Jump to content
Sign in to follow this  
Btuvi

Network firewall security

Recommended Posts

A couple of weeks ago I found that I was no longer able to access Netflix. Yesterday I contacted netflix by phone to fix the problem. Long story but they took control of my computer and showed me that along with my ip address there were 10 or 12 other ip addresses which they said could now see all info on my computer - and had taken control of my netflix acct (computer was infected). They said my problem was network firewall security and encouraged me to purchase through them Dialport Solution for $199 for one time fix or $299 two year fix with continued help should I have a recurring problem. In the process they found that my computer was so slow it couldn't be tested. Though it is a little slow it hasn't bothered me a lot since it is very functional.

 

I declined the offer to purchase their solution so that I could first run a pcpitstop scan. I remembered that in a previous effort (a long time ago) to run a scan through pitstop I found that I could not get online using ie. I was unsuccessful in trying to fix that problem but let it go since I use firefox - and did not have a use for ie except for pitstop scan. I tried to get online using ie to see if a pitstop scan would explain this firewall security problem and my foreign ip addresses but could not.

 

I don't know how to address this problem - how to find out exactly what this trojan is - what to do about it - and how to prevent it in the future.

 

You folks have helped me quite a bit in the past so maybe you can help now.

 

Any suggestions?

 

Thanks, Barry

Share this post


Link to post
Share on other sites

Start with Malwarebytes > http://downloads.malwarebytes.org/file/mbam/

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.



Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart t

he computer, please do so immediately.

 

Let us know how you make out here... Copy&Paste the entire log in your next reply.

 

 

 

 

:geezer:


Share this post


Link to post
Share on other sites

Also, how do you connect to the internet? Is it through a router?

Share this post


Link to post
Share on other sites

I ran mbam and it turned up a couple of problems but did not solve my problem. It did not identify any foreign ip addresses. I was out of time so could not send the log but will tomorrow.

 

Also, att router dsl connected to desktop. Tomorrow having uverse installed.

 

Thanks for your help.

Share this post


Link to post
Share on other sites

Best thing to do is to use the reset on your router and take the router back to it's defaults. Most routers have a reset button or port that needs to be pressed and held for about 5 seconds and then the router will revert to it's defaults.

 

Set it back up and use different passwords and encryption keys to connect.

 

There are router hacks out there that can do this kind of behavior, but if you reset and resecure, you will be rid of them.

 

:) Y

Share this post


Link to post
Share on other sites

There must be a better way of doing this other than copy and paste - given the length. But I don't know how so here it is.

 

As I said the att tech is coming to install new uverse router today and will set it up to help avoid further contamination, I suppose. However, that would not appear to be a solution to the foreign ip addresses already on my computer nor the Trojan infection that Netflix says I have.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/19/2015
Scan Time: 2:24:27 PM
Logfile: mbqam.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.06.19.04
Rootkit Database: v2015.06.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Barry

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 324297
Time Elapsed: 21 min, 22 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\MyPC Backup.exe, 972, Delete-on-Reboot, [9ef2e6d6e0aa95a1a3a29567a25f47b9]
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\BackupStack.exe, 1940, Delete-on-Reboot, [5a362a92701a96a0117cad629b698f71]

Modules: 2
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x86\SQLite.Interop.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x86\SQLite.Interop.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],

Registry Keys: 4
PUP.Optional.MyPCBackup.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\MyPC Backup, Quarantined, [b4dcc1fb305ad2641800c443ec186d93],
PUP.Optional.MyPCBackup.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKUPSTACK, Quarantined, [5a362a92701a96a0117cad629b698f71],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1392160516-1002714386-1438974567-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\DOIHLNMLJMEBKOKNLDKBMEGNIJKBDOIO, Quarantined, [7e12417b890148ee82214fa712f14db3],
PUP.Optional.MyPCBackup.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MyPC Backup, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],

Registry Values: 2
PUP.Optional.MyPCBackup.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKUPSTACK|ImagePath, C:\Program Files\MyPC Backup\BackupStack.exe, Quarantined, [5a362a92701a96a0117cad629b698f71]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1392160516-1002714386-1438974567-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\doihlnmljmebkoknldkbmegnijkbdoio|path, C:\Users\Barry\AppData\Local\CRE\doihlnmljmebkoknldkbmegnijkbdoio.crx, Quarantined, [7e12417b890148ee82214fa712f14db3]

Registry Data: 0
(No malicious items detected)

Folders: 15
PUP.Optional.MindSpark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\FromDocToPDF_65, Quarantined, [0f815963ee9cf640556604f17c87f30d],
PUP.Optional.ConduitTB.Gen, C:\Users\Barry\AppData\Local\CRE, Quarantined, [7f115468b7d3a195465b21d56c97827e],
PUP.Optional.MyPCBackup.A, C:\Users\Barry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup, Quarantined, [d2be209ce6a43df9375548c70004ec14],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Config, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Resources, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Resources\cache, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x64, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x86, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected], Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\chrome, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\META-INF, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\plugins, Quarantined, [6b2576465634f541de30295ece38d729],

Files: 89
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\MyPC Backup.exe, Delete-on-Reboot, [9ef2e6d6e0aa95a1a3a29567a25f47b9],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Service Start.exe, Quarantined, [cdc3774595f532043e0741bb0cf531cf],
PUP.Optional.MindSpark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\FromDocToPDF_65\2518E7BB-41AE-48F7-8AAA-16E7082664E4.sqlite, Quarantined, [0f815963ee9cf640556604f17c87f30d],
PUP.Optional.ConduitTB.Gen, C:\Users\Barry\AppData\Local\CRE\doihlnmljmebkoknldkbmegnijkbdoio.crx, Quarantined, [7f115468b7d3a195465b21d56c97827e],
PUP.Optional.Spigot.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\searchplugins\yahoo_ff.xml, Quarantined, [e3ada3191a703006dc309c6b0ff5a65a],
PUP.Optional.MyPCBackup.A, C:\Users\Barry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk, Quarantined, [3e5237854c3e2f076c1ec94681839a66],
PUP.Optional.MyPCBackup.A, C:\Users\Barry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\MyPC Backup.lnk, Quarantined, [d2be209ce6a43df9375548c70004ec14],
PUP.Optional.MyPCBackup.A, C:\Users\Barry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\Uninstall.lnk, Quarantined, [d2be209ce6a43df9375548c70004ec14],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\searchplugins\ask-web-search.xml, Quarantined, [b0e07844454533034ab1d655bd47b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\BackupStack.exe, Delete-on-Reboot, [5a362a92701a96a0117cad629b698f71],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\aff.conf, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Configuration Updater.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\de_DE.mo, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\es_ES.mo, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\fr_FR.mo, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\GetText.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\InstMgr.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Ionic.Zip.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\it_IT.mo, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\LogicNP.EZShellExtensions.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Microsoft.Win32.TaskScheduler.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaFS.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.51.x86.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.52.x64.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.52.x86.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.60.x64.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.60.x86.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\AlphaVSS.Common.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\BackupStackUI.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\MPCBContextMenu.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\mypcbackup.ico, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\NativeHashWrapper.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Newtonsoft.Json.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\ObjectListView.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\PipeDiff.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\pt_PT.mo, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\RegisterExtensionDotNet20_x64.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\BplusDotNet.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\MPCBClient.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\RegisterExtensionDotNet20_x86.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\RegisterExtensionDotNet40_x64.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\RegisterExtensionDotNet40_x86.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Shared Stack.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Signup Wizard.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\SignupWizard.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\syncicon.ico, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\System.Data.SQLite.DLL, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\uninst.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\UnRegisterExtensions.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Updater.exe, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Updater_.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\websocket-sharp.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Config\api.ts2, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database\mpcb_file_cache.db, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database\mpcb_settings.db, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\Database\mpcb_version_queue.db, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\APPLICATION.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\APP_CRASH.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\AUTH.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\BACKOFF.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\CLIENT.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\GRID_RECOVERY.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\GRID_RECOVERY_INIT.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\LICENCE.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\NETWORK_SHARES.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\POPUPS.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\REMOTING.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\REQUEST.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\SCHEDULE.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\SERVER_DECODE_LOG.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\SERVICE.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\TASKS.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\UPDATER.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\UTC_MIGRATION.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\log\WAIT_HANDLES.log, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x64\SQLite.Interop.dll, Quarantined, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files\MyPC Backup\x86\SQLite.Interop.dll, Delete-on-Reboot, [bfd1a715e0aa9b9ba058f1ff4fb4b54b],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\install.rdf, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\bootstrap.js, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\chrome.manifest, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\install_no_bootstrap.rdf, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\chrome\65ffxtbr.jar, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\META-INF\manifest.mf, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\META-INF\zigbert.rsa, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\META-INF\zigbert.sf, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.Mindspark.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\extensions\[email protected]\plugins\NativeMessagingDispatcher.dll, Quarantined, [6b2576465634f541de30295ece38d729],
PUP.Optional.ASK.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\prefs.js, Good: (), Bad: (user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.tb", "http://home.tb.ask.com/index.jhtml?ptb=2518E7BB-41AE-48F7-8AAA-16E7082664E4&n=781b15f2&p2=^Y6^xdm003^YYA^us&si=CNvmydiE7MQCFdcYgQodNA4AlQ");), Replaced,[2c64dede97f3a88eb616a8e15fa748b8]
PUP.Optional.ASK.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\pyj9nfzz.default-1415998234551\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=2518E7BB-41AE-48F7-8AAA-16E7082664E4&n=781b15f2&ind=2015041010&p2=^Y6^xdm003^YYA^us&si=CNvmydiE7MQCFdcYgQodNA4AlQ&searchfor=");), Replaced,[454b0fad2b5f70c6715c84054eb832ce]
PUP.Optional.Spigot.A, C:\Users\Barry\AppData\Roaming\Mozilla\Firefox\Profiles\u12lkbjk.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");), Replaced,[f19f289452385adcca9b44435bab02fe]

Physical Sectors: 0
(No malicious items detected)


(end)

Share this post


Link to post
Share on other sites

However, I now discover that I am able to connect to Netflix again. This is where the whole problem began so apparently - problem solved. However, when Netflix took control of my computer to try and figure out why I was unable to connect they took me to a page that showed all these foreign ip addresses which they said were due to a trojan and that the computer was infected. To be clear I had not set up password when router first installed because I wanted all family members who visited to be able to log on without having to go through the password business. Netflix was telling me that this opened up my netflix to neighbors and that was why it no longer worked.

 

Twice I have had netflix take control of my computer to fix my netflix connection. Both turned up my foreign ip address situation and both tried to sell me an expensive ongoing program that would eliminate foreign ip addresses and protect against trojans. Did not appear to be happy when I turned down their offer.

 

Wish I could get back to all those foreign ip addresses and see if they are still there but don't know where that page is.

 

Still open to any thoughts or suggestions - and thanks for help and comments.

Share this post


Link to post
Share on other sites

You had a Conduit infection that Malwarebytes took out of commission, that pollution could well be the crux of the problem internally.

 

I'd advise you to follow up with a flush and reset of your 3 browsers.

 

For Internet Explorer 7, 8, 9, 10, or 11, go to Start> Control Panel> Network and Internet> Internet Options> Browsing History> Delete and click the button to delete the temporary Internet Files, then click 'yes', 'close', 'OK'.
Next, try resetting your browser to defaults and manually uninstall any and all tool bars in Start>Control Panel>Programs and Features (or Add/Remove Programs). There are instructions at the link below to help with resetting the browser:
Reboot and reset your home pages as you like them.
:) Y

Share this post


Link to post
Share on other sites

Nothing showing in your MBAM log is responsible for your problems. Everything found was just rescource stealing garbage that will bog down your system... but no trojans.

 

Your best bet is to lock down your wireless (set password). $199 or $299 is a rediculous amount to pay for a router. I'm assuming the one from ATT is more reasonable. Once you've done that, you need to change your login info for netflix. Once someone has your information, they don't need to login to your account through your network, they can get on anywhere. If others are using your netflix account, you should be seeing signs of activity that you don't recognize - movies you didn't watch.

Share this post


Link to post
Share on other sites

Thanks for all your help. But here is where I am now:

 

New uverse router makes surfing faster.

 

I had done something that made ie start connecting to net again but still couldn't use for pitstop scan. Scan effort told me how to run as administrator and I clicked on that but it didn't make any difference. When I tried following directions above to reset and flush browers I lost net connection with ie and have not been able to get it back.

 

When I search for anything through firefox bing came up but now it is disabled - I think - I was unable to remove it when I clicked on it - remove button grayed out. Now ask.com pops up. Also, yahoo pops up when I put something in search.

 

I've tried following all sorts of links that advise how to do a thing but things seem to either stay the same or change in some way I don't want them to.

 

I'm totally confused. I wish I could get rid of ask.com and yahoo when I search in google search bar but have had no success figuring that out.

 

What now?

Share this post


Link to post
Share on other sites

Go to Start> Control Panel> Uninstall a Program and Uninstall

 

Any that are present:

 

Bing Bar

Ask Toolbar

Search with Ask

Shop with Ask

Yahoo Tool Bar

 

:) Y

Share this post


Link to post
Share on other sites

In Firefox if you hover the mouse over the search box it should pop up and say "Google Search", also it should show "Change Search settings".....

 

 

 

 

:geezer:

Share this post


Link to post
Share on other sites

Bing Bar

Ask Toolbar

Search with Ask

Shop with Ask

Yahoo Tool Bar

 

If only it were that simple. None are in my program files nor are they to be found in my iobit uninstaller. I have no idea where they are.

Share this post


Link to post
Share on other sites

I was able to change search settings to google. Also read that bing, and ask, and yahoo come installed. I thought I might remove all but google when I saw the list but the "remove" button is grayed out. Problem solved for now though.

 

Thanks again for all your help.

 

Is this the best place to address my problem with ie connection? That is first step toward running a scan on pitstop.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...