did it correctly afterwards, but I don't know if it would do what you wanted. The logs for the first time and second time are copied and pasted respectively. Log 1 (default settings): H:\Downloads\KMPlayer_EN_3.1.0.0.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined H:\Downloads\setupscreenhunterfree.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined H:\Wesley\D Backup Wesley\Downloads\HC2Setup.exe Win32/Somoto.F potentially unwanted application deleted - quarantined H:\Wesley\D Backup Wesley\Downloads\KMPlayer_EN_3.2.0.0.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined H:\Wesley\D Backup Wesley\Downloads\virtualdub setup.exe a variant of Win32/Soft32Downloader.D potentially unwanted application deleted - quarantined H:\Wesley\D Backup Wesley\Downloads\xmousesetup.exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined H:\Wesley\D Backup Wesley\Downloads\ZipOpenerSetup.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantined H:\Wesley\D Backup Wesley\Downloads\Photo Editing\Setup_FreeVideoConverter.exe Win32/Toolbar.SearchSuite potentially unwanted application deleted - quarantined H:\Wesley\D Backup Wesley\Downloads\Security\zaSetupWeb_101_065_000.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined Log 2 (correct settings): H:\Downloads\AVStoDVD_242_Install.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application H:\Downloads\SUPERsetup47.exe Win32/OpenCandy potentially unsafe application H:\Wesley\D Backup Wesley\Church\Music\PublicZone\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application H:\Wesley\D Backup Wesley\Church\Music\PublicZone\Downloads\PFPortChecker1.0.39.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application H:\Wesley\D Backup Wesley\Church\Music\PublicZone\Downloads\Portforward-Setup-Static-IP-Address.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application H:\Wesley\D Backup Wesley\Downloads\ccsetup313.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application H:\Wesley\D Backup Wesley\Downloads\dfsetup208.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application H:\Wesley\D Backup Wesley\Downloads\rcsetup145.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application H:\Wesley\D Backup Wesley\Downloads\Photo Editing\FreemakeVideoConverterSetup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application H:\Wesley\D Backup Wesley\Downloads\Sound Editing\vxlsetupfree.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application T:\Downloads\YouTubeToMP3.exe Win32/OpenCandy potentially unsafe application

No threats were detected and a restart was not required. Symptoms have stopped appearing. Here is the MBAM log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 1/1/2015 Scan Time: 2:21:35 AM Logfile: Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.01.01.02 Rootkit Database: v2014.12.30.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Grandmaster Scan Type: Threat Scan Result: Completed Objects Scanned: 493493 Time Elapsed: 17 min, 8 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) I scanned with adwCleaner and clicked on report. The only programs I see listed are my browsers. I'm not sure why I would need to delete those (though it does mention search providers I could get rid of), but the two browsers I'd like to keep most are Pale Moon and Chrome. Here is the report: # AdwCleaner v4.106 - Report created 01/01/2015 at 02:58:17 # Updated 21/12/2014 by Xplode # Database : 2014-12-30.1 [Live] # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Grandmaster - ASUS_LAPTOP # Running from : C:\Users\Grandmaster\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Mozilla Firefox v34.0 (x86 en-US) -\\ Pale Moon v -\\ Google Chrome v39.0.2171.95 [C:\Users\Grandmaster\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} [C:\Users\Grandmaster\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.ask.com/web?q={searchTerms} [C:\Users\Ninja\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} [C:\Users\Ninja\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.ask.com/web?q={searchTerms} ************************* AdwCleaner[R0].txt - [1273 octets] - [01/01/2015 02:58:17] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1333 octets] ##########

No issues running ComboFix, here is the log. ComboFix.txt

Done. Fixlog.txt

Thanks for the reply! Files attached. FRST.txt Addition.txt

Hello! Just recently I've been getting a lot of notifications for malicious websites being blocked, but I've scanned with Malewarebytes, including scanning for rootkits, and nothing has been detected. The malicious websites have all been outbound. One is e9967a.com, another is appsrumors.com, and another is domainless. All of them share the process C:\Windows\SysWOW64\dllhost.exe Yesterday, Webroot detected some threats but I don't think they were removed because Windows was giving me notifications having to do with not being able to access the files. Now WebRoot does not detect anything wrong, though. Also, Internet Explorer has been giving notifications that it has stopped working, but I did not have it open in the first place. This has all happened within a day, so I'm thinking the symptoms are related. Help would be greatly appreciated.