Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware/Malware solutions didn't work


  • Please log in to reply
4 replies to this topic

#1 tiapoo

tiapoo

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:21 AM

Posted 28 April 2014 - 06:34 PM

Hi, my name is Tiapoo & I am having a lot of trouble getting rid of popup webpages and popup ad video clips.  I contacted Microsoft for remote assistance.  I have a PC, windows 7 system.  I was told I had malware, adware, etc.  Microsoft remotely removed whatever they removed and the popups seemed to stop popping up. 

 

But, within a couple of hours, it started up again.  Not only did the representative knock out my printer from my system as well as my adobe acrobat 9 standard program. When I found my CD from my installation package to reinstall adobe, I found out that my dvd drive wasn't showing on my computer.

 

A few months ago, I experienced this same adware problem so I went to a technical site (not Microsoft) that instructed me to use adware & malware removal sites.  I did all 4 sites that were given to me in the specific order they had requested. I even sent those logs they requested I send to them.  I also contacted my antivirus support (Kaspersky Pure 3.0) & they had be do some similar things.  I don't recall how it got resolved now but it all looked as if it was fixed at that time.  But, the same problem is back.

 

Microsoft is going to get back with me to reinstall my windows 7 again but I'm not eager to do that unless it's the only way to get rid of the adwre & malware as well as to get my DVD drive & printer functioning again. 

 

So, one thing at a time.  Can someone help with regards to this adware/malware problem?

 

Appreciate the help,

Tiapoo



BC AdBot (Login to Remove)

 


m

#2 Allen

Allen

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:09:21 AM

Posted 28 April 2014 - 06:37 PM

Ello mate, my name is Allen and I'll be helping you today

 

So first off lets start by running adwcleaner which can be found here

 

What adwcleaner will do is scan your system for adware and remove it for you.

 

 

After that I recommend running malwarebytes antimalware to see if there is anything left you can get that here

 

Make sure you update the database on malwarebytes and run a full scan.

 

Once that's done post the logs in a reply to see what we're dealing with.


Edited by Allen, 28 April 2014 - 07:08 PM.

Hey everyone I'm Allen I am a young web developer/designer/programmer I also help people with computer issues including hardware problems, malware/viruses infections and software conflicts. I am a kind and easy to get along with person so if you need help feel free to ask.

#3 tiapoo

tiapoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:21 AM

Posted 29 April 2014 - 12:53 AM

Hi Allen, ok, I did the adwcleaner & the malwarebytes process.  I hope I did both correctly.  Adwcleaner showed a list of things that came up under "files", "folders" & "firefox".  These were all checked & I didn't know whether or not to keep them so I had it cleaned & then did the report. 

 

For Malwarebytes, they wanted me to disable my firewalls, which I did both windows & my Kaspersky walls) & my antivirus (Kaspersky, which I did).  Then I ran malwarebytes.  I did what it said & it did it's thing.  As I said, I hope I did it right.

 

However, I re-enabled my windows firewall & my Kaspersky firewall & the Kaspersky antivirus.    I think MalwareBytes is also running & I believe Kaspersky had me remove it before because they said it wasn't compatible.  I have not uninstalled MalwareBytes yet - is it ok to keep both?

 

Thanks,

Tiapoo

 

HERE'S THE ADWCLEANER LOG (IT'S A LOT!):

 

# AdwCleaner v3.002 - Report created 03/09/2013 at 09:45:59

# Updated 01/09/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : RICKANDLUPE - MONSTER-PC

# Running from : C:\Users\RICKANDLUPE\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

Service Deleted : DefaultTabUpdate

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\DnsBasic

Folder Deleted : C:\ProgramData\Trymedia

Folder Deleted : C:\ProgramData\Viewpoint

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\DefaultTab

Folder Deleted : C:\Program Files (x86)\DnsBasic

Folder Deleted : C:\Program Files (x86)\FunWebProducts

Folder Deleted : C:\Program Files (x86)\MyWebSearch

Folder Deleted : C:\Program Files (x86)\optimizer pro

Folder Deleted : C:\Program Files (x86)\Viewpoint

Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility

Folder Deleted : C:\Program Files\DomaIQ Uninstaller

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Local\Conduit

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Local\cre

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Local\Supreme Savings

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Local\SwvUpdater

Folder Deleted : C:\Users\RICKAN~1\AppData\Local\Temp\AskSearch

Folder Deleted : C:\Users\RICKANDLUPE\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\RICKANDLUPE\AppData\LocalLow\FunWebProducts

Folder Deleted : C:\Users\RICKANDLUPE\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\DefaultTab

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\SweetIMToolbarData

File Deleted : C:\END

File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg

File Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\searchplugins\whitesmoke-new-customized-web-search.xml

File Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\user.js

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Cr_Installer

Key Deleted : HKCU\Software\Default Tab

Key Deleted : HKCU\Software\DefaultTab

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab

Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products

Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts

Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Default Tab

Key Deleted : HKLM\Software\DefaultTab

Key Deleted : HKLM\Software\DnsBasic

Key Deleted : HKLM\Software\FocusInteractive

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\Software\Fun Web Products

Key Deleted : HKLM\Software\MetaStream

Key Deleted : HKLM\Software\MyWebSearch

Key Deleted : HKLM\Software\Supreme Savings

Key Deleted : HKLM\Software\Viewpoint

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DnsBasic

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16660

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

 

-\\ Mozilla Firefox v7.0 (en-US)

 

[ File : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\prefs.js ]

 

Line Deleted : user_pref("CT3289847_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1366349671119,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");

Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN42692911332776870&UM=2&UP=SP1F30CA98-6A08-41C7-883B-F4061BBF954B");

Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke New Customized Web Search");

Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN42692911332776870&UM=2&q=");

Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.sweetim.com/search.asp?src=2&q=");

Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3289847");

Line Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");

Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=TB50CL-ff&s_qt=sb&tb_uuid=20110720185446836&tb_oid=16-05-2013&tb_mrud=16-05-2013");

Line Deleted : user_pref("extensions.crossrider.bic", "13e1fa6cd56254f4a27f9390158e1685");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationThankYouPage", true);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationTime", 1366330548);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationUserSettings.searchUserConifrmation", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationUserSettings.setHomepage", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationUserSettings.setNewTab", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationUserSettings.setSearch", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.active", true);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.addressbar", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.addressbarenhanced", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.backgroundjs", "\n\n//\n");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.backgroundver", 34);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.can_run_bg_code", true);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.certdomaininstaller", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.changeprevious", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.InstallationTime.value", "1366330548");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_aoi.value", "1366330548");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_arbitrary_code.expiration", "Thu Apr 18 2013 22:31:41 GMT-0700 (Pacific Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_arbitrary_code.value", "%22%21appAPI.db.get%28%5C%22_GPL_ib_disclosure%5C%22%29%26%26%28%21appAPI.db.get%28%5C%22_GPL_ib_disclosure_tmp%5C%22[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_blocklist.expiration", "Thu Apr 18 2013 22:31:41 GMT-0700 (Pacific Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_country_code.expiration", "Thu Apr 25 2013 17:17:59 GMT-0700 (Pacific Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_country_code.value", "%22US%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_crr.value", "1366349179");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_currenttime.value", "%221366222574%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_hotfix20111102645.value", "%221%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%22141539%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%22141539%26subid%3D%26pid%3D1488%2[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_installtime.value", "%221366222539%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_parent_zoneid.value", "%22141539%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_pc_20120828.value", "1366334845184");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_product_id.value", "%221488%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_zoneid.value", "%22173820%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.dbtest.value", "1366330679021");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.description", "Supreme Savings");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.domain", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.enablesearch", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.homepage", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.iframe", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22F7FC1A0E76D24575978309D33E1C5F93IE%22%2C%22installer_verifier%22%3A%22884f43a724cafe[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_appVer.value", "47");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_lastVersion.value", "1");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_meta.value", "%7B%7D");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_nextCheck.expiration", "Thu Apr 18 2013 23:17:10 GMT-0700 (Pacific Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_nextCheck.value", "true");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_queue.value", "%7B%7D");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.SoftwareDetected.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%22%3Afalse%2C%22Wireshark%22%3Afalse%2C%22VirtualBox%22%3Afalse%2C%22VMWare%22%3Afalse%2C%22Inside[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1340,baseCDN:\"dealvaut-a.akamaihd.net[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.manifesturl", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.name", "Supreme Savings");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.newtab", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.opensearch", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.ex[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1.name", "base");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1.ver", 4);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(B){if(void 0===this||null===this)throw new TypeError;var c=Obje[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000014.name", "GPL Plugin (Loader)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000014.ver", 15);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(f){console.log(f)},factor[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000015.name", "GPL Background (BG)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000015.ver", 35);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection()}else{if(document.ge[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_13.name", "CrossriderAppUtils");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_13.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigat[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_14.name", "CrossriderUtils");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_14.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&ty[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_16.name", "FFAppAPIWrapper");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_16.ver", 5);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, Joh[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_17.name", "jQuery");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_17.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_21.name", "debug");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_21.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(B){this.queue.push(B);}};appAPI.ready=function(c,B){a.when.apply(n[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_22.name", "resources");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_22.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.exte[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_28.name", "initializer");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_28.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery [...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_4.name", "jquery_1_7_1");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_4.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_47.name", "resources_background");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_47.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_64.name", "appApiMessage");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_64.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=function(s,r,t){var q=\"[[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_72.name", "appApiValidation");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_72.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent!==\"undefined\"){(func[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_78.name", "CrossriderInfo");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_78.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===true){unsafeWindow.appAPI=[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_98.name", "omniCommands");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_98.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/19962/plugins/091/ff/plugins.json");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.pluginsversion", 43);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.publisher", "215 Apps");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.searchstatus", 0);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.setnewtab", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.thankyou", "hxxp://crossrider.com/thank_you/19962");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.updateinterval", 360);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.ver", 47);

Line Deleted : user_pref("extensions.crossriderapp19962.adsOldValue", -1);

Line Deleted : user_pref("extensions.crossriderapp19962.apps", "19962");

Line Deleted : user_pref("extensions.crossriderapp19962.bic", "13e1fa6cd56254f4a27f9390158e1685");

Line Deleted : user_pref("extensions.crossriderapp19962.cid", 19962);

Line Deleted : user_pref("extensions.crossriderapp19962.firstrun", false);

Line Deleted : user_pref("extensions.crossriderapp19962.hadappinstalled", true);

Line Deleted : user_pref("extensions.crossriderapp19962.installationdate", 1366330625);

Line Deleted : user_pref("extensions.crossriderapp19962.lastcheck", 22772177);

Line Deleted : user_pref("extensions.crossriderapp19962.lastcheckitem", 22772487);

Line Deleted : user_pref("extensions.crossriderapp19962.modetype", "production");

Line Deleted : user_pref("extensions.crossriderapp19962.reportInstall", true);

Line Deleted : user_pref("extensions.crossriderapp19962.statsDailyCounter", 1);

Line Deleted : user_pref("extentions.y2layers.installId", "c96f080a-072c-44e6-9a3c-a83dfaf477d4");

Line Deleted : user_pref("plugin.blocklisted.npviewpoint", true);

Line Deleted : user_pref("smartbar.machineId", "1SGYB4S/KB1M8+2KCUTF6TX+8NFQCDTTD9L5RX8W1ZFI2WQYXOO7CAK5WKX0IB/HRMKIS2NBXB/+S4UJL+BLXW");

Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");

Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");

Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.com/ig");

Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");

Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]

Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");

Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{98E8D666-F146-4608-983F-EB82F2AB45C4}");

Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");

Line Deleted : user_pref("sweetim.toolbar.version", "1.1.0.2");

 

-\\ Google Chrome v

 

[ File : C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted : icon_url

Deleted : urls_to_restore_on_startup

 

*************************

 

AdwCleaner[R0].txt - [32529 octets] - [03/09/2013 09:44:57]

AdwCleaner[S0].txt - [31672 octets] - [03/09/2013 09:45:59]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [31733 octets] ##########

# AdwCleaner v3.205 - Report created 28/04/2014 at 16:55:54

# Updated 28/04/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : RICKANDLUPE - MONSTER-PC

# Running from : C:\Users\RICKANDLUPE\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\AI_RecycleBin

Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar

Folder Deleted : C:\Program Files (x86)\BrowserSafeguard

Folder Deleted : C:\Program Files (x86)\DnsBasic

Folder Deleted : C:\Program Files (x86)\Shop To Win

Folder Deleted : C:\Program Files (x86)\Viewpoint

Folder Deleted : C:\Program Files (x86)\w3i

Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility

Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin

Folder Deleted : C:\Program Files\DomaIQ Uninstaller

Folder Deleted : C:\Users\RICKAN~1\AppData\Local\Temp\AI_RecycleBin

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Local\SwvUpdater

Folder Deleted : C:\Users\RICKANDLUPE\AppData\LocalLow\FunWebProducts

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\strongvault

Folder Deleted : C:\Users\RICKANDLUPE\Documents\ShopToWin

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\CT3314312

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\Extensions\{93ec97bf-fe43-4bca-a735-5c5d6a0a40c4}

Folder Deleted : C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibleipkbineaadpnemmalkahodjhdbd

File Deleted : C:\END

File Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\searchplugins\Conduit.xml

File Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\searchplugins\conduit-search.xml

File Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\searchplugins\MyStart Search.xml

File Deleted : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\user.js

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [browsersafeguard]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF6-072E-44CF-8957-5838F569A31D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : HKCU\Software\Cr_Installer

Key Deleted : HKCU\Software\ShopToWin

Key Deleted : HKCU\Software\WEDLMNGR

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products

Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts

Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKLM\Software\DnsBasic

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\Software\MetaStream

Key Deleted : HKLM\Software\Supreme Savings

Key Deleted : HKLM\Software\Trymedia Systems

Key Deleted : HKLM\Software\Viewpoint

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DnsBasic

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16521

 

 

-\\ Mozilla Firefox v28.0 (en-US)

 

[ File : C:\Users\RICKANDLUPE\AppData\Roaming\Mozilla\Firefox\Profiles\i8hgc365.default\prefs.js ]

 

Line Deleted : user_pref("CT3289847_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1366349671119,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");

Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN42692911332776870&UM=2&UP=SP1F30CA98-6A08-41C7-883B-F4061BBF954B");

Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke New Customized Web Search");

Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN42692911332776870&UM=2&q=");

Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.sweetim.com/search.asp?src=2&q=");

Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3289847");

Line Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");

Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=TB50CL-ff&s_qt=sb&tb_uuid=20110720185446836&tb_oid=16-05-2013&tb_mrud=16-05-2013");

Line Deleted : user_pref("extensions.crossrider.bic", "13e1fa6cd56254f4a27f9390158e1685");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationThankYouPage", true);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationTime", 1366330548);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationUserSettings.searchUserConifrmation", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationUserSettings.setHomepage", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationUserSettings.setNewTab", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationUserSettings.setSearch", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.active", true);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.addressbar", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.addressbarenhanced", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.backgroundjs", "\n\n//\n");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.backgroundver", 34);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.can_run_bg_code", true);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.certdomaininstaller", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.changeprevious", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.InstallationTime.value", "1366330548");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_aoi.value", "1366330548");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_arbitrary_code.expiration", "Thu Apr 18 2013 22:31:41 GMT-0700 (Pacific Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_arbitrary_code.value", "%22%21appAPI.db.get%28%5C%22_GPL_ib_disclosure%5C%22%29%26%26%28%21appAPI.db.get%28%5C%22_GPL_ib_disclosure_tmp%5C%22[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_blocklist.expiration", "Thu Apr 18 2013 22:31:41 GMT-0700 (Pacific Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_country_code.expiration", "Thu Apr 25 2013 17:17:59 GMT-0700 (Pacific Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_country_code.value", "%22US%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_crr.value", "1366349179");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_currenttime.value", "%221366222574%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_hotfix20111102645.value", "%221%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%22141539%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%22141539%26subid%3D%26pid%3D1488%2[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_installtime.value", "%221366222539%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_parent_zoneid.value", "%22141539%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_pc_20120828.value", "1366334845184");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_product_id.value", "%221488%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie._GPL_zoneid.value", "%22173820%22");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.dbtest.value", "1366330679021");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.description", "Supreme Savings");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.domain", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.enablesearch", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.homepage", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.iframe", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22F7FC1A0E76D24575978309D33E1C5F93IE%22%2C%22installer_verifier%22%3A%22884f43a724cafe[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_appVer.value", "47");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_lastVersion.value", "1");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_meta.value", "%7B%7D");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_nextCheck.expiration", "Thu Apr 18 2013 23:17:10 GMT-0700 (Pacific Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_nextCheck.value", "true");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.Resources_queue.value", "%7B%7D");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.SoftwareDetected.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%22%3Afalse%2C%22Wireshark%22%3Afalse%2C%22VirtualBox%22%3Afalse%2C%22VMWare%22%3Afalse%2C%22Inside[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1340,baseCDN:\"dealvaut-a.akamaihd.net[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.manifesturl", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.name", "Supreme Savings");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.newtab", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.opensearch", "");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.ex[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1.name", "base");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1.ver", 4);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(B){if(void 0===this||null===this)throw new TypeError;var c=Obje[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000014.name", "GPL Plugin (Loader)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000014.ver", 15);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(f){console.log(f)},factor[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000015.name", "GPL Background (BG)");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_1000015.ver", 35);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection()}else{if(document.ge[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_13.name", "CrossriderAppUtils");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_13.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigat[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_14.name", "CrossriderUtils");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_14.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&ty[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_16.name", "FFAppAPIWrapper");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_16.ver", 5);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, Joh[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_17.name", "jQuery");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_17.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_21.name", "debug");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_21.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(B){this.queue.push(B);}};appAPI.ready=function(c,B){a.when.apply(n[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_22.name", "resources");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_22.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.exte[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_28.name", "initializer");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_28.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery [...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_4.name", "jquery_1_7_1");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_4.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_47.name", "resources_background");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_47.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_64.name", "appApiMessage");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_64.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=function(s,r,t){var q=\"[[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_72.name", "appApiValidation");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_72.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent!==\"undefined\"){(func[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_78.name", "CrossriderInfo");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_78.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===true){unsafeWindow.appAPI=[...]

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_98.name", "omniCommands");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins.plugin_98.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/19962/plugins/091/ff/plugins.json");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.pluginsversion", 43);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.publisher", "215 Apps");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.searchstatus", 0);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.setnewtab", false);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.thankyou", "hxxp://crossrider.com/thank_you/19962");

Line Deleted : user_pref("extensions.crossriderapp19962.19962.updateinterval", 360);

Line Deleted : user_pref("extensions.crossriderapp19962.19962.ver", 47);

Line Deleted : user_pref("extensions.crossriderapp19962.adsOldValue", -1);

Line Deleted : user_pref("extensions.crossriderapp19962.apps", "19962");

Line Deleted : user_pref("extensions.crossriderapp19962.bic", "13e1fa6cd56254f4a27f9390158e1685");

Line Deleted : user_pref("extensions.crossriderapp19962.cid", 19962);

Line Deleted : user_pref("extensions.crossriderapp19962.firstrun", false);

Line Deleted : user_pref("extensions.crossriderapp19962.hadappinstalled", true);

Line Deleted : user_pref("extensions.crossriderapp19962.installationdate", 1366330625);

Line Deleted : user_pref("extensions.crossriderapp19962.lastcheck", 22772177);

Line Deleted : user_pref("extensions.crossriderapp19962.lastcheckitem", 22772487);

Line Deleted : user_pref("extensions.crossriderapp19962.modetype", "production");

Line Deleted : user_pref("extensions.crossriderapp19962.reportInstall", true);

Line Deleted : user_pref("extensions.crossriderapp19962.statsDailyCounter", 1);

Line Deleted : user_pref("extentions.y2layers.installId", "c96f080a-072c-44e6-9a3c-a83dfaf477d4");

Line Deleted : user_pref("plugin.blocklisted.npviewpoint", true);

Line Deleted : user_pref("smartbar.machineId", "1SGYB4S/KB1M8+2KCUTF6TX+8NFQCDTTD9L5RX8W1ZFI2WQYXOO7CAK5WKX0IB/HRMKIS2NBXB/+S4UJL+BLXW");

Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");

Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");

Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.com/ig");

Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");

Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]

Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");

Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{98E8D666-F146-4608-983F-EB82F2AB45C4}");

Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");

Line Deleted : user_pref("sweetim.toolbar.version", "1.1.0.2");

 

-\\ Google Chrome v

 

[ File : C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted [Extension] : eibleipkbineaadpnemmalkahodjhdbd

 

*************************

 

AdwCleaner[R0].txt - [60841 octets] - [03/09/2013 09:44:57]

AdwCleaner[S0].txt - [59961 octets] - [03/09/2013 09:45:59]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [60022 octets] ##########

 

 

HERE'S THE MALWARE LOG:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 4/28/2014

Scan Time: 5:23:56 PM

Logfile: Malware Bytes Log 042814.txt

Administrator: Yes

 

Version: 2.00.1.1004

Malware Database: v2014.04.28.10

Rootkit Database: v2014.03.27.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Chameleon: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: RICKANDLUPE

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 330550

Time Elapsed: 12 min, 3 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Shuriken: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 14

PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5530C971-3D8F-471B-AC49-4CC23FA955E2}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EE0C9EF1-B2AD-407B-9707-0124CC9BF85E}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE0C9EF1-B2AD-407B-9707-0124CC9BF85E}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5530C971-3D8F-471B-AC49-4CC23FA955E2}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-3822728957-1314037602-2358254389-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-3822728957-1314037602-2358254389-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.weDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, , [7842b17ed0ab280e32eb3843e220ce32],

PUP.Optional.CrossRider.A, HKU\S-1-5-21-3822728957-1314037602-2358254389-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [1d9dfe3185f624126cfb535f3cc727d9],

PUP.Optional.PriceGong.A, HKU\S-1-5-21-3822728957-1314037602-2358254389-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [7f3b220da5d62016836c96eb0ff3a060],

PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-3822728957-1314037602-2358254389-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{856AD396-519D-4C7A-BED6-6785F64924BC}, , [6753c6699eddf1456537491c6f934fb1],

 

Registry Values: 3

PUP.Optional.MindSpark.A, HKU\S-1-5-21-3822728957-1314037602-2358254389-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{00A6FAF6-072E-44cf-8957-5838F569A31D}, , [962465ca5c1f2c0afb8ad97bf2103cc4],

PUP.Optional.MindSpark.A, HKU\S-1-5-21-3822728957-1314037602-2358254389-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00A6FAF6-072E-44CF-8957-5838F569A31D}, , [962465ca5c1f2c0afb8ad97bf2103cc4],

PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-3822728957-1314037602-2358254389-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{B21F5E31-B8E8-41CD-B74C-168A71A10E49}, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\gahff.xpi, , [704a220da1da91a5280180319a69bd43]

 

Registry Data: 0

(No malicious items detected)

 

Folders: 4

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh, , [cded8ea1ea91e6500c9c81e561a18d73],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0, , [cded8ea1ea91e6500c9c81e561a18d73],

PUP.Optional.WhiteSmoke.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi, , [7545012e5e1d9f971257d59469995ca4],

 

Files: 34

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll, , [d1e9dd52b0cb70c60b8e57c7d32fc23e],

PUP.Optional.BundleInstaller.A, C:\Users\RICKANDLUPE\Desktop\google earth setup.exe, , [803a9d92f9823afcc02884b0b84947b9],

PUP.Optional.BetterBrowse.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RNWUZ1Q.exe, , [9723b77877044ee88bccf117788cea16],

PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RYEEA7E.exe, , [7644a08f0378ab8b7b7061b7e021b14f],

PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RA0XH60.exe, , [b604ac83df9c320438887ea74bb6c43c],

PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$R2A48KR.exe, , [1d9d7db222595cda734d3ce93dc449b7],

PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$R3DFBRY.exe, , [586282adcead37ffad13e63ffd04857b],

PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RJCK5VT.exe, , [13a7ec43681350e688385fc60bf6f60a],

PUP.Optional.InstallIQ.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RF31I9Y.exe, , [d4e608277308053116884bc7f30e16ea],

PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RU1TNP4.exe, , [e6d476b9b7c456e0833de2433bc66d93],

PUP.Optional.SweetIM, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RC2TEXG.7z, , [4b6ff53ade9d66d03440470f8f75a15f],

PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RDDGF6N.exe, , [48728ba4611aee486957dc49c53c17e9],

PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RURMNYJ.exe, , [f1c956d9255690a6ecd462c314edb749],

PUP.Optional.BundleInstaller.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RXYUVKG.part, , [9f1b7fb015664bebd61235ff6d94ad53],

PUP.Optional.GreatArcadeHits.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RHUTVJT.exe, , [6f4b76b9730855e11c696c55db286898],

PUP.Optional.InstallIQ.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RF5FQ9V\jenkatarcade.exe, , [58625fd097e481b5277722f06b963dc3],

PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RFTC3ZE\SpSetup.exe, , [c1f93cf3bebde353208fc456fb066c94],

PUP.Optional.InstallIQ.A, C:\$Recycle.Bin\S-1-5-21-3822728957-1314037602-2358254389-1001\$RXVAA10\jenkatarcade.exe, , [efcb072896e51224b6e8ec26629f6b95],

PUP.Optional.InstallIQ.A, C:\Users\RICKANDLUPE\Documents\jenkatarcade.exe, , [6d4dd25de9920036742ad141639e17e9],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\application.ico, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\cookies.js, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\gahff.xpi, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\GAHUninstaller.exe, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\GAHUpdate.exe, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\premium.pem, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\GreatArcadeHits\static.js, , [6753c6699eddf1456537491c6f934fb1],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\background.js, , [cded8ea1ea91e6500c9c81e561a18d73],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\cookies.js, , [cded8ea1ea91e6500c9c81e561a18d73],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\icon.png, , [cded8ea1ea91e6500c9c81e561a18d73],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\Manifest.json, , [cded8ea1ea91e6500c9c81e561a18d73],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\page.js, , [cded8ea1ea91e6500c9c81e561a18d73],

PUP.Optional.GreatArcadeHits.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\static.js, , [cded8ea1ea91e6500c9c81e561a18d73],

PUP.Optional.Conduit.A, C:\Users\RICKANDLUPE\AppData\Local\Google\Chrome\User Data\Default\preferences, Good: (), Bad: (          "search_url": "http://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP3ED8CB30-A4F6-4DBE-9467-A875712D5C78&q={searchTerms}&SSPV="), ,[2c8e77b80279e6504576d48ba06458a8]

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

 

 



#4 Allen

Allen

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:09:21 AM

Posted 29 April 2014 - 05:12 AM

I recommend using Kaspersky's firewall
Hey everyone I'm Allen I am a young web developer/designer/programmer I also help people with computer issues including hardware problems, malware/viruses infections and software conflicts. I am a kind and easy to get along with person so if you need help feel free to ask.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:21 AM

Posted 29 April 2014 - 12:49 PM

With what was found here I also sagest you run these.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users