Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ask toolbar removal help.


  • This topic is locked This topic is locked
2 replies to this topic

#1 Zestypanda

Zestypanda

  • Members
  • 603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny San Diego, California.
  • Local time:08:29 AM

Posted 03 July 2011 - 05:49 PM

Old thread
Okay, I am posting this because of the ask toolbar talking over, obviously I want the dang thing gone FOR GOOD!
This all started about a few weeks ago when I installed a new program, I was careless (probably because I was tired from finals) and I just clicked agree to everything (probably agreed to give up my first born male to the ask corporation if I had read the eula, lol) after it was finished installing I started up my favorite web browser Mozilla Firefox (version 5.0) and I found that ask had left a nice surprise for me, my home page had been changes and EVERY search bar on firefox (I have three, main url box a google search box to the right of the url box and the default homepage search box has been taken over by ask search.
Also ie had a stupid ask toolbar that would not uninstall (finally got it removed but with much difficulty.) Sadly, the even after I had reverted my ie search bars and the firefox url box and google search bar (the one to hte right of the url bar) the main homepage search still gets taken over by ask.com I have searched through the about:config and thought I removed all traces of it, I even went searching through the jungle you call the registry, I can seed to get this stupid parasite off of my computer, it's like ask is turning their toolbar into a rootkit!

Oh, before I run gmer this is what it looks like Posted Image I don't know if that is bad that there that many option greyed out, I didn't do anything to it.



Here is the dds log


.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
Run by Ryan at 15:29:39 on 2011-07-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4077.2314 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\windows\system32\taskhost.exe
C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\windows\Explorer.EXE
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
C:\Users\Ryan\AppData\Local\Temp\HBCD\SpywareTerminator\sp_rsser.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\windows\system32\conhost.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\explorer.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page =
uSearch Bar =
mStart Page = hxxp://lenovo.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A820C16A-2FA8-4680-986F-472EE0D01B13} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A820C16A-2FA8-4680-986F-472EE0D01B13}\7457563747 : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\zyb7wraa.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\system32\DRIVERS\avgrkx64.sys --> C:\windows\system32\DRIVERS\avgrkx64.sys [?]
R0 LHDmgr;LHDmgr;C:\windows\system32\DRIVERS\LhdX64.sys --> C:\windows\system32\DRIVERS\LhdX64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\system32\DRIVERS\avgldx64.sys --> C:\windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\system32\DRIVERS\avgmfx64.sys --> C:\windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdia.sys --> C:\windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2010-12-22 46080]
R2 Slidebar Notifier Service;Slidebar Notifier Service;C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [2011-3-10 69568]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\windows\system32\DRIVERS\stflt.sys --> C:\windows\system32\DRIVERS\stflt.sys [?]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atikmdag.sys --> C:\windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?]
R3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;C:\windows\system32\DRIVERS\jmccgp.sys --> C:\windows\system32\DRIVERS\jmccgp.sys [?]
R3 JmUsbVideo;JMicron 31x Upper Filter Driver;C:\windows\system32\Drivers\jmcam.sys --> C:\windows\system32\Drivers\jmcam.sys [?]
R3 JmUsbVideo2;JMicron 31x Lower Filter Driver;C:\windows\system32\Drivers\jmcam_lo.sys --> C:\windows\system32\Drivers\jmcam_lo.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btusbflt;Bluetooth USB Filter;C:\windows\system32\drivers\btusbflt.sys --> C:\windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;\??\C:\windows\system32\drivers\hitmanpro35.sys --> C:\windows\system32\drivers\hitmanpro35.sys [?]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-07-02 04:47:43 -------- d-----w- C:\Users\Ryan\AppData\Local\{A787E851-A235-440B-8E80-0E96DC376EE1}
2011-07-01 18:27:11 -------- d-----w- C:\ProgramData\!SASCORE
2011-07-01 03:45:54 -------- d-----w- C:\Users\Ryan\AppData\Local\Google
2011-06-30 15:30:32 -------- d-----w- C:\Users\Ryan\AppData\Local\{7353A2CD-4252-46C3-A140-EA58AEBD4F67}
2011-06-30 04:42:23 -------- dc-h--w- C:\ProgramData\{0DE50C9D-4543-4E98-AD03-1BFD049ABE78}
2011-06-30 04:42:20 -------- d-----w- C:\Program Files (x86)\Gregion
2011-06-30 02:04:37 -------- d-----w- C:\Users\Ryan\AppData\Local\{9748B510-29D7-40DF-9C54-6D6E3A7BBC48}
2011-06-30 01:13:05 695578 ----a-w- C:\windows\SysWow64\unins000.exe
2011-06-30 01:13:05 65536 ----a-w- C:\windows\SysWow64\camcodec.dll
2011-06-29 19:06:45 -------- dc----w- C:\Users\Ryan\AppData\Local\MigWiz
2011-06-27 03:24:03 -------- d-----w- C:\Users\Ryan\AppData\Local\{5A65933F-479E-472F-9AE1-E74E654E076C}
2011-06-25 20:00:59 39984 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-25 20:00:56 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-25 00:37:45 -------- d-----w- C:\ProgramData\Team MediaPortal
2011-06-25 00:32:38 -------- d-----w- C:\ProgramData\MySQL
2011-06-25 00:27:25 -------- d-----w- C:\Program Files\MySQL
2011-06-24 03:38:29 -------- d-----w- C:\Users\Ryan\AppData\Roaming\DVDVideoSoftIEHelpers
2011-06-24 03:38:09 -------- d-----w- C:\Users\Ryan\AppData\Roaming\DVDVideoSoft
2011-06-22 08:06:20 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-06-22 08:06:20 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-06-22 08:06:20 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-06-22 04:55:08 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Hanso Burner
2011-06-22 04:55:05 -------- d-----w- C:\Program Files (x86)\Hanso Burner
2011-06-21 19:16:36 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-21 19:05:15 -------- d-----w- C:\ProgramData\Application
2011-06-21 17:56:09 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2011-06-21 03:12:38 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Spyware Terminator
2011-06-21 03:12:38 -------- d-----w- C:\ProgramData\Spyware Terminator
2011-06-21 01:45:09 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-06-21 01:44:40 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-06-21 01:41:37 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-06-21 01:41:29 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-06-20 20:35:56 -------- d-----w- C:\Users\Ryan\AppData\Local\Deployment
2011-06-20 20:27:34 -------- d-----w- C:\Users\Ryan\AppData\Local\Sundance
2011-06-20 20:27:34 -------- d-----w- C:\Users\Ryan\AppData\Local\sdTemp
2011-06-20 20:25:15 -------- d-----w- C:\Users\Ryan\AppData\Local\RockMelt
2011-06-20 05:50:06 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Avant Browser
2011-06-20 05:23:12 -------- d-----w- C:\Users\Ryan\AppData\Local\Bowser's_Return_RPG_Produ
2011-06-19 02:25:29 -------- d-----w- C:\Program Files (x86)\nLite
2011-06-18 19:07:09 -------- d-----w- C:\Program Files (x86)\MagicISO
2011-06-17 21:30:17 65536 ----a-w- C:\windows\System32\camcodec.dll
2011-06-17 21:26:34 102400 ----a-w- C:\windows\SysWow64\tsccvid.dll
2011-06-17 05:24:49 -------- d-----w- C:\Users\Ryan\AppData\Local\{9DE73885-418B-40A7-A45C-C7DF63965AE2}
2011-06-16 04:03:36 -------- d-----w- C:\ProgramData\Skype Extras
2011-06-16 04:00:18 -------- d-----r- C:\Program Files (x86)\Skype
2011-06-15 02:15:12 1923968 ----a-w- C:\windows\System32\drivers\tcpip.sys
2011-06-15 02:15:11 499200 ----a-w- C:\windows\System32\drivers\afd.sys
2011-06-15 02:15:05 861696 ----a-w- C:\windows\System32\oleaut32.dll
2011-06-15 02:15:05 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2011-06-15 02:15:04 3135488 ----a-w- C:\windows\System32\win32k.sys
2011-06-15 02:15:03 976896 ----a-w- C:\windows\System32\inetcomm.dll
2011-06-15 02:15:03 741376 ----a-w- C:\windows\SysWow64\inetcomm.dll
2011-06-15 02:15:03 289280 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
2011-06-15 02:15:03 158208 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2011-06-15 02:15:03 128000 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
2011-06-15 02:15:02 467456 ----a-w- C:\windows\System32\drivers\srv.sys
2011-06-15 02:15:02 410112 ----a-w- C:\windows\System32\drivers\srv2.sys
2011-06-15 02:15:02 168448 ----a-w- C:\windows\System32\drivers\srvnet.sys
2011-06-14 23:02:27 -------- d-----w- C:\Program Files (x86)\CamStudio 2.6b
2011-06-13 20:49:51 -------- d-----w- C:\Program Files (x86)\Xcarab
2011-06-13 20:41:41 306688 ----a-w- C:\windows\IsUninst.exe
2011-06-13 03:59:17 -------- d-----w- C:\Program Files\DivX
2011-06-13 03:50:09 -------- d-----w- C:\Program Files (x86)\DivX
2011-06-13 03:43:49 -------- d-----w- C:\ProgramData\DivX
2011-06-11 18:49:14 -------- d-----w- C:\Program Files (x86)\Element Software
2011-06-11 01:36:45 -------- dc----w- C:\ProgramData\{CE6FA774-7B84-4FA3-A7F4-3D90999715BD}
2011-06-07 02:06:34 20040 ----a-w- C:\windows\System32\drivers\hitmanpro35.sys
2011-06-06 03:27:05 -------- d-----w- C:\Users\Ryan\AppData\Roaming\GetRightToGo
2011-06-05 01:28:29 -------- d-----w- C:\ProgramData\Remote Control PC
2011-06-05 01:28:28 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Remote Control PC
2011-06-04 23:26:39 -------- d-----w- C:\Users\Ryan\AppData\Local\Electronic Arts
2011-06-04 01:43:37 -------- d-----w- C:\Users\Ryan\AppData\Roaming\TurboIRC 7
2011-06-04 01:43:37 -------- d-----w- C:\ProgramData\TurboIRC 7
.
==================== Find3M ====================
.
2011-06-21 06:06:39 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-01 04:35:10 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll
2011-05-29 16:11:20 25912 ----a-w- C:\windows\System32\drivers\mbam.sys
2011-05-28 19:50:27 294248 ----a-w- C:\windows\System32\drivers\VMM.sys
2011-05-24 11:42:55 404480 ----a-w- C:\windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\windows\SysWow64\drvinst.exe
2011-05-10 03:47:48 466520 ----a-w- C:\windows\System32\wrap_oal.dll
2011-05-10 03:47:48 445016 ----a-w- C:\windows\SysWow64\wrap_oal.dll
2011-05-10 03:47:48 122968 ----a-w- C:\windows\System32\OpenAL32.dll
2011-05-10 03:47:48 109144 ----a-w- C:\windows\SysWow64\OpenAL32.dll
2011-05-04 05:25:03 2315776 ----a-w- C:\windows\System32\tquery.dll
2011-05-04 05:22:25 778752 ----a-w- C:\windows\System32\mssvp.dll
2011-05-04 05:22:25 2223616 ----a-w- C:\windows\System32\mssrch.dll
2011-05-04 05:22:24 75264 ----a-w- C:\windows\System32\msscntrs.dll
2011-05-04 05:22:24 491520 ----a-w- C:\windows\System32\mssph.dll
2011-05-04 05:22:24 288256 ----a-w- C:\windows\System32\mssphtb.dll
2011-05-04 05:19:28 591872 ----a-w- C:\windows\System32\SearchIndexer.exe
2011-05-04 05:19:28 249856 ----a-w- C:\windows\System32\SearchProtocolHost.exe
2011-05-04 05:19:28 113664 ----a-w- C:\windows\System32\SearchFilterHost.exe
2011-05-04 04:34:43 1549312 ----a-w- C:\windows\SysWow64\tquery.dll
2011-05-04 04:32:02 666624 ----a-w- C:\windows\SysWow64\mssvp.dll
2011-05-04 04:32:01 337408 ----a-w- C:\windows\SysWow64\mssph.dll
2011-05-04 04:32:01 197120 ----a-w- C:\windows\SysWow64\mssphtb.dll
2011-05-04 04:32:01 1401344 ----a-w- C:\windows\SysWow64\mssrch.dll
2011-05-04 04:32:00 59392 ----a-w- C:\windows\SysWow64\msscntrs.dll
2011-05-04 04:28:31 86528 ----a-w- C:\windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:28:31 427520 ----a-w- C:\windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28:31 164352 ----a-w- C:\windows\SysWow64\SearchProtocolHost.exe
2011-04-26 21:37:38 56816 ----a-w- C:\windows\System32\drivers\VBoxUSBMon.sys
2011-04-24 01:18:10 815104 ----a-w- C:\windows\SysWow64\xvidcore.dll
2011-04-24 01:18:10 77824 ----a-w- C:\windows\SysWow64\xvid.ax
2011-04-24 01:18:10 344576 ----a-w- C:\windows\SysWow64\grgvvid.dll
2011-04-24 01:18:10 180224 ----a-w- C:\windows\SysWow64\xvidvfw.dll
2011-04-23 01:29:25 2303488 ----a-w- C:\windows\System32\jscript9.dll
2011-04-23 01:19:19 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2011-04-22 23:35:56 1797632 ----a-w- C:\windows\SysWow64\jscript9.dll
2011-04-22 23:25:54 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2011-04-22 22:15:29 27520 ----a-w- C:\windows\System32\drivers\Diskdump.sys
2011-04-22 04:30:02 5632 ----a-w- C:\windows\System32\bbchlp.dll
2011-04-22 04:30:02 4608 ----a-w- C:\windows\System32\drivers\bbcap.sys
2011-04-22 04:30:02 37376 ----a-w- C:\windows\System32\bbcap.dll
2011-04-15 04:28:24 118864 ----a-w- C:\windows\System32\drivers\AVGIDSDriver.sys
2011-04-10 01:55:44 15453336 ----a-w- C:\windows\SysWow64\xlive.dll
2011-04-10 01:55:42 13642904 ----a-w- C:\windows\SysWow64\xlivefnt.dll
2011-04-10 01:09:47 175616 ----a-w- C:\windows\System32\msclmd.dll
2011-04-10 01:09:47 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2011-04-09 07:02:55 5562240 ----a-w- C:\windows\System32\ntoskrnl.exe
2011-04-09 06:58:56 142336 ----a-w- C:\windows\System32\poqexec.exe
2011-04-09 06:02:25 3967872 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02:25 3912576 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56:38 123904 ----a-w- C:\windows\SysWow64\poqexec.exe
2011-04-05 07:59:54 377936 ----a-w- C:\windows\System32\drivers\avgtdia.sys
.
============= FINISH: 15:30:07.11 ===============







I have attached the other log as a zip file, per requested by the instructions in the dds log.Attached File  Attach.zip   3.48KB   1 downloads

Sorry to bump, but it has been almost two days.

EDIT: Please be patient. There are over 340 unanswered topics in this forum at present and the current average wait time to receive help is 12 days. ~Budapest

Edited by Budapest, 05 July 2011 - 04:59 PM.

Have a question, or just wanna chat? Send me a message. Or add me as a friend.

 


BC AdBot (Login to Remove)

 


#2 Zestypanda

Zestypanda
  • Topic Starter

  • Members
  • 603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny San Diego, California.
  • Local time:08:29 AM

Posted 14 July 2011 - 01:45 PM

Well, after I gave up all hope I just uninstalled and deleted my user profile data with firefox reinstalled (losd all my bookmarks,saved passwords, addons, preferences) but the ask.com redirect is gone.

Have a question, or just wanna chat? Send me a message. Or add me as a friend.

 


#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:29 PM

Posted 14 July 2011 - 04:45 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users