Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

My browser opens automatically with My Wb Search

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

My browser opens automatically with My Wb Search

Unread postby Cristina » January 12th, 2013, 9:21 pm

This no matter how I try to change my homepage

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by user at 3:07:13 on 2013-01-13
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2662.1403 [GMT 2:00]
.
AV: UnThreat AntiVirus *Enabled/Updated* {F8368DCB-A421-E485-9F63-76DC70EAD126}
SP: UnThreat AntiSpyware *Enabled/Updated* {43576C2F-821B-EB0B-A5D3-4DAE0B6D9B9B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\rpcnet.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Digi Net Mobil\AssistantServices.exe
C:\Program Files\UnThreat AntiVirus\utsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AnVir Task Manager\anvir.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Digi Net Mobil\UIExec.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\UnThreat AntiVirus\UnThreat.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\BearShare Applications\BearShare\BearShare.exe
C:\Program Files\Digi Net Mobil\UIMain.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Digi Net Mobil\CMUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [Software Informer] "c:\program files\software informer\softinfo.exe" -autorun
mRun: [Broadcom Wireless Manager UI] c:\program files\broadcom\broadcom 802.11 network adapter\WLTRAY.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [UIExec] "c:\program files\digi net mobil\UIExec.exe"
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [UnThreat] "c:\program files\unthreat antivirus\UnThreat.exe" -silent
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: Interfaces\{2F9392E5-C993-4AEC-873E-A808AD0080E4} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{8D29FB06-57FF-42D4-A8EF-BCB4BEB4EB3A} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{AA2A53CE-E21D-463E-A44A-95B40A1BA67C} : NameServer = 193.231.236.30 193.231.236.25
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\zvo6jiij.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsear ... 011223&p2=^HJ^xdm073^YY^ro&si=pconverter&searchfor=
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2012-12-06 21:23; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
============= SERVICES / DRIVERS ===============
.
R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2012-12-31 2571704]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2013-1-7 66344]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-12-13 3290896]
R2 UI Assistant Service;UI Assistant Service;c:\program files\digi net mobil\AssistantServices.exe [2012-12-6 274760]
R2 UTSvcManager3;UnThreat Service Manager;c:\program files\unthreat antivirus\utsvc.exe [2013-1-7 2852016]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-12-6 280576]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2012-2-9 375336]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-7-17 55104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-1-2 83168]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-12-6 9216]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-17 14848]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2013-1-7 94496]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-1-2 181344]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-12-17 24064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-12-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-12-17 27136]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-12-8 1343400]
.
=============== Created Last 30 ================
.
2013-01-13 00:17:25 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{2380e32e-0276-4bb0-ac8d-f3507b62d2ac}\offreg.dll
2013-01-13 00:10:13 -------- d-----w- c:\programdata\D281
2013-01-12 21:11:13 -------- d-----w- c:\programdata\BearShare
2013-01-12 21:09:22 -------- dc-h--w- c:\programdata\{1404D05A-7021-4140-B3F7-EFE7CE759178}
2013-01-12 15:03:53 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-12 15:03:53 779704 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-12 15:03:40 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-11 09:17:42 -------- d-----w- c:\users\user\appdata\local\Aiseesoft Studio
2013-01-11 09:17:21 -------- d-----w- c:\programdata\Aiseesoft Studio
2013-01-11 08:46:31 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{2380e32e-0276-4bb0-ac8d-f3507b62d2ac}\mpengine.dll
2013-01-09 11:24:44 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-01-07 11:47:45 94496 ----a-w- c:\windows\system32\drivers\sbhips.sys
2013-01-07 11:47:44 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-01-07 11:47:43 66344 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2013-01-07 11:47:41 -------- d-----w- c:\programdata\UnThreat
2013-01-07 11:47:41 -------- d-----w- c:\program files\UnThreat AntiVirus
2013-01-07 11:47:15 -------- d-----w- c:\users\user\appdata\local\Programs
2013-01-07 08:47:49 -------- d-----w- c:\users\user\appdata\local\Wondershare
2013-01-07 08:47:48 -------- d-----w- c:\program files\common files\Wondershare
2013-01-07 08:47:39 -------- d-----w- c:\users\user\appdata\roaming\Wondershare
2013-01-07 08:01:30 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-01-06 22:07:43 -------- d-----w- c:\users\user\appdata\local\STARGAZE_IMAGE_CACHE
2013-01-06 22:07:43 -------- d-----w- c:\programdata\Alawar Stargaze
2013-01-06 21:40:22 -------- d-----w- c:\program files\AnVir Task Manager
2013-01-06 21:20:11 -------- d-----w- c:\users\user\appdata\roaming\Software Informer
2013-01-06 21:20:11 -------- d-----w- c:\program files\Software Informer
2013-01-06 21:14:10 -------- d-----w- c:\users\user\appdata\roaming\ChemTable Software
2013-01-06 21:14:04 -------- d-----w- c:\users\user\appdata\local\ChemTable Software
2013-01-06 21:14:04 -------- d-----w- c:\program files\Reg Organizer
2013-01-06 21:14:03 -------- d-----w- c:\users\user\appdata\local\AnVir
2013-01-02 11:58:56 -------- d-----w- c:\users\user\appdata\local\Samsung
2013-01-02 11:58:55 -------- d-----w- c:\users\user\appdata\roaming\Samsung
2013-01-02 11:53:35 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-01-02 11:53:35 181344 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-01-02 11:51:39 -------- d-----w- c:\program files\MyFree Codec
2013-01-02 11:23:21 4659712 ----a-w- c:\windows\system32\Redemption.dll
2013-01-02 11:23:07 821824 ----a-w- c:\windows\system32\dgderapi.dll
2013-01-02 11:22:37 -------- d-----w- c:\programdata\Samsung
2013-01-02 11:22:37 -------- d-----w- c:\program files\Samsung
2013-01-02 11:20:59 -------- d-----w- c:\users\user\appdata\local\Downloaded Installations
2013-01-02 08:04:16 -------- d-----w- c:\users\user\appdata\local\ElevatedDiagnostics
2013-01-02 02:03:56 -------- d-----w- c:\windows\el-GR
2013-01-02 02:03:49 -------- d-----w- c:\windows\system32\el
2013-01-02 02:03:48 -------- d-----w- c:\windows\system32\drivers\umdf\el-GR
2013-01-02 02:03:48 -------- d-----w- c:\windows\system32\drivers\el-GR
2013-01-02 02:03:46 -------- d-----w- c:\windows\system32\wbem\el-GR
2013-01-02 01:56:11 4096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\el-gr\LXKPTPRC.DLL.mui
2013-01-02 01:54:12 -------- d-----w- c:\windows\system32\drivers\umdf\ar-SA
2013-01-02 01:54:12 -------- d-----w- c:\windows\system32\drivers\ar-SA
2013-01-02 01:54:12 -------- d-----w- c:\windows\system32\ar
2013-01-02 01:54:12 -------- d-----w- c:\windows\ar-SA
2013-01-02 01:54:06 -------- d-----w- c:\windows\system32\wbem\ar-SA
2013-01-02 01:46:11 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\ar-sa\LXKPTPRC.DLL.mui
2013-01-02 01:44:05 -------- d-----w- c:\windows\fr-FR
2013-01-02 01:43:57 -------- d-----w- c:\windows\system32\040C
2013-01-02 01:43:56 -------- d-----w- c:\windows\system32\fr
2013-01-02 01:43:56 -------- d-----w- c:\windows\system32\drivers\umdf\fr-FR
2013-01-02 01:43:56 -------- d-----w- c:\windows\system32\drivers\fr-FR
2013-01-02 01:43:51 -------- d-----w- c:\windows\system32\wbem\fr-FR
2013-01-02 01:36:07 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\fr-fr\LXKPTPRC.DLL.mui
2013-01-02 01:33:59 -------- d-----w- c:\windows\de-DE
2013-01-02 01:33:50 -------- d-----w- c:\windows\system32\XPSViewer
2013-01-02 01:33:50 -------- d-----w- c:\windows\system32\0407
2013-01-02 01:33:49 -------- d-----w- c:\windows\system32\drivers\umdf\de-DE
2013-01-02 01:33:49 -------- d-----w- c:\windows\system32\drivers\de-DE
2013-01-02 01:33:48 -------- d-----w- c:\windows\system32\de
2013-01-02 01:33:47 -------- d-----w- c:\windows\system32\wbem\de-DE
2013-01-02 01:28:45 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\de-de\LXKPTPRC.DLL.mui
2013-01-02 01:26:52 -------- d-----w- c:\windows\system32\drivers\bg-BG
2013-01-02 01:26:52 -------- d-----w- c:\windows\bg-BG
2013-01-02 01:26:47 -------- d-----w- c:\windows\system32\wbem\bg-BG
2012-12-31 22:32:56 -------- d-----w- c:\windows\system32\appmgmt
2012-12-31 21:35:37 -------- d-----w- c:\program files\CodeMeter
2012-12-31 19:12:52 -------- d-----w- c:\programdata\Cached Installations
2012-12-26 18:41:35 -------- d-----w- c:\programdata\MumboJumbo
2012-12-21 22:37:23 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 22:37:23 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-17 11:57:08 24064 ----a-w- c:\windows\system32\drivers\terminpt.sys
2012-12-17 06:03:41 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2012-12-17 06:03:41 247808 ----a-w- c:\windows\system32\schannel.dll
2012-12-17 06:03:41 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-12-17 06:03:41 1039360 ----a-w- c:\windows\system32\lsasrv.dll
.
==================== Find3M ====================
.
2013-01-12 23:57:26 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2013-01-12 23:57:24 58288 ----a-w- c:\windows\system32\rpcnet.dll
2013-01-10 09:13:49 17920 ----a-w- c:\windows\system32\rpcnetp.dll
2013-01-09 13:16:25 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 13:16:24 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-06 17:03:55 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-12-06 17:03:55 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-12-06 17:03:55 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-12-05 18:40:49 52224 ----a-w- c:\windows\system32\wltrynt.dll
2012-12-05 18:40:49 445 ----a-w- c:\windows\system32\vcredist_x86.bat
2012-12-05 18:40:49 35088 ----a-w- c:\windows\system32\drivers\npf.sys
2012-12-05 18:40:49 2682880 ----a-w- c:\windows\system32\vcredist_x86.exe
2012-12-05 18:40:48 989184 ----a-w- c:\windows\system32\BCMLogon.dll
2012-12-05 18:40:48 91448 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-12-05 18:40:48 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-12-05 18:40:48 4358144 ----a-w- c:\windows\system32\bcmttls.dll
2012-12-05 18:40:48 4268096 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2012-12-05 18:40:48 3928064 ----a-w- c:\windows\system32\bcmihvsrv.dll
2012-12-05 18:40:48 3616768 ----a-w- c:\windows\system32\bcmihvui.dll
2012-12-05 18:40:48 18496 ----a-w- c:\windows\system32\drivers\bcm42rly.sys
2012-12-05 18:27:13 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-12-05 18:24:42 58288 ------w- c:\windows\system32\rpcnet.exe
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
.
============= FINISH: 3:08:15.27 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/5/2012 8:13:24 PM
System Uptime: 1/13/2013 1:57:04 AM (2 hours ago)
.
Motherboard: Acer | | Mimic
Processor: Intel(R) Celeron(R) CPU 887 @ 1.50GHz | U3E1 | 1500/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 63 GiB total, 39.53 GiB free.
D: is FIXED (NTFS) - 122 GiB total, 118.082 GiB free.
E: is FIXED (NTFS) - 280 GiB total, 268.111 GiB free.
F: is CDROM (CDFS)
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP42: 1/12/2013 5:02:27 PM - Installed Java 7 Update 10
RP43: 1/12/2013 9:39:31 PM - Windows Update
RP44: 1/12/2013 9:58:25 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01)
Aiseesoft Total Media Converter Platinum 6.3.28
AnVir Task Manager
BearShare
Broadcom NetLink Controller
Broadcom Wireless Utility
BS.Player FREE
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
D3DX10
Digi Net Mobil
Inpaint 4.7
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics
Java 7 Update 10
Java Auto Updater
K-Lite Codec Pack 9.6.5 (Basic)
Microsoft .NET Framework 4.5
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 18.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MyFreeCodec
Photo Common
Reg Organizer version 5.46
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4.5 (KB2729460)
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype Click to Call
Skype™ 6.0
Software Informer 1.2
TwistedBrush Pro Studio
UnThreat Free AntiVirus 2013
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Winamp
Winamp Detector Plug-in
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 beta 3 (32-bit)
Wondershare PDF Converter (Build 4.0.1)
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
1/13/2013 1:57:27 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
.
==== End Of File ===========================
Cristina
Active Member
 
Posts: 2
Joined: January 12th, 2013, 9:14 pm
Advertisement
Register to Remove

Re: My browser opens automatically with My Wb Search

Unread postby deltalima » January 13th, 2013, 1:25 pm

checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: My browser opens automatically with My Wb Search

Unread postby deltalima » January 13th, 2013, 1:30 pm

Hi Cristina,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Please Note:
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Remove P2P Programs

  • I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    BearShare


  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

CKScanner

  • Please download CKScanner from here to your Desktop.
  • Make sure that CKScanner.exe is on the your Desktop before running the application!
  • Right click on CKScanner.exe and select: Run as Administrator then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Next

  • Please download this tool from Microsoft.
  • Right click on MGADiag.exe and select: Run as Administrator.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

Please let me know if the computer is used for business in any way.

Please also let me know how you obtained the license for Microsoft Office Enterprise 2007
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: My browser opens automatically with My Wb Search

Unread postby Cristina » January 13th, 2013, 6:29 pm

Hello

I have bought this laptop for only one month ago or so, and I was naturally freaked out that I have already spoiled it all.
I was cheking my e-mail at every hour since... Since I thought to go to the computer seller; they offer also technical service and support. So... problem solved.
Nota Bene, the first thing they asked me is that if I really want to keep BearShare, Software Informer and some plug-ins I have had installed and their explanations were similar as yours :)
About your last question, this machine was bought with Windows7 and office 2007 (specifically asked by me because I know it) and it is used exclusively in my personal interest-mostly for music, movies and games. I am a massage therapist, so...

Thank you very much guys, and I'm sorry to bother, but my knowledge about computers is minimal.
Have a nice evening!

PS: I have downloaded CKScanner... is this any good to run for something or I better let it go? :D
Cristina
Active Member
 
Posts: 2
Joined: January 12th, 2013, 9:14 pm

Re: My browser opens automatically with My Wb Search

Unread postby deltalima » January 13th, 2013, 6:37 pm

Hi Cristina,

Since I thought to go to the computer seller; they offer also technical service and support. So... problem solved.


Good to hear that your problem is solved.

PS: I have downloaded CKScanner... is this any good to run for something or I better let it go?


No need to run that software, it is a tool we use to identify problems on the computer but as you problem is resolved there is no need to keep the program.

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 126 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware