Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

STOP Ask.com! Internt explorer acting up!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

STOP Ask.com! Internt explorer acting up!

Unread postby unknown0004304 » December 13th, 2013, 4:16 am

I have noticed lately that my PC has become slower generally and has some trouble in internet explorer. Below is the usual course of action:

Access multiple pages in Internet Explorer (three or more) > Open new tab > Ask.com pop up becomes apparent > Computer has difficulty opening new tab > Computer freezes > Blue screen > Computer restarts

Here are the DDS.txt and Attach.txt contents:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16750
Run by Joanne at 19:08:48 on 2013-12-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3036.1309 [GMT 11:00]
.
AV: Trend Micro Titanium Maximum Security *Enabled/Updated* {5D349EF8-873B-C657-917F-F1D93E101A7C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Trend Micro Titanium Maximum Security *Enabled/Updated* {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Users\Joanne\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Users\Joanne\AppData\Local\Torch\Update\TorchCrashHandler.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Rundll32.exe
C:\Program Files\File Type Assistant\TSAssist.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MaAgent.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Users\Joanne\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iMesh Applications\iMesh\iMesh.exe
C:\Users\Joanne\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Music Toolbar\Datamngr\DatamngrUI.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k regsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.au/
uURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
uURLSearchHooks: MapNeto 1 Toolbar: {1e7e4de1-5ef4-4baa-9250-c26258dc499a} - c:\program files\mapneto_1\tbMap1.dll
uURLSearchHooks: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - c:\program files\translatorbar_5.2\tbTran.dll
uURLSearchHooks: BitTorrentBar2 Toolbar: {656461ef-40f6-4115-9ff1-bced9812ccbb} - c:\program files\bittorrentbar2\prxtbBiterror.dll
uURLSearchHooks: FLV Runner Toolbar: {3bbd3c14-4c16-4989-8366-95bc9179779d} - c:\program files\flv_runner\prxtbFLV_.dll
mURLSearchHooks: MapNeto 1 Toolbar: {1e7e4de1-5ef4-4baa-9250-c26258dc499a} - c:\program files\mapneto_1\tbMap1.dll
mURLSearchHooks: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - c:\program files\translatorbar_5.2\tbTran.dll
mURLSearchHooks: BitTorrentBar2 Toolbar: {656461ef-40f6-4115-9ff1-bced9812ccbb} - c:\program files\bittorrentbar2\prxtbBiterror.dll
mURLSearchHooks: FLV Runner Toolbar: {3bbd3c14-4c16-4989-8366-95bc9179779d} - c:\program files\flv_runner\prxtbFLV_.dll
BHO: MyWebSearch Search Assistant BHO: {00A6FAF1-072E-44cf-8957-5838F569A31D} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: Music Toolbar (Dist. by iMesh, Inc.): {0307351f-b2d7-41f2-b44a-8af7d9d90a18} - c:\program files\music toolbar\datamngr\srtool~1\ie\searchresultsDx.dll
BHO: mwsBar BHO: {07B18EA1-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
BHO: BFlix Class: {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - c:\program files\bflix\Bflix.dll
BHO: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - c:\program files\pricegong\2.6.4\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\program files\trend micro\amsp\module\20004\3.0.1251\6.8.1118\TmIEPlg.dll
BHO: MapNeto 1 Toolbar: {1e7e4de1-5ef4-4baa-9250-c26258dc499a} - c:\program files\mapneto_1\tbMap1.dll
BHO: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - c:\program files\translatorbar_5.2\tbTran.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - c:\program files\babylontoolbar\babylontoolbar\1.8.7.2\bh\BabylonToolbar.dll
BHO: FLV Runner Toolbar: {3bbd3c14-4c16-4989-8366-95bc9179779d} - c:\program files\flv_runner\prxtbFLV_.dll
BHO: BitTorrentBar2 Toolbar: {656461ef-40f6-4115-9ff1-bced9812ccbb} - c:\program files\bittorrentbar2\prxtbBiterror.dll
BHO: Incredibar.com Helper Object: {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files\incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Search Results Toolbar: {94366e2c-9923-431c-b0d6-747447dd0f2b} - c:\program files\searchresults1\toolbar2X.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - c:\program files\trend micro\amsp\module\20002\8.0.1109\8.0.1109\TmBpIe32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: MapNeto 1 Toolbar: {1E7E4DE1-5EF4-4BAA-9250-C26258DC499A} - c:\program files\mapneto_1\tbMap1.dll
TB: TranslatorBar 5.2 Toolbar: {23256F20-0D9B-4323-B005-6E5DE569C4B7} - c:\program files\translatorbar_5.2\tbTran.dll
TB: BitTorrentBar2 Toolbar: {656461EF-40F6-4115-9FF1-BCED9812CCBB} - c:\program files\bittorrentbar2\prxtbBiterror.dll
TB: FLV Runner Toolbar: {3BBD3C14-4C16-4989-8366-95BC9179779D} - c:\program files\flv_runner\prxtbFLV_.dll
TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
TB: MapNeto 1 Toolbar: {1e7e4de1-5ef4-4baa-9250-c26258dc499a} - c:\program files\mapneto_1\tbMap1.dll
TB: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - c:\program files\translatorbar_5.2\tbTran.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: BitTorrentBar2 Toolbar: {656461ef-40f6-4115-9ff1-bced9812ccbb} - c:\program files\bittorrentbar2\prxtbBiterror.dll
TB: Incredibar Toolbar: {F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files\incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll
TB: Search Results Toolbar: {94366e2c-9923-431c-b0d6-747447dd0f2b} - c:\program files\searchresults1\toolbar2X.dll
TB: FLV Runner Toolbar: {3bbd3c14-4c16-4989-8366-95bc9179779d} - c:\program files\flv_runner\prxtbFLV_.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - c:\program files\babylontoolbar\babylontoolbar\1.8.7.2\BabylonToolbarTlbr.dll
TB: Music Toolbar (Dist. by iMesh, Inc.): {0307351f-b2d7-41f2-b44a-8af7d9d90a18} - c:\program files\music toolbar\datamngr\srtool~1\ie\searchresultsDx.dll
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
uRun: [SmileboxTray] "c:\users\joanne\appdata\roaming\smilebox\SmileboxTray.exe"
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [BackgroundContainer] "c:\windows\system32\rundll32.exe" "c:\users\joanne\appdata\local\conduit\backgroundcontainer\BackgroundContainer.dll",DllRun
uRun: [iMesh] "c:\program files\imesh applications\imesh\iMesh.exe" --lightmode
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SMSTray] c:\program files\samsung\samsung media studio 5\SMSTray.exe
mRun: [MAAgent] c:\program files\markany\contentsafer\MAAgent.exe
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Reader Library Launcher] c:\program files\sony\reader\data\bin\launcher\Reader Library Launcher.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MRT] "c:\windows\system32\MRT.exe" /R
StartupFolder: c:\users\joanne\appdata\roaming\micros~1\windows\startm~1\programs\startup\hpsimp~1.lnk - c:\users\joanne\appdata\roaming\hp simplesave application\StartHelper.exe
StartupFolder: c:\users\joanne\appdata\roaming\micros~1\windows\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\users\joanne\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube to iPod Converter - c:\users\joanne\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetoipodconverter.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{91F7CB8C-9846-4AFF-9F78-1EAF704AA075} : DHCPNameServer = 192.168.0.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\8.0.1109\8.0.1109\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\3.0.1251\6.8.1118\TmIEPlg.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - c:\program files\trend micro\titanium\uiframework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~2\wincert\win32c~1.dll c:\progra~1\musict~1\datamngr\mgrldr.dll
SSODL: WebCheck - <orphaned>
SEH: ShellHook Class - {88485281-8b4b-4f8d-9ede-82e29a064277} - c:\program files\markany\contentsafer\MACSMANAGER.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: browsemngr.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
IFEO: browsermngr.exe - tasklist.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 TMEBC;TMEBC;c:\windows\system32\drivers\TMEBC32.sys [2013-10-2 40736]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2012-3-19 64800]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2013-10-2 83352]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-4-30 187392]
R3 tmeevw;tmeevw;c:\windows\system32\drivers\tmeevw.sys [2013-10-2 85280]
R3 tmnciesc;tmnciesc;c:\windows\system32\drivers\tmnciesc.sys [2013-10-2 282272]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-5-13 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-1-3 39272]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [2010-12-14 21504]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-5-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-5-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-5-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2011-5-13 114280]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
.
=============== Created Last 30 ================
.
2013-12-11 22:40:29 -------- d-----w- c:\programdata\1D2EB
2013-12-11 11:14:54 164864 ----a-w- c:\program files\windows media player\wmplayer.exe
2013-12-11 11:14:54 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-10 20:51:06 301568 ----a-w- c:\windows\system32\msieftp.dll
2013-12-10 20:51:04 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-10 20:51:02 163840 ----a-w- c:\windows\system32\scrrun.dll
2013-12-10 20:51:02 141824 ----a-w- c:\windows\system32\wscript.exe
2013-12-10 20:51:02 126976 ----a-w- c:\windows\system32\cscript.exe
2013-12-10 20:51:02 121856 ----a-w- c:\windows\system32\wshom.ocx
2013-12-10 20:51:01 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-10 20:50:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-10 20:50:53 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-12-10 20:50:51 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-10 20:50:51 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-09 10:10:26 -------- d-----w- c:\users\joanne\appdata\local\{6DEBD838-E4CF-4FA0-8B55-94D7A43990FE}
2013-12-03 20:57:26 -------- d-----w- c:\users\joanne\appdata\local\{A127C111-E252-45A9-9197-9C232196079E}
2013-11-24 23:11:22 -------- d-----w- c:\users\joanne\appdata\local\{56090FF3-2C8A-4B0C-833B-5333D3DC5CF6}
.
==================== Find3M ====================
.
2013-12-11 10:39:11 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 10:39:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-25 04:45:11 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-10-25 04:43:42 2877952 ----a-w- c:\windows\system32\jscript9.dll
2013-10-25 04:43:38 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-10-25 04:43:38 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-10-25 03:41:01 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-25 02:49:34 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-10-12 02:03:08 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:01:41 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01:25 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57:25 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-10-04 01:58:50 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- c:\windows\system32\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- c:\windows\system32\authui.dll
2013-10-03 01:58:07 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-10-02 00:56:01 59 ----a-w- c:\windows\system32\SupportTool.exe.bat
2013-09-25 02:01:08 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01:06 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57:46 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 01:56:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 00:49:20 22016 ----a-w- c:\windows\system32\lsass.exe
2013-09-25 00:49:18 15872 ----a-w- c:\windows\system32\sspisrv.dll
.
============= FINISH: 19:14:22.52 ===============










.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 30/04/2010 3:24:51 PM
System Uptime: 13/12/2013 9:40:44 AM (10 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | G41M-ES2L
Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz | Socket 775 | 1700/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 267.151 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&339E9CE1&0&2
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&339E9CE1&0&2
Service:
.
==== System Restore Points ===================
.
RP873: 14/11/2013 3:00:43 AM - Windows Update
RP874: 21/11/2013 9:25:45 AM - Scheduled Checkpoint
RP875: 28/11/2013 9:26:31 AM - Scheduled Checkpoint
RP877: 5/12/2013 2:26:40 PM - Scheduled Checkpoint
RP878: 11/12/2013 10:13:00 PM - Windows Update
.
==== Image File Execution Options =============
.
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: browsemngr.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
IFEO: browsermngr.exe - tasklist.exe
IFEO: browserprotect.exe - tasklist.exe
IFEO: bundlesweetimsetup.exe - tasklist.exe
IFEO: cltmngsvc.exe - tasklist.exe
IFEO: delta babylon.exe - tasklist.exe
IFEO: delta tb.exe - tasklist.exe
IFEO: delta2.exe - tasklist.exe
IFEO: deltainstaller.exe - tasklist.exe
IFEO: deltasetup.exe - tasklist.exe
IFEO: deltatb.exe - tasklist.exe
IFEO: deltatb_2501-c733154b.exe - tasklist.exe
IFEO: iminentsetup.exe - tasklist.exe
IFEO: rjatydimofu.exe - tasklist.exe
IFEO: sweetimsetup.exe - tasklist.exe
IFEO: tbdelta.exetoolbar783881609.exe - tasklist.exe
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
Advertising Center
AngusRobertson
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avid License Control
Babylon Chrome Toolbar
Babylon toolbar
BFlix
Bing Bar
BitTorrent
BitTorrentBar2 Toolbar
Bonjour
calibre
Canon MP280 series MP Drivers
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
D3DX10
DolbyFiles
Driver Genius Professional Edition
e-tax 2012
e-tax 2013
File Type Assistant
Fixio Packages
FLV Runner Toolbar
Free File Viewer 2011
Free YouTube to iPod Converter version 3.9.32.324
Full Tilt Poker
Google Chrome
Google Update Helper
Guitar Pro 6
iCloud
ImagXpress
iMesh
InCD Help
Incredibar Toolbar on IE and Chrome
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
iTunes
Java Auto Updater
Java(TM) 6 Update 20
JumpStart Typing
Junk Mail filter update
Kobo
Lame ACM MP3 Codec
LG USB Modem Drivers
LimeWire 5.5.8
MapNeto 1 Toolbar
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MobileMe Control Panel
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Toolbar for Chrome (Dist. by iMesh, Inc.)
Music Toolbar for Internet Explorer (Dist. by iMesh, Inc.)
My Web Search (Zwinky)
Need4 Software Launcher 7.1
Need4 Video Converter 7
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
Nero Vision
Nero Vision Help
NeroExpress
neroxml
Norton Internet Security
OGA Notifier 2.0.0048.0
PENTAX Digital Camera Utility 4
PriceGong 2.6.4
PRS-500 USB driver
Qtrax Player
QuickTime
Reader Library by Sony
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RollerCoaster Tycoon 3
Safari
Samsung Media Studio
Search Results Toolbar
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Sibelius 7 OpenType Fonts
Sibelius 7.1.3.77
Skype Click to Call
Skype™ 6.3
Smilebox
Snagit 11
swMSM
Torch
TranslatorBar 5.2 Toolbar
Trend Micro Titanium
Trend Micro Titanium Maximum Security
Ultimate Reference Suite
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 5.00 beta 5 (32-bit)
XviD MPEG-4 Video Codec
Youda Sushi Chef
.
==== Event Viewer Messages From Past Week ========
.
9/12/2013 7:20:02 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000d, 0x00000000, 0x00000000, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120913-17487-01.
9/12/2013 5:25:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000d, 0x00000000, 0x00000000, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120913-15943-01.
9/12/2013 5:02:12 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000024 (0x001904fb, 0xb710e810, 0xb710e3f0, 0x8b648257). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120913-14430-01.
8/12/2013 12:13:04 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xffffff00, 0x00000000, 0x8328ce63, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120813-14539-01.
8/12/2013 11:59:31 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000024 (0x001904fb, 0xb9155a7c, 0xb9155660, 0x8b63a257). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120813-18392-01.
7/12/2013 8:31:40 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/12/2013 6:52:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/12/2013 9:40:26 AM, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.
12/12/2013 9:38:00 AM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The authentication service is unknown.
12/12/2013 8:22:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
12/12/2013 4:05:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
12/12/2013 10:50:48 AM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
11/12/2013 8:56:01 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the BrowserProtect service to connect.
11/12/2013 8:56:01 AM, Error: Service Control Manager [7000] - The BrowserProtect service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/12/2013 5:50:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
.
==== End Of File ===========================
unknown0004304
Active Member
 
Posts: 2
Joined: December 11th, 2013, 10:31 pm
Advertisement
Register to Remove

Re: STOP Ask.com! Internt explorer acting up!

Unread postby pgmigg » December 14th, 2013, 12:04 am

Hello unknown0004304,

Welcome to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: STOP Ask.com! Internt explorer acting up!

Unread postby pgmigg » December 14th, 2013, 12:44 am

Hello unknown0004304,

P2P Advisory!
IMPORTANT: There are sign of P2P (Peer to Peer) File Sharing Program installed on your computer:

BitTorrent
BitTorrentBar2 Toolbar
LimeWire 5.5.8


As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s), please indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Step 1.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the words 'Code: Select All' into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    BitTorrent
    BitTorrentBar2 Toolbar
    LimeWire 5.5.8
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program
itself, may be safe but the files may not - use P2P at your own risk!
Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

Step 2.
Run CKScanner
  1. Please download CKScanner from Here
  2. Important: - Save it to your Desktop.
  3. Right-click CKScanner.exe and select "Run as administrator...", then click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Please include in your next reply:
  1. Your decision about P2P program.
  2. Do you have any problems executing the instructions?
  3. Contents of a log created by CKFiles.txt
  4. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: STOP Ask.com! Internt explorer acting up!

Unread postby unknown0004304 » December 15th, 2013, 7:30 pm

I believe I have removed the P2P programs. I had no trouble executing the instructions. Below is the log contents requested. I did not have adequate time to assess changes in computer behaviour. Thank you for your help so far :)

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\users\joanne\desktop\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ].rar
c:\users\joanne\desktop\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\guitarpro6-rev9063.tgz
c:\users\joanne\desktop\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\guitarpro6installer.exe
c:\users\joanne\desktop\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\instructions.txt
c:\users\joanne\desktop\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\soundbanks.gpbank
c:\users\joanne\desktop\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\keygen\disable-updates.reg
c:\users\joanne\desktop\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\keygen\keygen.rar
c:\users\joanne\documents\humphrys family\madeline\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ].rar
c:\users\joanne\documents\humphrys family\madeline\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\guitarpro6-rev9063.tgz
c:\users\joanne\documents\humphrys family\madeline\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\guitarpro6installer.exe
c:\users\joanne\documents\humphrys family\madeline\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\instructions.txt
c:\users\joanne\documents\humphrys family\madeline\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\soundbanks.gpbank
c:\users\joanne\documents\humphrys family\madeline\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\keygen\disable-updates.reg
c:\users\joanne\documents\humphrys family\madeline\guitar pro v6.0.7+soundbanks+keygen(registered) [ kk ]\keygen\keygen.rar
scanner sequence 3.JD.11.CFAPTZ
----- EOF -----
unknown0004304
Active Member
 
Posts: 2
Joined: December 11th, 2013, 10:31 pm

Re: STOP Ask.com! Internt explorer acting up!

Unread postby Cypher » December 16th, 2013, 12:50 pm

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW DDS logs :
  • DDS.txt.
  • Attach.txt.
  • Details of the problems you're experiencing.
Wait for a new helper. Do not reply to your topic before a helper has replied.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 32 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware