allowed a potential hacker to have access to my computer, and possibhome network

[Corrine]

Excellent, thank you.  Now, just as a precaution, I'd like you to do an online scan.  Don't be alarmed if it reports files in the AdwCleaner quarantine or files removed by FRST.

Please follow the instructions below to run an on-line scan from ESET.

• Note: It is easiest if you use Internet explorer for this scan.  (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
  
  
  
  • Hold down Control and click on this link to open ESET OnlineScan in a new window so you can refer to these instructions.
    
  • Click the green ESET Online Scanner box.
    
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    
    
    
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      
    • Double click on the Eset Smart Installer icon on your desktop.
      
  • Check "YES, I accept the Terms of Use."
    
  • Click the Start button.
    
  • Accept any security warnings from your browser.
    
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    
  • Click Advanced settings and select the following:
    
    
    
    • Scan potentially unwanted applications
      
    • Scan for potentially unsafe applications
      
    • Enable Anti-Stealth technology
      
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    
  • When the scan completes, click List Threats
    
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    
  • Click the Back button.
    
  • Click the Finish button.
    

[mpotts]

Is there a need for my wife and daughter's computers to be scanned too?  They are on the same network as me, although they have not received any notice of activity of malicious activity.

[Corrine]

They should be fine.  Did you do the ESET scan?

[mpotts]

I did the ESET scan.  Just checked it and found it at 47%, not much progressed from last night, but appears to be moving. 

1 threat found so far.

[winchester73]

they have not received any notice of activity of malicious activity.

The tech support scam popup was limited to your computer, otherwise they'd be getting them as well.

[mpotts]

Thank you very much.    And following is the result of the ESET scan:

C:\Users\Michael\Downloads\ccsetup504.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application

[Corrine]

If you didn't have ESET remove that file, you can easily go to your downloads folder and delete ccsetup504.exe.

Let's take care of removing the tools used:

Please download Delfix from here.

Ensure the following boxes are checked:

• Remove disinfection tools
  
• Create registry backup
  
• Purge system restore
  
  
• Click Run
  

The program will run for a few moments and then notepad will open with a log.   Please paste the log in your next reply and let me know if you have any questions.

[mpotts]

Corrine .. I am not sure what you mean?  I ran the ESET scan and posted the result in last email.

Do you want me to run Delfix too?

[Corrine]

Yes.  Delfix will remove the tools and their logs that I had you download.  In addition, it will flush system restore so any "bad" restore points are gone and create a fresh restore point for you.  It makes "cleanup" a one-step process.

[mpotts]

OK.  Thank you Corrine.

[mpotts]

Does this look OK Corrine?

delfix results:

# DelFix v1.011 - Logfile created 11/09/2015 at 22:03:17
# Updated 18/08/2015 by Xplode
# Username : Michael - KYRA-HP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Michael\Desktop\Addition.txt
Deleted : C:\Users\Michael\Desktop\JRT.txt
Deleted : C:\Users\Michael\Downloads\Addition.txt
Deleted : C:\Users\Michael\Downloads\adwcleaner_5.006.exe
Deleted : C:\Users\Michael\Downloads\FRST.txt
Deleted : C:\Users\Michael\Downloads\FRST64(1).exe
Deleted : C:\Users\Michael\Downloads\FRST64(2).exe
Deleted : C:\Users\Michael\Downloads\FRST64.exe
Deleted : C:\Users\Michael\Downloads\JRT.exe
Deleted : C:\Users\Michael\Downloads\SecurityCheck.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #322 [Windows Update | 08/29/2015 19:42:46]
Deleted : RP #323 [Windows Update | 09/05/2015 22:42:38]
Deleted : RP #325 [Restore Point Created by FRST | 09/07/2015 03:07:01]
Deleted : RP #326 [JRT Pre-Junkware Removal | 09/07/2015 11:29:58]
Deleted : RP #327 [Windows Update | 09/09/2015 02:17:55]
Deleted : RP #328 [Windows Update | 09/09/2015 07:00:28]
Deleted : RP #329 [Windows Update | 09/10/2015 07:00:50]

New restore point created !

########## - EOF - ##########

[Corrine]

Perfect!

I came across this article this morning, Google takes action against ad injectors after 300K complaints from Chrome users.  It is an illustration of what you saw -- an advertisement injected in a website that was realistic enough to make you think your computer was infected.  Now you know that websites and someone telephoning you saying they are from "Windows Support" or some similar name do not have access to your computer to know it is infected.  A scary lesson. 

[mpotts]

Thank you very much Corrine, for everything!!

[Corrine]

You are very welcome!  Please give my regards to Lynn.