Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Proxy override...malware?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Proxy override...malware?

Unread postby wannabeageek » August 10th, 2015, 11:08 pm

Hi fayfox,

Rename the file from this:
C:\Windows\Minidump\081015-25162-01.dmp
to this:
C:\Windows\Minidump\081015-25162-01_dmp.txt

Then upload it.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California
Advertisement
Register to Remove

Re: Proxy override...malware?

Unread postby fayfox » August 10th, 2015, 11:33 pm

Whew! It was a simple fix, but it took me hours to figure it out!
Here it is, hope you can open it.
fayfox
You do not have the required permissions to view the files attached to this post.
fayfox
Regular Member
 
Posts: 88
Joined: July 19th, 2015, 3:16 pm

Re: Proxy override...malware?

Unread postby fayfox » August 13th, 2015, 10:05 pm

Hi wbg,
Computer still the same, freezes when I open media player, browser, sometimes when I wake it up. Twice when I was patiently closing apps down, I noticed an icon in the task bar. At first I thought it was adwcleaner, but when I opened it (adwcleaner) , the icon was different. It's a white bug, but instead of pointing to the left, it points straight up. I had closed down media player, firefox. The icon appears briefly before shut down, and I when I right clicked on the icon, nothing happened. Does this icon ring a bell? I managed a screen shot this last time. Both times I noticed it, I had a message about firefox crashing. I don't know if things like this are helpful, but one other thing I've noticed a couple times, is when I open a program after a reboot, usually firefox, a rectangular box with a black background very briefly appears, for about two seconds. Normal?
Txs.
fayfox
fayfox
Regular Member
 
Posts: 88
Joined: July 19th, 2015, 3:16 pm

Re: Proxy override...malware?

Unread postby fayfox » August 13th, 2015, 10:57 pm

wannabeageek,
forget earlier post, white bug is mozilla crash icon.
Question: is my problem solvable?
fayfox
fayfox
Regular Member
 
Posts: 88
Joined: July 19th, 2015, 3:16 pm

Re: Proxy override...malware?

Unread postby wannabeageek » August 13th, 2015, 11:54 pm

I am sorry that I have not gotten back to you. The electrical window on my car broke in the down position and I had to fix it so I could lock it
You have several outdated drivers on your computer. The problem is fixable but I need more time to research a solution. I will get back to you tomorrow.
Thank you for your patience and please don't make any more changes for now.
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Proxy override...malware?

Unread postby wannabeageek » August 15th, 2015, 4:08 pm

Hi fayfox,

I would like you to run one more cleaning program.

ZOAK - Scanner
First please Disable any Antivirus you have active, as shown in This topic.
Note: Don't forget to re-enable it after the scan.

Next please download zoek.exe and save it or move it to your desktop.
  • Close any open browsers.
  • Right click on zoek.exe and select " Run as administrator " to run it.
  • Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
  • Click the More Options button below the large panel and check the box:
  • Make sure the "Scan All Users" button is also selected.
    • Auto Clean
  • Click on Run script button
  • Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  • Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

    Note: It will also create a log in the C:\ directory named "zoek-results.log"
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Proxy override...malware?

Unread postby fayfox » August 15th, 2015, 5:29 pm

Hi wannabeageek,
Sorry about your car window. An open window makes stealing your car sooo much easier, not to mention the summertime heat!
I ran into a problem with zoek. I disabled Vipre active protection/firewall. Downloaded zoek.exe. I think the problem started here. I had to enter Admin password three times before download completed. I then sent copy to desktop and Ran zoek as Admin. A few minutes into scan an error message popped up:
Script Error:An error has occurred in the script on this page. Line 68.Char 6.Error-Path not found.Code:0.URL:File//C:/UsersAdmin/AppData/Local/Temp/zoekrun.htp
Question asked do I want to continue. I clicked yes. Program finished,computer rebooted. I enabled Vipre too soon I think. zoek-results did not open. Vipre did give me a message that it had blocked zoek.exe. I could not find zoek-results in C:\directory. I looked under every folder under zoek. I tried to run zoek again, after disabling vipre, and got the message :Windows cannot access the specified path, or file. You may not have the appropriate permissions to access this item.
Should I uninstall and start again?
fayfox
fayfox
Regular Member
 
Posts: 88
Joined: July 19th, 2015, 3:16 pm

Re: Proxy override...malware?

Unread postby wannabeageek » August 15th, 2015, 7:58 pm

Which account did you run this from?
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Proxy override...malware?

Unread postby fayfox » August 15th, 2015, 8:18 pm

user account- fay
fayfox
Regular Member
 
Posts: 88
Joined: July 19th, 2015, 3:16 pm

Re: Proxy override...malware?

Unread postby wannabeageek » August 15th, 2015, 9:25 pm

fayfox,

That's not an admin account. For what it is worth, run it again from the admin account. This time be sure to disable Vipre so that it does not activate at reboot. When the machine does reboot and produce the requested log, be sure to activate Vipre.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Proxy override...malware?

Unread postby fayfox » August 15th, 2015, 9:49 pm

wannabeageek,
I've done everything from the user account. On the programs you've asked me to run, I right click and choose run as Admin, then enter Admin password when prompted. Should I stay in Admin for all our work?
I logged out of user and into admin. The zoek log was waiting for me :)
Here are the results: Let me know if you still want me to run again.
fayfox


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Admin on Sat 08/15/2015 at 16:31:17.82.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\fay\Downloads\zoek.exe [Scan all users] [Checkboxes used]

==== System Restore Info ======================

8/15/2015 4:33:02 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Avanquest deleted successfully
C:\Users\Admin\AppData\Roaming\GFI Software deleted successfully
C:\Users\Administrator\AppData\Roaming\VIPRE deleted successfully
C:\Users\Default\AppData\Roaming\VIPRE deleted successfully
C:\Users\fay\AppData\Roaming\GFI Software deleted successfully
C:\Users\fay\AppData\Roaming\Sunbelt deleted successfully
C:\Users\Admin\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Admin\AppData\Local\EmieSiteList deleted successfully
C:\Users\Admin\AppData\Local\EmieUserList deleted successfully
C:\Users\Admin\AppData\Local\ms-drivers deleted successfully
C:\Users\fay\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\fay\AppData\Local\EmieSiteList deleted successfully
C:\Users\fay\AppData\Local\EmieUserList deleted successfully
C:\Users\fay\AppData\Local\ms-drivers deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5pgaobxx.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20150815_0443_.backup

ProfilePath: C:\Users\fay\AppData\Roaming\Mozilla\Firefox\Profiles\t4b2x8kp.default

user.js not found
---- Lines inbox.com removed from prefs.js ----
user_pref("ibxcomtb.ibxHP", "http://www.inbox.com/homepage.aspx?tbid=80114&lng=en");
---- FireFox user.js and prefs.js backups ----

prefs_20150815_0443_.backup

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Windows\syswow64\appdata deleted
C:\PROGRA~2\Holiday Jigsaw Valentines Day deleted
C:\PROGRA~2\My Kingdom for the Princess II deleted
C:\PROGRA~2\My Kingdom for the Princess III deleted
C:\install.exe deleted
C:\Users\Admin\AppData\Roaming\log.txt deleted
C:\Users\Admin\AppData\Roaming\Alawar Stargaze deleted
C:\Users\fay\AppData\Roaming\netstat.bat deleted
C:\Users\fay\AppData\Roaming\NevoSoft Gameslog.txt deleted
C:\Users\fay\AppData\Roaming\Alawar deleted
C:\Users\fay\AppData\Roaming\Alawar Entertainment deleted
C:\Users\fay\AppData\Roaming\Alawar Stargaze deleted
C:\Users\fay\AppData\Roaming\AlawarEntertainment deleted
C:\Users\fay\AppData\Roaming\YoudaGames deleted
C:\PROGRA~3\Alawar Stargaze deleted
C:\PROGRA~3\Funny Bear Studio deleted
C:\Users\fay\AppData\LocalLow\bfgbar deleted
C:\Users\fay\AppData\LocalLow\bfgbartb deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Users\fay\AppData\Roaming\Mozilla\Firefox\Profiles\t4b2x8kp.default\searchplugins\inbox-search.xml deleted
C:\Users\fay\AppData\Roaming\Mozilla\Firefox\Profiles\t4b2x8kp.default\bfgbartb deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5pgaobxx.default
user_pref("browser.startup.homepage", "http://www.yahoo.com/");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.defaultenginename.US", "Google");

ProfilePath: C:\Users\fay\AppData\Roaming\Mozilla\Firefox\Profiles\t4b2x8kp.default
user_pref("browser.startup.homepage", "http://www.yahoo.com/");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.defaultenginename.US", "Google");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [03/11/2012 12:04 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\fay\AppData\Roaming\Mozilla\Firefox\Profiles\t4b2x8kp.default
- Toolbar - Big Fish Games - %ProfilePath%\extensions\{6847DFAE-037A-400c-A524-27F0A281B692}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5pgaobxx.default
A344EE6FD6FF97D3A374980C15583FE5 - C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll - Hulu Desktop


==== Chromium Look ======================


Chrome Hotword Shared Module - fay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg

==== Chromium Startpages ======================

C:\Users\fay\AppData\Local\Google\Chrome\User Data\Default\Preferences
1zm5xRlxc2mwHH2XNg=","signature":"PWmgVGjGfyKvjA48rNymu62Lp3cQocPzil3lN/sTkwzgYiKoZZmceYgvdrfifj64wd+K89lx9sBSO17vTVRFO/ojH8xE5XuwcLahFZycFoNudUoP+TGNjq1RTEXrCs1yJ25wGjvks1oXTDoC92qAPYg3lJ8vMSfiBCKUHsgNfOY0a0Qo4lE6cIV3NC/oLHOuNOx/kT/cc0TG31Wu7PpcbHy18jtoUPGM8h76l2UQX3TzIyow3aFKki5df65il7C32UwG6d5k7flX3e0q4HvEbNnaTBhUPDfBOZN983y4k2950GqA2oJBqtKBTTrkShVO7FlXFGHz5R78GqzVhITbUw==","signature_format_version":2,"timestamp":"13079010075246762"},"last_chrome_version":"43.0.2357.134"},"gcm":{"check_time":"13081717161971731"},"google":{"services":{"hosted_domain":"NO_HOSTED_DOMAIN","refresh_token_annotate_scheduled_time":"13083126056654463","signin_scoped_device_id":"15FD40D3-0026-4C43-862D-F3839688BAC5","user_account_id":"107712137936789270783"}},"hotword":{"previous_language":"en-US"},"http_original_content_length":"4755859933","http_received_content_length":"4755859933","intl":{"accept_languages":"en-US,en"},"invalidator":{"client_id":"yNZH/FzxWYFH8X9/shTvAw==","invalidation_state":"CicKJQoGCgQIAxABEhIJGuohDeTRxJQRz0q8hYJvYv8aBwiJHhADGAESFHe6Sb7Ep1Re5a3j/AqIsLXaEy2w","saved_invalidations":[]},"media":{"device_id_salt":"YIzBiaOVXO6cCGDjVWzihw=="},"net":{"http_server_properties":{"servers":{"accounts.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":15273},"supports_spdy":true},"apis.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":17917},"supports_spdy":true},"clients1.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":16525},"supports_spdy":true},"clients4.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":13655}},"cm.g.doubleclick.net:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"cm.g.doubleclick.net:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":21207}},"content.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"csi.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":256545},"supports_spdy":true},"fbcdn-profile-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fbstatic-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fonts.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"fonts.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"googleads.g.doubleclick.net:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":16719},"supports_spdy":true},"lh5.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"oauth.googleusercontent.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"play.google.com:443":{"network_stats":{"srtt":25774}},"plus.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":15722},"supports_spdy":true},"scontent.xx.fbcdn.net:443":{"supports_spdy":true},"ssl.google-analytics.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"ssl.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":16004},"supports_spdy":true},"support.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":40957},"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true}},"supports_quic":{"address":"192.168.1.102","used_quic":true},"version":3}},"password_bubble":{"nopes":0},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"http://news.yahoo.com:80,http://news.yahoo.com:80":{"setting":1},"https://gma.yahoo.com:443,https://gma.yahoo.com:443":{"setting":1},"https://www.youtube.com:443,http://mashable.com:80":{"setting":1},"https://www.youtube.com:443,http://www.huffingtonpost.com:80":{"setting":1},"https://www.youtube.com:443,http://www.onegreenplanet.org:80":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"http://news.yahoo.com:80,http://news.yahoo.com:80":{"fullscreen":1},"https://gma.yahoo.com:443,https://gma.yahoo.com:443":{"fullscreen":1},"https://www.youtube.com:443,http://mashable.com:80":{"fullscreen":1},"https://www.youtube.com:443,http://www.huffingtonpost.com:80":{"fullscreen":1},"https://www.youtube.com:443,http://www.onegreenplanet.org:80":{"fullscreen":1}},"pref_version":1},"created_by_version":"43.0.2357.65","exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/s256-c/photo.jpg","gaia_info_update_time":"13081681448991689","icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Fay","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\fay\\Downloads"},"selectfile":{"last_directory":"C:\\MyPictures\\Touched up pics"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13077053136956118"},"translate_blocked_languages":["en"],"translate_whitelists":{},"zerosuggest":{"cachedresults":""}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.msn.com/HPDSK/1"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.msn.com/HPDSK/1"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\fay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\5pgaobxx.default\cache2 emptied successfully
C:\Users\fay\AppData\Local\Mozilla\Firefox\Profiles\t4b2x8kp.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\fay\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2764 folders=260 534802972 bytes)

==== Empty Temp Folders ======================

C:\Users\Admin\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\fay\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Admin\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\fay\AppData\Local\Temp\AdobeARM.log" deleted
"C:\Users\fay\AppData\Local\Temp\FXSAPIDebugLogFile.txt" deleted
"C:\Users\fay\AppData\Local\Temp\JET73E7.tmp" not found
"C:\Users\fay\AppData\Local\Temp\logger.log" deleted
"C:\Users\fay\AppData\Local\Temp\PDApp.log" not found

==== EOF on Sat 08/15/2015 at 21:42:12.37 ======================
fayfox
Regular Member
 
Posts: 88
Joined: July 19th, 2015, 3:16 pm

Re: Proxy override...malware?

Unread postby wannabeageek » August 16th, 2015, 9:29 pm

How is the computer responding since this last scan?
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Proxy override...malware?

Unread postby fayfox » August 16th, 2015, 10:48 pm

About the same. Right after the scan, things froze and I had to restart. Now I'm in admin account. Vipre started a scan this morning, it took about an hour for firefox to close and the vipre window to open. I wanted to see the scan progress. After the scan completed, things were still very sluggish, so I rebooted. The rest of the day has been fine.
fayfox
Regular Member
 
Posts: 88
Joined: July 19th, 2015, 3:16 pm

Re: Proxy override...malware?

Unread postby fayfox » August 17th, 2015, 6:59 am

Hi wbg,
This morning I closed firefox when vipre was scanning, everything seemed to be working just fine to me. Firefox closed, I opened the vipre window to monitor scan. But at some point the firefox crash window appeared. My computer had not acted frozen at all. I had even browsed on firefox before I realized vipre was still scanning.
I haven't run any other applications since your last message about not changing anything. Do you want me to run various programs again?
fayfox
fayfox
Regular Member
 
Posts: 88
Joined: July 19th, 2015, 3:16 pm

Re: Proxy override...malware?

Unread postby wannabeageek » August 17th, 2015, 7:01 am

Please. And then give me a report on the computer tomorrow.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 292 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware