Jump to content


Honorary Members
  • Content Count

  • Joined

  • Last visited

Everything posted by Leila

  1. The laptop had belonged to the college age daughter of a neighbor who said his daughter had bought a new computer and had left her old one in the garage and he was cleaning out the garage and getting rid of unwanted clutter. He asked if I could use that laptop. The laptop computer I was gifted with is an ASUS with an Intel Premium processor, 500 gig hard drive, and Windows 7 installed. It has a manufacture date of June 2012, so it's less than 2 years old, and probably used about a year. I've had it since just before Thanksgiving 2013 and didn't want to deal with it over the holidays. I
  2. At the present time, I'm using McAfee anti-virus on my desktop PC, and it's been suggested that I should look into another anti-virus. In addition to my desktop PC, I've been gifted with a not quite 2-year-old laptop and need to put an anti-virus on that computer. I also have the pro version of Malwarebytes on my desktop. Do I need to buy another copy of the pro version for the laptop too? Any suggestions as to what anti-virus I should get.
  3. I've uninstalled Combofix and used OTCleanIt to remove the tools used. It's looking good! I can't thank you enough for all your help! Thank you so much for all your time and patience in helping to resolve this computer malware.
  4. The computer is running just fine now. It's running smoothly and quickly. I don't see any signs of infection at all. I haven't downloaded and installed Malwarebytes Pro yet, as I wanted to make sure everything was running normally first. If I understand correctly, I'm to disable my antivirus, then download and install Malwarebytes Pro. Upon installation will Malwarebytes Pro automatically ignore the 9 McAfee components and put them on the ignore list, or do I have to manually put them on the ignore list?
  5. I'm surprised that the Security Check still shows Adobe Reader out of date. I did the update prior to downloading and running Security Check. Scorpion Saver by Adpeak is no longer listed on my list of programs.
  6. Here's the log for Security Check............................... Results of screen317's Security Check version 0.99.76 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version JavaFX 2.1.1 Java 7 Update 45 Adobe Flash Player 11.9.900.117 Adobe Reader 10.1.8 Adobe Reader ou
  7. Here's the Combofix log. I hope I did it right this time. ComboFix 13-11-07.01 - Linda 11/08/2013 14:31:30.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5992.3805 [GMT -8:00] Running from: c:\users\Linda\Desktop\ComboFix.exe Command switches used :: c:\users\Linda\Desktop\CFScript.txt AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defen
  8. Here's the Combofix log...................................... ComboFix 13-11-07.01 - Linda 11/07/2013 20:19:32.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5992.3617 [GMT -8:00] Running from: c:\users\Linda\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  9. Here is the log for SystemLook............................. SystemLook 30.07.11 by jpshortstuff Log created at 15:28 on 07/11/2013 by Linda Administrator - Elevation successful ========== filefind ========== Searching for "*Scorpion*" C:\temp\ScorpionSaver.msi --a---- 3166208 bytes [02:28 01/11/2013] [02:28 01/11/2013] 834EAC4E8DCB1E25D97C86CD1C673F5B C:\Users\Linda\Pictures\Winter Pictures 2011-2012\Desert with Phacelia (scorpion weed) blooms every few years.jpg --a---- 85432 bytes [04:43 18/01/2012] [04:43 18/01/2012] 9733A877CA4DAFA53A543B0D66238BFF Searching for "*Ad
  10. I clicked on Scorpion Saver by Adpeak and uninstall. Instead of uninstalling the program I got a pop-up from windows asking if I wanted to allow this program to update on this computer. I clicked on "no" as I think it was going to update and re-install that program.
  11. I've uninstalled Combofix and have downloaded and run OTCleanIt. All of the programs and tools are gone from my desktop except for Security Check. I went to my programs and I had removed ESET after the first time I used it. In going through the programs list I noticed a program there and I'm wondering if it's a legitimate program. It's called Scorpion Saver by Adpeak. It was installed on October 31, 2013 during the time my computer had the virus/trojan. Is this a program that I should uninstall? I want to thank you for all your help! You've worked wonders for my computer! Thank Yo
  12. Sorry it's taken so long to get back to this. We had to make another long 140 mil round trip to the bank today and I'm just now getting online. Here's the log from Security Check. So far everything seems to be running smoothly. I can now access the Google search engine, and I haven't had any alerts from McAfee. I was concerned about FireFox as I've had things show up in the "Add-Ons" and I've never subscribed to any add on features. I had that Linsicle add on that turned words in my posts to links and that's now gone. Yesterday, McAfee SiteAdvisor and a Mozilla programs called Default
  13. Here's the Combofix log............................ ComboFix 13-11-04.01 - Linda 11/05/2013 22:34:28.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5992.3938 [GMT -8:00] Running from: c:\users\Linda\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created
  14. Here is the fixlist log............................. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013 Ran by Linda at 2013-11-05 20:14:48 Run:1 Running from C:\Users\Linda\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\...\Run: [browserSafeguard] - C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [573952 2013-10-29] (BrowserSafeguard) C:\Program Files (x86)\Browsersafeguard HKCU\...\Run: [GoogleChromeAutoLaunch_72A69F45706A1906C3BB8A81AA94F778] - C:\Program Files (x86)\Googl
  15. I posted the Addition log above. This is the Farbar Recovery Scan Tool. I download both versions of the FRST.txt, but only the 64 bit would run on my computer. I realized after I did the scan that my antivirus was on. Was I supposed to turn it off? Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013 Ran by Linda (administrator) on LINDA-PC on 05-11-2013 14:52:37 Running from C:\Users\Linda\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =====
  16. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013 Ran by Linda at 2013-11-05 14:53:45 Running from C:\Users\Linda\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (
  17. I had to break the log up into parts as it was too long. There may be some over-lapping, as I wasn't sure what was copied.
  18. 12:16:33.0924 0x1534 [ 33A77D477EF9D7A5C65A950129DF2E47, 4276E3DA2966785530F1538CEA8BA6D8DDA2A0310722679028857AF70AD71A44 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll 12:16:33.0924 0x1534 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok 12:16:33.0939 0x1534 [ 2342EC9254F4C60CA98441BD65C89E12, 7FDCAEB5D021E291A1C9B94DD4D49913CE363BF94D37518E466DB3DD72C41D05 ] C:\Windows\SysWOW64\dciman32.dll 12:16:33.0939 0x1534 C:\Windows\SysWOW64\dciman32.dll - ok 12:16:33.0939 0x1534
  19. 12:16:33.0424 0x1534 [ BF6D6ED5FADCEEE885BD0144ECF1BA27, 269EE4B920F16ECAA6838078C984210F7E6997B4A1B7BAEEB11515B8D6AF3575 ] C:\Windows\SysWOW64\ncrypt.dll 12:16:33.0424 0x1534 C:\Windows\SysWOW64\ncrypt.dll - ok 12:16:33.0424 0x1534 [ D9D9CD380AA3728AD7F10881AB390C22, 213AFD4FCDC4C24CDF8ECE0D1A2CDA7184F55D62476A801F914CDCBD5A7D5EFE ] C:\PROGRA~1\McAfee\MPF\MpfApi.dll 12:16:33.0424 0x1534 C:\PROGRA~1\McAfee\MPF\MpfApi.dll - ok 12:16:33.0424 0x1534 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
  20. 12:16:32.0348 0x1534 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll 12:16:32.0348 0x1534 C:\Windows\System32\wlgpclnt.dll - ok 12:16:32.0348 0x1534 [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll 12:16:32.0348 0x1534 C:\Windows\System32\msxml6.dll - ok 12:16:32.0364 0x1534 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll 12:16:32.03
  21. 12:16:31.0699 0x1534 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys 12:16:31.0699 0x1534 C:\Windows\System32\drivers\raspppoe.sys - ok 12:16:31.0702 0x1534 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys 12:16:31.0702 0x1534 C:\Windows\System32\drivers\raspptp.sys - ok 12:16:31.0705 0x1534 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Window
  22. It took me a while to digest and understand how to run the TDSSKiller program. It came up with no threats. The log is too long to post in one reply. Here's the first part of the log. 12:14:19.0292 0x0db8 TDSS rootkit removing tool Nov 1 2013 15:53:38 12:14:19.0838 0x0db8 ============================================================ 12:14:19.0838 0x0db8 Current date / time: 2013/11/05 12:14:19.0838 12:14:19.0838 0x0db8 SystemInfo: 12:14:19.0838 0x0db8 12:14:19.0838 0x0db8 OS Version: 6.1.7601 ServicePack: 1.0 12:14:19.0838 0x0db8 Product type: Workstation 12:14:19.0838 0x0
  23. After running combofix, I rebooted my computer and enabled McAfee. Shortly after I enabled McAfee it popped up with another alert. Here's the log of the threats for the day. Name Type Risk Date Discovered RDN/Generic.tfr!439965AE05C1 Trojan Low 11/4/2013 RDN/Generic PUP.x!8177351F9B85 Program Low 11/4/2013 RDN/Generic.dx!CAC6C2AF6E28 Trojan Low 11/4/2013 RDN/Generic.bfr!fg!4A6B099DCC06 Trojan Low 11/4/2013 RDN/Generic StartPage!bq!8429B1BBFEEF Trojan Low
  24. Here is the Combofix Log.................................. ComboFix 13-11-03.02 - Linda 11/04/2013 20:15:09.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5992.3771 [GMT -8:00] Running from: c:\users\Linda\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . .
  25. I seem to have some sort of new issue. I just tried to use the Google search engine to find something and got the message that "This connection is untrusted." Edited to add that on FireFox, under "Add-ons" is McAfee SiteAdvisor 3.6.3. I haven't added anything to the "Add-on" feature and checked it because yesterday I found that add-on that was making the clickable links. I don't know how the McAfee SiteAdvisor got there.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.