Browser redirect to yourwebrng or 4-you.net

[Cloudblue]

Go ahead and do the above.

Also, let's run an online to look for hidden items.

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
Most reliable and thorough.
The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.



Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

• Please download ESET Online Scan and save the file to your Desktop.
• Temporarily disable your anti-virus software. For instructions, please refer to the following link.
• Double-click esetsmartinstaller_enu.exe to run the programme.
• Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
• Agree to the Terms of Use once more and click Start. Allow components to download.
• Place a checkmark next to Enable detection of potentially unwanted applications.
• Click Advanced settings. Place a checkmark next to:
  
  • Scan archives
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  
  
• Ensure Remove found threats is unchecked.
• Click Start.
• Wait for the scan to finish. Please be patient as this can take some time.
• Upon completion, click . If no threats were found, skip the next two bullet points.
• Click and save the file to your Desktop, naming it something such as "MyEsetScan".
• Push the Back button.
• Place a checkmark next to and click .
• Re-enable your anti-virus software.
• Copy the contents of the log and paste in your next reply.

ESET:
C:\AdwCleaner\Quarantine\C\Users\Pierre\AppData\Roaming\zona\plugins\zupdater\ZonaUpdater.exe.bak.vir a variant of Win32/ZvuZona.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Pierre\AppData\Roaming\zona\plugins\zupdater\ZonaUpdater.exe.vir a variant of Win32/ZvuZona.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Pierre\AppData\Roaming\zona\plugins\zupdater\zupdater_0.0.2.1.zip.vir a variant of Win32/ZvuZona.F potentially unwanted application
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon1.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon10.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon11.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon12.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon13.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon14.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon15.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon16.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon2.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon3.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon4.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon5.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon6.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon7.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon8.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon9.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon1.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon10.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon11.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon12.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon13.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon14.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon15.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon16.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon2.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon3.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon4.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon5.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon6.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon7.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon8.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\IronInstallToolbarAmazon9.zip Win32/Bagle.gen.zip worm
C:\Users\Pierre\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.3.2_30303.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.3.2_30416.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.4.2_37951.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.4.2_38913.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Pierre\Desktop\FamilTreeMaker\FTM 2012\setup.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Users\Pierre\Desktop\Recent Downloads\arolicense2012.exe a variant of Win32/Systweak potentially unwanted application
C:\Users\Pierre\Desktop\Recent Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application
C:\Users\Pierre\Desktop\Recent Downloads\BestVideoDownloader(1).exe a variant of Win32/KBM.A potentially unwanted application
C:\Users\Pierre\Desktop\Recent Downloads\BestVideoDownloader.exe a variant of Win32/KBM.A potentially unwanted application
C:\Users\Pierre\Desktop\Recent Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Pierre\Downloads\ccsetup508.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Pierre\Google Drive\PrivitizeVPNInstallerCLEAN.rar Win32/TopMedia.A potentially unwanted application
C:\Users\Pierre\Halite Downloads\Incoming\FTM 2012\setup.exe a variant of Win32/HiddenStart.A potentially unsafe application

[Cloudblue]

Should I have uninstalled ESET?

[Juliet]

Should I have uninstalled ESET?

You can.

bittorrent and torrents (authorities are going after the popular Pirate Bay Web site for illegal distribution of video files, piracy community) is going to render your machine unbootable.
P2P Warning

------------------------------

I see you have peer-to-peer (P2P) file sharing software installed on your computer (BitTorrent| µTorrent, nowtorrents.com | YIFY ). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infested with malware - worms, backdoor Trojans, IRCBots, and rootkits propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install malware. The best way to reduce the risk of infection is to avoid these types of web sites and P2P programmes. Please read the following articles for more information.

• Risks of File-Sharing Technology
• P2P Software User Advisories
• More malware is traveling on P2P networks these days
  
  Your P2P software can be removed by following the instructions below.
  
• Press the Windows Key + r on your keyboard at the same time. Type appwiz.cpl and click OK.
• Search for the aforementioned programme(s), right-click and click Uninstall. Follow the prompts.

If you choose not to, please refrain from using the programme(s) during this process.

~~~~~~~~~~~~~~~~~~~~`

These files aren´t malware but contain security risks. I´d delete them immediately - your choice.

C:\Users\Pierre\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.3.2_30303.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.3.2_30416.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.4.2_37951.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.4.2_38913.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Pierre\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Pierre\Desktop\FamilTreeMaker\FTM 2012\setup.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Users\Pierre\Desktop\Recent Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application
C:\Users\Pierre\Halite Downloads\Incoming\FTM 2012\setup.exe a variant of Win32/HiddenStart.A potentially unsafe application


~~~~~~~~~~~~~~~~~~~~~`

Running from C:\Users\Pierre\Downloads

It's best we move Farbar's to desktop.

Please go to your downloads folder, locate Farbar Recovery Scan Tool, right click and select CUT
Go to an open spot on your desktop, right click and select PASTE
You should now have Farbar Recovery Scan Tool on your desktop.


Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-
SearchScopes: HKU\S-1-5-21-1518660660-3768964156-1748568137-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKU\S-1-5-21-1518660660-3768964156-1748568137-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1518660660-3768964156-1748568137-1001 -> {47D7A7B1-F879-498A-8632-BAE1DA05B228} URL =
SearchScopes: HKU\S-1-5-21-1518660660-3768964156-1748568137-1001 -> {A0CDCC51-0AE4-49E5-8496-477132B65F7B} URL =
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-09-14] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ggkfikfcbnpfoicfjammigpnakpogebh] - "C:\Program Files (x86)\FVD Suite\addons\chrome\fvdext.crx" <not found>
C:\Users\Pierre\AppData\Local\Temp\sqlite3.dll
Task: {8A1CFC0D-0604-424E-89A3-B771C8B0AFB9} - \SomotoUpdateCheckerAutoStart -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
C:\Users\Pierre\Desktop\Recent Downloads\arolicense2012.exe
C:\Users\Pierre\Desktop\FamilTreeMaker\FTM 2012\setup.exe
C:\Users\Pierre\Desktop\Recent Downloads\BestVideoDownloader(1).exe
C:\Users\Pierre\Desktop\Recent Downloads\BestVideoDownloader.exe
C:\Users\Pierre\Desktop\Recent Downloads\Shockwave_Installer_Slim.exe
C:\Users\Pierre\Downloads\ccsetup508.exe
C:\Users\Pierre\Google Drive\PrivitizeVPNInstallerCLEAN.rar
EmptyTemp:
Hosts:
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


Please tell me how your computer is now.

[Cloudblue]

I have deleted the security risks and here is the fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version:16-08-2015
Ran by Pierre (2015-08-17 13:30:21) Run:1
Running from C:\Users\Pierre\Desktop
Loaded Profiles: Pierre (Available Profiles: Pierre)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp" => key removed successfully
HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending" => key removed successfully
HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot" => key removed successfully
HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared" => key removed successfully
HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShareOverlay" => key removed successfully
HKCR\Wow6432Node\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully.
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.


The system needed a reboot..

"Homepage" (4-you.net) is gone......

I will continue to monitor performance throughout the day and report back if any anomalies encountered.

Juliet, thank you so much for your assistance!!!

==== End of Fixlog 13:31:17 ====

[Cloudblue]

Can you give me a briefing of what was done?? Your thoughts?

[Cloudblue]

After a few hours of testing, all is well.
Also, the computer hangs seem to have stopped.... I was getting "windows is not responding" hang ups evry 30 minutes or so.

[Juliet]

"Homepage" (4-you.net) is gone......

I will continue to monitor performance throughout the day and report back if any anomalies encountered.

Juliet, thank you so much for your assistance!!!

Can you give me a briefing of what was done?? Your thoughts?

After a few hours of testing, all is well.
Also, the computer hangs seem to have stopped.... I was getting "windows is not responding" hang ups every 30 minutes or so.

Alot of those 2nd and 3rd party items you downloaded from uTorrent and Pirate Bay came in bundled with what looks like a good amount of nasties.
If it's not legit, leave it alone.

Also, correct me if I'm wrong but, you don't have an onboard and active antivirus?

Ready to remove tools and quarantine folders?

[Cloudblue]

Alot of those 2nd and 3rd party items you downloaded from uTorrent and Pirate Bay came in bundled with what looks like a good amount of nasties.
If it's not legit, leave it alone.

Also, correct me if I'm wrong but, you don't have an onboard and active antivirus?

Ready to remove tools and quarantine folders?

Point taken about the nasties. I use windefender and malwarebytes premium/spybot free. Do I need a dedicated antivirus?

I have already removed tools.

[Juliet]

Point taken about the nasties. I use windefender and malwarebytes premium/spybot free. Do I need a dedicated antivirus?

Note for Windows 8/10 users: Windows 8 and Windows 10 integrates a more robust version of Windows Defender (and uses that name) for its anti-virus and anti-malware protection. Although it uses the same name, it is not the same as the older version of Defender found in previous operating systems. Windows 8/10 Defender provides the same level of protection against malware as Microsoft Security Essentials (MSE), therefore, you cannot use MSE with Windows 8/10.

http://answers.microsoft.com/en-us/p...0-ed9f72fabb92

If you want to use another anti-virus then you need to disable Windows Defender.
http://www.guidingtech.com/10154/dis...ling-antivirus

Read over this link, very informative. Start with post 2.
http://www.bleepingcomputer.com/foru...ces/?p=2316629


~~~~~~~~~~~~

DelFix
[*]Please download DelFix or from Here and save the file to your Desktop.
[*]Double-click DelFix.exe to run the programme.[*]Place a checkmark next to the following items:

• Activate UAC
• Remove disinfection tools
  
  
• Click the Run button.
• -- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

~~~~~~~~~~~`

• Answers to common security questions - Best Practices by quietman7, MVP
• How Malware Spreads - How did I get infected? by quietman7, MVP
• Simple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVP
• How to Prevent Malware by miekiemoes, MVP
• How to backup and restore your data using Cobian Backup by YourHighness
• Slow Computer/browser? It May Not Be Malwareby quietman7, MVP
  

The following programmes come highly recommended in the security community.

• AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
• CryptoPrevent places policy restrictions on loading points for ransomware (eg.CryptoPrevent), preventing your files from being encrypted.
• Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
• Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
• NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
• Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
• Secuina PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
• SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
• Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.

Want to help others? Join the ClassRoom and learn how.

[Juliet]

Glad we could help.

Since this issue appears resolved ... this Topic is closed.