Jump to content

diddlydudette

Honorary Members
  • Posts

    43
  • Joined

  • Last visited

Everything posted by diddlydudette

  1. Thanks. I guess my question is, after all the tests I ran, is my phone altered at all to the point that I need to complete the below instructions from you? I'm sorry but I don't know. I'm technically challenged. Is it necessary to reset ZoneMap/Domains to default value? You say it's my call but I dont' know enough about it to know if I should or not. Thanks. The fixme.reg will reset your ZoneMap\Domains to the default value. Mine are all empty. This will also empty all your entry if any are listed.
  2. Would I be harming my computer if I don't reset the fixme.reg? Or should I do it? If I need to do it, what all will it entail? Will it delete cookies again? What would happen if I don't run it? Thanks.
  3. Hi, what does this mean? I can't just let things be as they are on my computer? I would prefer to do that if I can. I'd rather just give up and not try anything else. Can I do that or do I need to reset ZoneMap/Domains? I really don't want to have to go in once again and lose my cookies.
  4. Thank you once again. I think I'm going to give it up. Yesterday I spent a good amount of time re-entering in passwords, getting codes to get back into websites because all my cookies were deleted. I don't want to go thru that again. I will just have to figure out another way to get into that link. I may just have to go to a neighbor's house just to use that link. I use it often so was hoping there would be an easy fix but I don't feel comfortable messing with my router and all that. Thanks so much for your help. I really appreciate it.
  5. Thanks again for your continued help. This is so odd that others can access the page but I can't. The problem still persists. These are the error pages I get from the different browsers: Firefox Unable to connect Firefox can’t establish a connection to the server at formcrafts.com. The site could be temporarily unavailable or too busy. Try again in a few moments. If you are unable to load any pages, check your computer’s network connection. If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. Chrome Your Internet access is blocked Firewall or antivirus software may have blocked the connection. Try: Checking the connection Checking firewall and antivirus configurations Running Windows Network Diagnostics ERR_NETWORK_ACCESS_DENIED Microsoft Edge Hmmm...can’t reach this page Try this Make sure you’ve got the right web address: https://formcrafts.com Search for "https://formcrafts.com" on Bing Refresh the page Details Report this issue Privacy statement Fixlog.txt
  6. Hi Nasdaq, Thanks for your help. Yes, most people can access that page, but for some reason I can't. It's a bit aggravating. There were 2 files in quarantine but I deleted both but that had no affect on the issue. Attached you will find my 2 text files. Thanks again. Addition.txt FRST.txt
  7. https://formcrafts.com/ is the site I need to have access to. I tried putting the website on the exclusion list but I'm still unable to get to the page. What else can I do in setting or elsewhere to fix this? This is so frustrating when I need access to it. Thanks in advance. I have Windows 10
  8. Do we log into our Malwarebytes acct and click on 'Payment method' and then 'cancel subscription'?
  9. I just signed up for a 4 year subscription of premium and it automatically is set on auto-renew with no way to turn it off. Any help would be great. Thanks.
  10. That's what it was. I had run a scan and needed to complete some actions. Thanks to both of you for your help. Hopefully that did the trick if not I'll post back.
  11. Hi, A little pop-up on bottom right of my screen keeps coming up informing me that malwarebutes database is out of date. I have the option to click 'ok' but when I do nothing happens and the pop-up continues popping up every 15 minutes. I then opened up Malwarebytes to see if there was something I could do from there. After opening it up, there is a big button that says "Fix Now". I click on it but nothing happens as if it's not activated. Also beside 'Database Version' it has a yellow triangle V2014.06.06.05 beside it with a button that states 'update now' but I can't because that particular button is grayed out so there is no action. I have posted a screen shot. Anyone know how I can stop this darn pop-up? I thought maybe I would uninstall and reinstall, but if I reinstall I don't have a record of my licsense and when going into my acct profile I see nothing but ***** and that doesn't help. lol Thanks so much!
  12. That was just so odd. I'd never had something like that happen and google wasn't even bringing up anything when I did a search. Thanks so much for you help! :-)
  13. Mr. Charlie. This is looking promising. I'm going to wait a couple of days and do some more surfing to see if it happens angain and I'll report back to let you know if gone for good, but just looking at the same text posted above, I don't see those strange hyperlinks. Was resetting Firefox back to defaults my issue? Was that caused by a virus?
  14. It found a few things and then deleted or disabled them. Sorry, just thought I was supposed to hit fix and let it fix itself. I didn't pay that close attention to what it fixed. I went to a random site to find some text and you can see the hyperlinks are still showing up.
  15. I still go to different sites online and see the hyperlinks in text. And I thought it strange that when I received an email thru my cell phone yesterday that it had the same random hyperlinks.
  16. I always use Firefox for my browser. All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-3411889455-3121361928-2542730128-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully. File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully. File Protocol\Handler\msdaipp - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found. File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found. File Protocol\Handler\msdaipp\oledb - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. File Protocol\Handler\ms-help - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully. File Protocol\Handler\ms-itss - No CLSID value found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully. File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Guest ->Java cache emptied: 12087924 bytes User: Public User: Suzy ->Java cache emptied: 2372970 bytes Total Java Files Cleaned = 14.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56504 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Guest ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 27832073 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 46141026 bytes ->Google Chrome cache emptied: 11064358 bytes ->Flash cache emptied: 6653 bytes User: Public ->Temp folder emptied: 0 bytes User: Suzy ->Temp folder emptied: 1265224 bytes ->Temporary Internet Files folder emptied: 829501839 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 69688274 bytes ->Google Chrome cache emptied: 52264057 bytes ->Apple Safari cache emptied: 31885312 bytes ->Flash cache emptied: 1350761 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1238 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1,021.00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Guest ->Flash cache emptied: 0 bytes User: Public User: Suzy ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 03182013_150945 Files\Folders moved on Reboot... C:\Users\Suzy\AppData\Local\Temp\IntResource.dll moved successfully. File\Folder C:\Users\Suzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{0BAE9B1D-868D-4917-AA84-266488388929}.tmp not found! C:\Users\Suzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{227DA21B-B60E-4CF1-BFB8-F7C40D4C760B}.tmp moved successfully. C:\Users\Suzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{6E96CC1F-4563-4010-A41A-2660C2B3D06A}.tmp moved successfully. File\Folder C:\Users\Suzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{986928DA-520B-4D66-A00B-9D1627839198}.tmp not found! File\Folder C:\Users\Suzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{A7AC3078-C9E4-41DF-B2DF-D0419260FF74}.tmp not found! C:\Users\Suzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{CD9F6519-A591-4216-A077-25CDB93B88E2}.tmp moved successfully. File\Folder C:\Users\Suzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\AD9CC3C7.png not found! PendingFileRenameOperations files... Registry entries deleted on Reboot...
  17. Hi Mr. Charlie, Sorry, I was out of town for a couple days but reporting back. I will do as you say later this afternoon as I'm out and about today. I did want to report something I just noticed that is really odd. I received an email today and read it on my phone. I noticed the message had random underlined words and I wasn't even looking at it on the computer but the phone.
  18. Thanks for your help Mr. Charlie. I still see hyperlinks in text online. ....unfortunately. What do you think could be causing this?
  19. # AdwCleaner v2.114 - Logfile created 03/14/2013 at 15:11:03 # Updated 05/03/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (64 bits) # User : Suzy - SUZY-PC # Boot Mode : Normal # Running from : C:\Users\Suzy\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files (x86)\vShare.tv plugin Deleted on reboot : C:\ProgramData\Tarma Installer Deleted on reboot : C:\ProgramData\Trymedia Deleted on reboot : C:\Users\Suzy\AppData\Local\APN Deleted on reboot : C:\Users\Suzy\AppData\Local\OpenCandy Deleted on reboot : C:\Users\Suzy\AppData\Roaming\Mozilla\Firefox\Profiles\yhfvgxap.default\extensions\crossriderapp4493@crossrider.com Deleted on reboot : C:\Users\Suzy\AppData\Roaming\OpenCandy File Deleted : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll File Deleted : C:\Users\Suzy\AppData\Roaming\Mozilla\Firefox\Profiles\yhfvgxap.default\searchplugins\Askcom.xml File Deleted : C:\Users\Suzy\AppData\Roaming\Mozilla\Firefox\Profiles\yhfvgxap.default\searchplugins\Startsear.xml ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\StartSearch Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16470 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.ask.com/?l=dis&o=102874&gct=hp --> hxxp://www.google.com -\\ Mozilla Firefox v19.0.2 (en-US) File : C:\Users\Suzy\AppData\Roaming\Mozilla\Firefox\Profiles\yhfvgxap.default\prefs.js C:\Users\Suzy\AppData\Roaming\Mozilla\Firefox\Profiles\yhfvgxap.default\user.js ... Deleted ! Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Deleted : user_pref("browser.search.defaultenginename", "Ask.com"); Deleted : user_pref("browser.search.order.1", "Ask.com"); Deleted : user_pref("extensions.crossriderapp4493.4493.InstallationTime", 1350868393); Deleted : user_pref("extensions.crossriderapp4493.4493.active", true); Deleted : user_pref("extensions.crossriderapp4493.4493.addressbar", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.addressbarenhanced", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.backgroundjs", "\n\n//\n"); Deleted : user_pref("extensions.crossriderapp4493.4493.backgroundver", 37); Deleted : user_pref("extensions.crossriderapp4493.4493.can_run_bg_code", true); Deleted : user_pref("extensions.crossriderapp4493.4493.certdomaininstaller", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.changeprevious", false); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie.InstallationTime.value", "1350868393"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_aoi.value", "1350868393"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_arbitrary_code.expiration", "Thu Mar 14 201[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_arbitrary_code.value", "%22%28function%28%2[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_blocklist.expiration", "Thu Mar 14 2013 14:[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_cf_bu1.expiration", "Fri Feb 01 2030 00:00:[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_cf_bu1.value", "1361237214"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_country_code.expiration", "Wed Mar 20 2013 [...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_country_code.value", "%22US%22"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_crr.value", "1363284010"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_currenttime.value", "%221362693963%22"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_hotfix20111102645.value", "%221%22"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_installer_params.value", "%7B%22source_id%2[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_parent_zoneid.value", "%2214019%22"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_pc_20120828.value", "1350868451991"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_product_id.value", "%221175%22"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie._GPL_zoneid.value", "%2296311%22"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie.dbtest.value", "1350868444917"); Deleted : user_pref("extensions.crossriderapp4493.4493.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:[...] Deleted : user_pref("extensions.crossriderapp4493.4493.cookie.lastrequest.value", "%7B%22path%22%3A%22/MyAccou[...] Deleted : user_pref("extensions.crossriderapp4493.4493.description", "Coupon Companion"); Deleted : user_pref("extensions.crossriderapp4493.4493.domain", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.enablesearch", false); Deleted : user_pref("extensions.crossriderapp4493.4493.fbremoteurl", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.group", 0); Deleted : user_pref("extensions.crossriderapp4493.4493.homepage", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.iframe", false); Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...] Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_appVer.value", "83"); Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_lastVersion.expiration", "Fri Feb [...] Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_lastVersion.value", "0"); Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...] Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_meta.value", "%7B%7D"); Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_nextCheck.expiration", "Thu Mar 14[...] Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_nextCheck.value", "true"); Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...] Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_queue.value", "%7B%7D"); Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_remote_resources.expiration", "Fri[...] Deleted : user_pref("extensions.crossriderapp4493.4493.internaldb.Resources_remote_resources.value", "%7B%22re[...] Deleted : user_pref("extensions.crossriderapp4493.4493.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...] Deleted : user_pref("extensions.crossriderapp4493.4493.manifesturl", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.name", "Coupon Companion"); Deleted : user_pref("extensions.crossriderapp4493.4493.newtab", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.opensearch", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1.name", "base"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1.ver", 4); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1000014.name", "GPL Plugin (Loader)"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1000014.ver", 15); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1000015.code", "var a=appAPI.db.getList([...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1000015.name", "GPL Background (BG)"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_1000015.ver", 34); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_13.code", "(function(a){a.selectedText=f[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_13.name", "CrossriderAppUtils"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_13.ver", 2); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_14.name", "CrossriderUtils"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_14.ver", 2); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_16.code", "if((typeof isBackground===\"u[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_16.name", "FFAppAPIWrapper"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_16.ver", 5); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_17.code", "if(typeof window!==\"undefine[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_17.name", "jQuery"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_17.ver", 3); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_21.name", "debug"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_21.ver", 3); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_22.name", "resources"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_22.ver", 2); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_28.code", "var CrossriderInitializerPlug[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_28.name", "initializer"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_28.ver", 2); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_4.name", "jquery_1_7_1"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_4.ver", 3); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_47.code", "(function(){appAPI.ready=func[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_47.name", "resources_background"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_47.ver", 1); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_64.name", "appApiMessage"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_64.ver", 1); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_72.name", "appApiValidation"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_72.ver", 1); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_78.code", "if(typeof jQuery!==\"undefine[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_78.name", "CrossriderInfo"); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins.plugin_78.ver", 2); Deleted : user_pref("extensions.crossriderapp4493.4493.plugins_lists.plugins_0", "4,14,78,16,64,47,72,1000015"[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,[...] Deleted : user_pref("extensions.crossriderapp4493.4493.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72"); Deleted : user_pref("extensions.crossriderapp4493.4493.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...] Deleted : user_pref("extensions.crossriderapp4493.4493.pluginsversion", 59); Deleted : user_pref("extensions.crossriderapp4493.4493.publisher", "215 Apps"); Deleted : user_pref("extensions.crossriderapp4493.4493.searchstatus", 0); Deleted : user_pref("extensions.crossriderapp4493.4493.setnewtab", false); Deleted : user_pref("extensions.crossriderapp4493.4493.settingsurl", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.thankyou", ""); Deleted : user_pref("extensions.crossriderapp4493.4493.updateinterval", 360); Deleted : user_pref("extensions.crossriderapp4493.4493.ver", 83); Deleted : user_pref("extensions.crossriderapp4493.apps", "4493"); Deleted : user_pref("extensions.crossriderapp4493.bic", "13a85fa44100e16d5e23edb516660450"); Deleted : user_pref("extensions.crossriderapp4493.cid", 4493); Deleted : user_pref("extensions.crossriderapp4493.firstrun", false); Deleted : user_pref("extensions.crossriderapp4493.hadappinstalled", true); Deleted : user_pref("extensions.crossriderapp4493.installationdate", 1350868393); Deleted : user_pref("extensions.crossriderapp4493.lastcheck", 22721354); Deleted : user_pref("extensions.crossriderapp4493.lastcheckitem", 22721402); Deleted : user_pref("extensions.crossriderapp4493.modetype", "production"); Deleted : user_pref("extensions.crossriderapp4493.reportInstall", true); Deleted : user_pref("extensions.crossriderapp4493.statsDailyCounter", 16); Deleted : user_pref("extensions.enabledAddons", "support%40mask-myip.com:1.0,%7BCAFEEFAC-0016-0000-0033-ABCDEF[...] Deleted : user_pref("keyword.URL", "hxxp://startsear.ch/?aff=1&q="); -\\ Google Chrome v25.0.1364.152 File : C:\Users\Suzy\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.32] : icon_url = "hxxp://www.ask.com/favicon.ico", Deleted [l.35] : keyword = "ask.com", Deleted [l.38] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=HIP&o=102874&locale=en_US[...] Deleted [l.39] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...] ************************* AdwCleaner[R1].txt - [18522 octets] - [14/03/2013 14:46:30] AdwCleaner[s1].txt - [18250 octets] - [14/03/2013 15:11:03] ########## EOF - C:\AdwCleaner[s1].txt - [18311 octets] ########## Results of screen317's Security Check version 0.99.61 Windows Vista Service Pack 2 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG AntiVirus Free Edition 2013 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.70.0.1100 AVG PC Tuneup 2011 Adobe Flash Player 11.6.602.180 Mozilla Firefox (19.0.2) Google Chrome 25.0.1364.152 Google Chrome 25.0.1364.97 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0 % ````````````````````End of Log``````````````````````
  20. Ok, I think I was able to get the log this time. combofix log.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.