Viruses While Playing Game

Page 1 of 3 123 LastLast

  1. Posts : 127
    Windows 7 64 bit
       #1

    Viruses While Playing Game


    I play Criminal Case on Facebook and am bothered by two things that only show up there:
    1. CDN.doubleverify.com
    2. duspys4lcv8ju.cloudfront.net

    Cloudfront gives me a pop-up asking if it can store info on my computer. I have to click "Deny".
    Doubleverify actually gives me an error message right in the middle of playing the game. I have to click "Stop Script" and then hit Full-Screen mode again and continue playing.
    If I look either one of these up, they are considered viruses and any number of solutions and programs are recommended, but none can find them on my computer. I used Security Essentials, Malwarebytes, ADWCleaner, Spybot and cleared my Firefox cache as well as resetting Firefox. I'm not sure what these are doing to my computer, but are annoying. Why aren't any of these anti-virus programs finding anything?
      My Computer


  2. Posts : 4,776
    Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
       #2

    Re: Cloudfront gives me a pop-up asking if it can store info on my computer. I have to click "Deny".

    Sounds like a flash cookie. That would be normal.

    Look here:

    Control Panel> Flash Player (32bit) > Storage > Local Storage Settings By Site

    Also visit here: https://www.macromedia.com/support/d...manager03.html

    Check settings and read the information below the panel.

    Re: "Doubleverify" - it's an ad verification tool and Forum Rules here prevent any discussion on the matter.
      My Computer


  3. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #3

    Hi kodakjack,

    As posted by Callender;

    Re: Cloudfront gives me a pop-up asking if it can store info on my computer. I have to click "Deny".

    Sounds like a flash cookie. That would be normal.
    That is correct. The reason you are continually being bothered by this request from cloudfront is because you are not accepting the cookie to be saved. There are good cookies, then there are bad cookies. See here.

    As for CDN.doubleverify.com, well that's another story. If you are seeing pop-up ads from Cdn.doubleverify.com then your computer is infected with an adware or a potentially unwanted program (PUP) and to rid your system of these pop ups I will need to see a detailed log to find the culprit that is causing this. Please do as follows:

    Please download Farbar Recovery Scan Tool and save it to your desktop. <<< Very Important!

    Note: You will need to run the version compatible with your system. If you are not sure which version (32 or 64-bit) applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


    • Make sure that FRST is on the desktop of the infected system
    • Right click and choose Run as administrator. When the tool opens click Yes to disclaimer.
    • Under Optional Scan make sure there is a checkmark in the box for Addition.txt to ensure it creates that 2nd log.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste both logs back here.



    In your next reply, please post the following logs:

    FRST.txt
    Addition.txt


    Thank you,
    Donna :)
      My Computer


  4. Posts : 127
    Windows 7 64 bit
    Thread Starter
       #4

    At first, I was going to copy and paste, but the size was too large. So, I had to go to attachments.
    Viruses While Playing Game Attached Files
      My Computer


  5. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #5

    That's perfect. Please allow me a bit of time to review the logs. As you can see they are quite big. Back soon... :)
      My Computer


  6. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #6

    Hi kodakjack,

    I do apologize for the delay. I hadn't planned on sitting my 3 mos old grand daughter today. I just love surprises...

    Java 8 Update 40 is outdated. This is one of those software apps that if not kept up to date can be an invitation for malware. You can update Java from here. Under Java SE 8u77 you want to click on the blue Download button found under the JRE version in the right hand column.

    After you update Java, please go to your Control Panel > Programs and Features and uninstall Java 8 u40, if present. You don't want any outdated software hanging around.


    Adobe Reader X (10.1.16) is outdated. This is another software app that, if not kept up to date, can be an invitation for malware. Please update Adobe Reader from here.


    Other than the above items I mentioned, there is a bit of cleanup needed that I found in your logs.


    • Open notepad (Start orb > type notepad into Start Search > chose notepad from list.
    • Please copy the entire contents of the code box below from Start to End.
      (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    • Save it to the same directory as frst.exe (or frst64.exe) as fixlist.txt.

      Code:
      Start
      CreateRestorePoint:
      HKLM-x32\...\Run: [] => [X]
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
      HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
      HKU\S-1-5-21-720622431-2516295448-4100020222-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKU\S-1-5-21-720622431-2516295448-4100020222-1001 -> DefaultScope {B119C5CB-54D5-450C-BEAF-601E4E4EA2B4} URL = 
      SearchScopes: HKU\S-1-5-21-720622431-2516295448-4100020222-1001 -> {08BB901F-CD79-4330-B1AF-DFB20346AECA} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
      SearchScopes: HKU\S-1-5-21-720622431-2516295448-4100020222-1001 -> {5AA0FB2F-45B5-4b28-8E51-261F7382C1A8} URL = hxxp://search.iyogi.com/search.html?hl=en&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-720622431-2516295448-4100020222-1001 -> {B119C5CB-54D5-450C-BEAF-601E4E4EA2B4} URL = 
      FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-01-30] <==== ATTENTION
      S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
      S3 mfehidk01; \Device\mfehidk01.sys [X]
      EmptyTemp:
      NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
    • The tool will make a log (Fixlog.txt) which you will find where you saved FRST. Please post it to your reply.



    In your next reply, please post the following:

    Fixlog.txt
    Whether or not you're still experiencing the previous issues.

    Thank you,
    Donna :)
    Last edited by z3r010; 03 Apr 2016 at 04:28. Reason: Breach of forum rules
      My Computer


  7. Posts : 127
    Windows 7 64 bit
    Thread Starter
       #7

    You have been extremely helpful, especially while being a grandma!!
    The things that have been mentioned here, while old hat to you experts, flies contrary to what info has been passed along by others. I was always told NOT to update Java and to get rid of it if it isn't necessary. I thought I had kept current on my Adobe Reader.
    I have other things I'd like to do tonight, so, I'd like to get into FRST fresh tomorrow. To be clear, you want me to copy and paste exactly what's in the box, correct?
    BTW, I know the game I play uses Flash Player, but I cannot find it in my list of Program Files nor under Control Panel software that comes up if you want to add or delete programs.
    Thanks. I'll try what's left tomorrow and report back.
    Last edited by Barman58; 03 Apr 2016 at 12:08.
      My Computer


  8. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #8

    Yes. Just copy everything in the box and paste it in your notepad (not wordpad) and save it to your desktop. Open FRST and click on the Fix button. FRST will find the saved fixlog and execute the script. Easy peasy.. :)

    I was always told NOT to update Java and to get rid of it if it isn't necessary.
    I should have given you my usual preach in regards to Java. Under normal circumstances, I like to encourage user to uninstall Java as well. Now a days, your typical home computer user doesn't need Java installed, which at one time was desperately needed for websites to be displayed properly. That is no longer the case. I had uninstalled Java a few years ago and have since found no need for it, so the choice is yours if you would like to uninstall it completely from Programs and Features in your Control Panel. If the need ever arises, you will be notified that Java is needed at which time you could install. I only suggested since it was there and very outdated.

    Yes. Your Adobe Reader is outdated. The most recent version is either version 15 or the DC version. :)

    As for the flash player, it is installed. If you look under ---Installed Programs--- in the Addition.txt log you attached above you will see it in the list. You won't find it under Programs and Features though you should see it listed on the main Control Panel window. Click on the View by: drop down arrow to the right and choose to view with Large icons if it you don't already. It should be found in the alphabetical list of windows software. I just noticed that miine has a black icon. It used to be red..

    Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
    I'll be around tomorrow as well. See you then.
      My Computer


  9. Posts : 127
    Windows 7 64 bit
    Thread Starter
       #9

    It came back with no Fix Text. Was I supposed to run FRST with Additional selected?
    I played the game before I did this latest run and it played fine and even faster than it has been.

    EDIT:
    I must have done something wrong. I get a box that pops up and says:

    No Fixlist.txt found.
    The Fixlist.txt should be in the same folder/directory the tool is located.

    I saved the stuff in the box to Notepad and put it on the Desktop. I'm confused when you say "save it in the FRST.exe directory. I guess I need a little more help with what I'm supposed to do.
      My Computer


  10. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #10

    FRST.exe is downloaded to the desktop of your computer. You need to save the fixlist.txt in the same location (on the desktop). When the fix scan is complete a file will be created on the desktop named fixlog.txt.
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:51.
Find Us