Need Help for Possible Infection

[DoloresL]

Hi, I would like to request some help to determine if my laptop computer is infected with something malicious.  

 

Yesterday afternoon, I noticed when I closed another application I was using (Adobe Illustrator) that a window had popped up saying that changes would be installed after the machine was restarted.  I had no idea why that window had appeared, other than possibly one of my young grandsons had been randomly pressing keys on the computer while I was away from it for a few minutes.

 

Later in the evening, I did end up rebooting the computer and after it started up again, I noticed that the Quick Launch toolbar was showing, even though I had not previously had it checked in the taskbar.  Programs that it was showing included Microsoft Outlook and Mozilla Firefox, both of which I haven't used in years, and also ShortHand 10 (a transcription assistance program I haven't used in a while and which is currently expired) was shown as a program I could toggle to if I wanted to.

 

I also noticed yesterday when I was checking out some things in McAfee, that under the Internet connections for Programs screen,several "new" programs were listed.  I have security set very tight on McAfee so that anything new that wants to run has to get my permission first, however McAfee never alerted me for any of these programs and they all had full access to the Internet: Connect to a Network Projector, Microsoft DTC Console Program, Performance Logs & Alerts DCOM Server, Windows Remote Assistance COM Server, WebKit2WebProcess.exe, Windows Live Communications Platform, Mesh Operating Environment, Windows Live Messenger, People Near Me, and Microsoft Office Outlook.  As mentioned above, I have not used Outlook in years and have never used it for e-mail and have never used Windows Live Messenger or People Near Me.  I am really not familiar with any of these other programs and suspect they have to do with using your computer as a server, something I don't do.  I blocked all of these programs in McAfee so they could not access the Internet, although I noticed that Outlook once again had access today when I checked this list again.

 

Also possibly useful information is that the most recent Windows update for this computer was yesterday afternoon, a definition update for Windows Defender KB945597 Definition 1.179.40.0.  The most recent Windows update before then that I can see in the list was from 7/11.

 

Yesterday and earlier today when I was running virus scans (mentioned below) I did get a couple of messages from Windows Defer (which was running at the time) saying that the Malwarebytes swissarmy file (sorry can't remember the exact name of it) had been changed.  

 

When I ran Malwarebytes early this morning after rebooting the computer, it failed and told me that there might be a rootkit problem, so it rebooted the computer and then ran itself with a completely black background that was very difficult to exit from once the scan was completed (successfully).  (I had to use ctrl-alt-del to get the Windows screen for starting Task Manager and use the logoff option.)  

 

Also, yesterday I noticed that Malware bytes kept telling me that it wasn't completely secure and the problem seemed to be that the option for Malicious Website protection wasn't checked.  I kept going in and checking it but the red warning message persisted all day.  

 

Early this morning I ran sfc with the scannow option from the command line and the resulting message was that Windows Resource Protection didn't find any integrity violations.  

 

Because of the weird situation with those unused programs popping up in McAfee with Internet connectivity, I did a little research and found out how to get into the Install/Uninstall area of the control panel and used the option to turn off every single Windows feature (many of them were already turned off) as none of them sounded like something I even needed.  

 

Earlier today,I ran full scans with all three of these programs and every one of them came back reporting that there were no problems: Malwarebytes, McAfee, and Windows Defender.

 

Unfortunately, I just have a bad feeling that something might be going on with the computer that these programs aren't picking up on.  In the last couple of weeks, I've had a couple of occasions where the computer just turned itself off when I was viewing a forum site in Google and about a month or so ago, I could swear I saw the command line black box just open up out of the blue and then all of a sudden the computer was being turned off.  So since then I've tried to be pretty diligent with keeping McAfee, Malwarebytes running all the time and Windows Defender running quite a bit of the time.  But with the weird changes that popped up yesterday, I kind of think something is still going on in spite of my efforts and in spite of what the scan results are.

 

I am attaching the two files produced from running the Farbar Recovery Scan, as I think this post is probably too long to just cut and paste them into it.  

 

Thank you in advance for any help you can offer!

 

FRST.txt

Addition.txt

 

[gringo_pr]

Hello

We are very sorry for the delay in responding to your request, If you are still in need of assistance please let me know and I will get started in helping you with your request.

Regards,

Gringo

Malwareremoval

Malwarebytes

[gringo_pr]

Hello

48 Hour bump

It has been more than 48 hours since my last post.

• do you still need help with this?
• do you need more time?
• are you having problems following my instructions?
• if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

[gringo_pr]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!