Help please!

[Juliet]

By chance, were you able to run AdwCleaner?, could you post the AdwCleaner[C1].txt

The standard Malwarebytes Anti-Malware at this time is just that meaning it's not an antivirus but, major changes are on the way (for the Premium version)

~~~~~
Did you download it and install it or did it come with one of the tools/devices you work on the internet with?
Read the info on this, I have to leave it up to you if you think you need it or not.

What is WinPcap? (from Riverbed Technology)
WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet.

~~~~~~~~~~~~~~~
Let's update and run a new scan with Malwarebytes Anti-Malware

• Open Malwarebytes Anti-Malware
  
• On the Dashboard click on Update Now
  
• Go to the Setting Tab
  
• Under Setting go to Detection and Protection
  
• Under PUP and PUM make sure both are set to show Treat Detections as Malware
  
• Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  
• Then on the Dashboard click on Scan
  
• Make sure to select THREAT SCAN
  
• Then click on Scan
  
• Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
• If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
• Upon completion of the scan (or after the reboot), click the History tab.
• Click Application Logs, followed by the first Scan Log.
• Click Export,followed by Copy to Clipboard. Paste the log in your next reply.
  

~~~~~~~~~~~~~~~~`

Follow the instructions below to run a scan using the Emsisoft Emergency Kit.

• Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder;
• Once the extraction is complete, Emsisoft Emergency Kit will open, and suggest you to run an online update before using the program. Click on Yes to launch it.
• After the update, click on Malware Scan under 2. Scan and accept to let Emsisoft Emergency Kit detect PUPs (click on Yes).
• Once the scan is complete, make sure that every item in the list is checked, and click on Quarantine selected;
  
• If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
• After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it;
• This time, click on Logs;
• From there, go under the Quarantine Log tab, and click on the Export button;
  
• Save the log on your desktop, then open it, and copy/paste its content in your next reply;

~~~~~~~~~~~~

Please post these 2 logs when finished.

[Juliet]

also read this for WinPcap

http://www.shouldiremoveit.com/WinPc...1-program.aspx

[rcb56]

waiting on the emisoft scan


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/16/2016
Scan Time: 1:34 PM
Logfile:
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.12.16.12
Rootkit Database: v2016.11.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Dad

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 381596
Time Elapsed: 15 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

# AdwCleaner v6.041 - Logfile created 16/12/2016 at 10:06:21
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-15.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Dad - BRIDGES1
# Running from : C:\Users\Dad\Desktop\adwcleaner_6.041.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found: C:\Program Files (x86)\Common Files\freemake shared
Folder Found: C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
Key Found: HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
Key Found: HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
Key Found: HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
Key Found: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz
Key Found: HKLM\SOFTWARE\WISECLEANER
Value Found: HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [WeatherBug.exe]
Value Found: HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [StormWatchApp.exe]
Key Found: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Dad\AppData\Local\Chromium\User Data\Default\Web data] - yahoo! powered
Chrome pref Found: [C:\Users\Dad\AppData\Local\Chromium\User Data\Default\Secure Preferences] - hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_fremkfs_16_35&param1=1&param2=f%3D7%26b%3D
Chrome pref Found: [C:\Users\Dad\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd
Chrome pref Found: [C:\Users\Dad\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_fremkfs_16_35&param1=1&param2=f%3D1%26b%3
Chrome pref Found: [C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found: [C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Found: [C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2246 Bytes] - [06/04/2016 12:51:54]
C:\AdwCleaner\AdwCleaner[C2].txt - [1863 Bytes] - [24/05/2016 15:42:33]
C:\AdwCleaner\AdwCleaner[S1].txt - [2000 Bytes] - [06/04/2016 12:50:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [1651 Bytes] - [24/05/2016 15:40:38]
C:\AdwCleaner\AdwCleaner[S3].txt - [3357 Bytes] - [16/12/2016 10:06:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [3430 Bytes] ##########

[rcb56]

also juliet i am running far better here and seeing little or no quirks like before

Emsisoft Emergency Kit - Version 12.0
Last update: 12/16/2016 2:00:16 PM
User account: BRIDGES1\Dad
Computer name: BRIDGES1
OS version: Windows 10x64

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start: 12/16/2016 2:00:31 PM
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507} detected: Application.AdGenie (A) []

Scanned 78954
Found 1

Scan end: 12/16/2016 2:08:59 PM
Scan time: 0:08:28

Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507} Application.AdGenie (A)

Quarantined 1

[Juliet]

also juliet i am running far better here and seeing little or no quirks like before

Thats what we want to hear!

When you ran AdwCleaner, did you allow it to remove what was found?

[rcb56]

yes, i meant to add that it found 20 problems but i think when i saved the file it went to a location other than my desktop. i'll see if i can find it. of course that being the second time it shows clean. as for the winpcap thing i have no idea. i ran it out with uninstaller but saw it was still there.

[rcb56]

i think this is the first result which was yesterday morning

# AdwCleaner v6.041 - Logfile created 16/12/2016 at 10:08:18
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-15.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Dad - BRIDGES1
# Running from : C:\Users\Dad\Desktop\adwcleaner_6.041.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Program Files (x86)\Common Files\freemake shared
[-] Folder deleted: C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz
[-] Key deleted: HKLM\SOFTWARE\WISECLEANER
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [WeatherBug.exe]
[-] Value deleted: HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [StormWatchApp.exe]
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Web browsers ] *****

[-] [C:\Users\Dad\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yahoo! powered
[-] [C:\Users\Dad\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_fremkfs_16_35&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBtD0CtD0Bzz0D0FyE0DtAtN0D0Tzu0StCyBtDyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyBzyzytBzztAtAtGtByD0E0CtG0E0D0D0AtGyEtCtAtCtG0FyE0AtAyDtCyEtBzyzytAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyB0FyCzz0E0AtDtG0AzyyB0CtGyE0C0C0BtGzy0Ezy0FtGyEyByCyEtCtCyD0AtDtCyEtA2QtN0A0LzutB%26cr%3D1076893339%26a%3Dwcg_fremkfs_16_35%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
[-] [C:\Users\Dad\AppData\Local\Chromium\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Dad\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_fremkfs_16_35&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBtD0CtD0Bzz0D0FyE0DtAtN0D0Tzu0StCyBtDyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyBzyzytBzztAtAtGtByD0E0CtG0E0D0D0AtGyEtCtAtCtG0FyE0AtAyDtCyEtBzyzytAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyB0FyCzz0E0AtDtG0AzyyB0CtGyE0C0C0BtGzy0Ezy0FtGyEyByCyEtCtCyD0AtDtCyEtA2QtN0A0LzutB%26cr%3D1076893339%26a%3Dwcg_fremkfs_16_35%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
[-] [C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2246 Bytes] - [06/04/2016 12:51:54]
C:\AdwCleaner\AdwCleaner[C2].txt - [1863 Bytes] - [24/05/2016 15:42:33]
C:\AdwCleaner\AdwCleaner[C3].txt - [3978 Bytes] - [16/12/2016 10:08:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [2000 Bytes] - [06/04/2016 12:50:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [1651 Bytes] - [24/05/2016 15:40:38]
C:\AdwCleaner\AdwCleaner[S3].txt - [3513 Bytes] - [16/12/2016 10:06:21]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [4270 Bytes] ##########

[Juliet]

I think we're there, what say you?

[rcb56]

juliet i have to agree! wow! a few days ago i was wondering if my pc days of a desktop were over soon and thinking i'd go with a laptop next. i felt here was my only hope...IF i could stay on to download and post here. excellent job and skill of your knowledge. thank you very much! i have purchased the full home version of spybot with all the protection. i suppose i should uninstall the other?

[Juliet]

juliet i have to agree! wow! a few days ago i was wondering if my pc days of a desktop were over soon and thinking i'd go with a laptop next. i felt here was my only hope...IF i could stay on to download and post here. excellent job and skill of your knowledge. thank you very much! i have purchased the full home version of spybot with all the protection. i suppose i should uninstall the other?

Is it working together with AV: Kaspersky Anti-Virus?

Let me ask around if both can be on the computer at one time.

~~~~~~~~~~~~~~~~~~~~`
This will remove tools and quarantine folders.

• Please download DelFix or from Here and save the file to your Desktop.
• Double-click DelFix.exe to run the programme.
• Place a checkmark next to the following items:
• Activate UAC
• Remove disinfection tools
• Click the Run button.
• -- This will remove the specialized tools we used to disinfect your system.
  Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

*********************