Windows 7 Ultimate 64 bit dll errors & Internet Explorer 10 crashing


  1. rocknroller
    Posts : 10
    windows 7 ultimate
       New #1

    Windows 7 Ultimate 64 bit dll errors & Internet Explorer 10 crashing


    I am running the above program on an Asus Crossfire II board with AMD 2.6 GHz quad core processor.

    Anyway my problem is this:
    I cannot get to IE no matter what and all I get is the following error message

    "Windows shell common dll has stopped working"

    When I go to control panel and try to get to "internet options" , it closes out with that message.

    I have run sfc /scannow as an admin and it found no errors.

    Would you be so kind as to point me in the right direction as this issue is present on both desktops running this program?

    rocknroller


    We handle all issues in threads so others can contribute and learn. This works out in your interest because chances are someone else has seen this issue and knows the solution. So be sure to title the thread very descriptively, perhaps with the DLL error + can't open IE. I'd put it in General forum.

    I'll answer in your thread. Meanwhile run a full scan with Malwarebytes,
    in Safe Mode if necessary installing it via flash stick if you can't download it on that PC. Then run SFC /SCANNOW Command if necessary SFC /SCANNOW Run in Command Prompt at Boot.

    Report the results of these in the thread, so we can keep all help there to help others and get you the best help.
    Last edited by rocknroller; 05 Aug 2013 at 20:33. Reason: Need to post this in general forum and not pvt. msg.
      My Computer
    Quote Quote

  3. gregrocker
    Posts : 50,642
       New #2

    What were the results of these steps:

    run a full scan with Malwarebytes , in Safe Mode if necessary installing it via flash stick if you can't download it on that PC.

    Then run SFC /SCANNOW Command, if necessary SFC /SCANNOW Run in Command Prompt at Boot from System Recovery Options

      My Computer
    Quote Quote

  4. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #3

    rocknroller

    On another PC download the tool below and use a USB Flash drive to place it on the PC you're having an issue with

    Farbar Recovery Scan Tool


    64-Bit Version OS Farbar Recovery Scan Tool x64 <===== Download Link

    Drag the FRST64.exe from the USB flash drive to your Desktop on the issue PC

    Right click on FRST64.exe and choose

    When the tool opens click Yes on the disclaimer window .

    Press Scan button.

    FRST will let you know when the scan is complete and has written the FRST.txt to file

       Note
    The first time Farbar Recovery Scan Tool is run, it makes also another log Addition.txt


    Please upload both logs in your reply.(FRST.txt and Addition.txt)

    FRST.txt and Addition.txt will be on the Desktop

    Upload a File
    Click on the Go Advanced button under the Message box . Scroll down to Additional Options then click on Manage Attachments in the Attach Files sections . Click the Browse button locate the file then click on the Open button . In the Upload File from your Computer section click on the Upload button . Wait until it finishes uploading then close the window . Then click Submit Reply .
      My Computer
    Quote Quote

  6. rocknroller
    Posts : 10
    windows 7 ultimate
    Thread Starter
       New #4

    Ok....I have run the following as instructed.....

    1st malwarebytes scan: Ran a full scan
    Time 1:46:31 Found 96 objects
    I checked all 96 and had them all deleted

    2nd Malwarebytes scan: Checked and installed new updates then ran a full scan
    Time 1:51:36 Found 4 objects
    I will post both Malwarebytes logs following this posting

    Then after 2nd scan, I ran sfc /scannow
    Received the following message: Windows resource protection did not find any integrity violations
      My Computer
    Quote Quote

  7. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #5

    Lets see what the tool in post #3 locates
      My Computer
    Quote Quote

  8. rocknroller
    Posts : 10
    windows 7 ultimate
    Thread Starter
       New #6

    Malwarebytes Logs 080513


    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.08.05.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16635
    Sanford :: MEDIA [administrator]

    8/5/2013 5:22:40 PM
    mbam-log-2013-08-05 (17-22-40).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 400097
    Time elapsed: 1 hour(s), 46 minute(s), 31 second(s)

    Memory Processes Detected: 4
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 1668 -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 1872 -> Delete on reboot.
    C:\Program Files (x86)\DnsBasic\dnsbasic.exe (Adware.OneStep) -> 1236 -> Delete on reboot.
    C:\Program Files (x86)\DnsBasic\dnsbasic.exe (Adware.OneStep) -> 1920 -> Delete on reboot.

    Memory Modules Detected: 2
    C:\Program Files (x86)\DnsBasic\dnsbasic.dll (Adware.OneStep) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Delete on reboot.

    Registry Keys Detected: 15
    HKLM\SYSTEM\CurrentControlSet\Services\DnsBasic Service (Adware.OneStep) -> Quarantined and deleted successfully.
    HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Delete on reboot.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Delete on reboot.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\SearchQUIEHelper.DNSGuard (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
    HKCR\SearchQUIEHelper.DNSGuard.1 (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.

    Registry Values Detected: 2
    HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: C:\Program Files\Updater By SweetPacks\Firefox -> Quarantined and deleted successfully.

    Registry Data Items Detected: 2
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bad: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) Good: () -> Delete on reboot.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.FunMoods) -> Bad: (Funmoods Search) Good: (Google) -> Quarantined and repaired successfully.

    Folders Detected: 21
    C:\Users\Sanford\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\SpeedAnalysis2 (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods\us (PUP.FunMoods) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods\us\20101003 (PUP.FunMoods) -> Quarantined and deleted successfully.
    C:\ProgramData\BrowserDefender\2.6.1519.190 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
    C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
    C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.

    Files Detected: 50
    C:\Program Files (x86)\DnsBasic\dnsbasic.dll (Adware.OneStep) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\Program Files (x86)\DnsBasic\dnsbasic.exe (Adware.OneStep) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\DnsBasic\dnsbasic111.exe (Adware.OneStep) -> Quarantined and deleted successfully.
    C:\ProgramData\ssafe yssaveu\51c7b8c32b897.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\File Scout\filescout.exe (Trojan.PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\OpenCandy\46B42BECB28F4BDCBC6A57E74BC1EAFC\SliderCWAv4.1.22.3_20130 501.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\OpenCandy\7DCFA656BA0A48DF83EB80D8FC9321D6\SliderASPCAv4.1.22.1_201 30501.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\OpenCandy\9456E39693E64B1893A2CC5CA387A513\WS_p3v1.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.
    C:\Users\Sanford\Downloads\Flash_Setup.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
    C:\Users\Sanford\Downloads\regrun_warrior_cd_958.exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
    C:\Users\Sanford\Downloads\SoftonicDownloader_for_unhackme.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
    C:\Users\Sanford\Downloads\Ultimate Boot CD.exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\upgrade[1].cab (Adware.OneStep) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods\us\20101003\kywrds.tat (PUP.FunMoods) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods\us\20101003\kywrds.ttr (PUP.FunMoods) -> Quarantined and deleted successfully.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.

    (end)











    ord MESSAGE Database refreshed successfully
      My Computer
    Quote Quote

  10. rocknroller
    Posts : 10
    windows 7 ultimate
    Thread Starter
       New #7

    Malwarebytes Log 080513 Part 2


    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.08.05.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16635
    Sanford :: MEDIA [administrator]

    8/5/2013 5:22:40 PM
    MBAM-log-2013-08-05 (19-43-30).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 400097
    Time elapsed: 1 hour(s), 46 minute(s), 31 second(s)

    Memory Processes Detected: 4
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 1668 -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 1872 -> No action taken.
    C:\Program Files (x86)\DnsBasic\dnsbasic.exe (Adware.OneStep) -> 1236 -> No action taken.
    C:\Program Files (x86)\DnsBasic\dnsbasic.exe (Adware.OneStep) -> 1920 -> No action taken.

    Memory Modules Detected: 2
    C:\Program Files (x86)\DnsBasic\dnsbasic.dll (Adware.OneStep) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> No action taken.

    Registry Keys Detected: 15
    HKLM\SYSTEM\CurrentControlSet\Services\DnsBasic Service (Adware.OneStep) -> No action taken.
    HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> No action taken.
    HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> No action taken.
    HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> No action taken.
    HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> No action taken.
    HKCR\SearchQUIEHelper.DNSGuard (PUP.Optional.SearchQu) -> No action taken.
    HKCR\SearchQUIEHelper.DNSGuard.1 (PUP.Optional.SearchQu) -> No action taken.
    HKCU\SOFTWARE\funmoods (PUP.FunMoods) -> No action taken.
    HKCU\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> No action taken.
    HKLM\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> No action taken.

    Registry Values Detected: 2
    HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: -> No action taken.
    HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: C:\Program Files\Updater By SweetPacks\Firefox -> No action taken.

    Registry Data Items Detected: 2
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bad: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) Good: () -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.FunMoods) -> Bad: (Funmoods Search) Good: (Google) -> No action taken.

    Folders Detected: 21
    C:\Users\Sanford\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\SpeedAnalysis2 (PUP.Optional.SpeedAnalysis.A) -> No action taken.
    C:\Users\Sanford\AppData\LocalLow\Funmoods (PUP.FunMoods) -> No action taken.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> No action taken.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods\us (PUP.FunMoods) -> No action taken.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods\us\20101003 (PUP.FunMoods) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> No action taken.
    C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> No action taken.
    C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> No action taken.
    C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> No action taken.

    Files Detected: 50
    C:\Program Files (x86)\DnsBasic\dnsbasic.dll (Adware.OneStep) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\Program Files (x86)\DnsBasic\dnsbasic.exe (Adware.OneStep) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\DnsBasic\dnsbasic111.exe (Adware.OneStep) -> No action taken.
    C:\ProgramData\ssafe yssaveu\51c7b8c32b897.dll (PUP.Optional.MultiPlug.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\File Scout\filescout.exe (Trojan.PUP.Optional.FileScout.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\OpenCandy\46B42BECB28F4BDCBC6A57E74BC1EAFC\SliderCWAv4.1.22.3_20130 501.msi (PUP.Optional.WeCare.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\OpenCandy\7DCFA656BA0A48DF83EB80D8FC9321D6\SliderASPCAv4.1.22.1_201 30501.msi (PUP.Optional.WeCare.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\OpenCandy\9456E39693E64B1893A2CC5CA387A513\WS_p3v1.exe (PUP.Optional.Amonetize) -> No action taken.
    C:\Users\Sanford\Downloads\Flash_Setup.exe (PUP.Optional.AirInstaller) -> No action taken.
    C:\Users\Sanford\Downloads\regrun_warrior_cd_958.exe (PUP.BundleInstaller.DW) -> No action taken.
    C:\Users\Sanford\Downloads\SoftonicDownloader_for_unhackme.exe (PUP.Optional.Softonic) -> No action taken.
    C:\Users\Sanford\Downloads\Ultimate Boot CD.exe (PUP.Optional.Solimba) -> No action taken.
    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\upgrade[1].cab (Adware.OneStep) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx (PUP.Optional.SpeedAnalysis.A) -> No action taken.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods\us\20101003\kywrds.tat (PUP.FunMoods) -> No action taken.
    C:\Users\Sanford\AppData\LocalLow\Funmoods\Funmoods\us\20101003\kywrds.ttr (PUP.FunMoods) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Sanford\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> No action taken.

    (end)

    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.08.05.09

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16635
    Sanford :: MEDIA [administrator]

    8/5/2013 8:00:41 PM
    mbam-log-2013-08-05 (20-00-41).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 400085
    Time elapsed: 1 hour(s), 55 minute(s), 34 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 2
    C:\ProgramData\BrowserDefender\2.6.1519.190 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.

    Files Detected: 0
    (No malicious items detected)

    (end)

    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.08.05.09

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16635
    Sanford :: MEDIA [administrator]

    8/5/2013 8:00:41 PM
    MBAM-log-2013-08-05 (21-57-16).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 400085
    Time elapsed: 1 hour(s), 55 minute(s), 34 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 2
    C:\ProgramData\BrowserDefender\2.6.1519.190 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> No action taken.

    Files Detected: 0
    (No malicious items detected)

    (end)

    2013/08/05 20:00:13 -0500 MEDIA Sanford MESSAGE Starting database refresh
    2013/08/05 20:00:39 -0500 MEDIA Sanf
      My Computer
    Quote Quote

  11. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #8

    AdwCleaner

    Click here AdwCleaner

    Click on Download Now button

    Save to the Desktop

    Right-click on AdwCleaner.exe and choose

    Click on Delete and confirm the prompt.



    Your computer will be rebooted automatically. A text file will open after the restart.

    Upload the log : The log file is at C:\AdwCleaner[Sn].txt

    Then run

    Junkware Removal Toolkit

    Click here Junkware Removal Tool to download

    Drag the JRT.exe from the Downloads folder to your Desktop

    Right click JRT.exe and choose

    Once done upload the JRT.txt file
      My Computer
    Quote Quote

  12. rocknroller
    Posts : 10
    windows 7 ultimate
    Thread Starter
       New #9

    Cannot open email attachments


    OK....I have posted the Malwarebytes Logs in 2 parts because the site wouldn't allow a post above 20,000 characters so the logs are identified as Part 1 and Part 2 respectively



    UPDATE:
    I have noticed a related new issue:

    I cannot open any email attachments and just get the error message message:

    "Internet explorer has stopped working - A problem caused the program to stop working correctly.Windows will close the program and notify you if a solution is available."

    Then I click on the "close program" icon at the bottom of the message and it takes me back to the original message without opening the attachment.
    Last edited by rocknroller; 06 Aug 2013 at 11:07. Reason: Update on this issue
      My Computer
    Quote Quote

 

  Related Discussions
Hello Forum, I have the following issues - 1. First received the message on the computer from MS informing that we had an error - went to view details it said that we had a Error 1033. I went and pushed the button to get MS to fix this issue - but continually receive the message that I have...
Hello everyone, I made a clean install of Windows 7 Ultimate x64 and installed all my usual software (the same i used on Windows Vista) but now i keep getting BSOD all the time. I noticed it started happening when i installed Kaspersky Internet Security 2013 and Internet Download Manager...
Here is the error message. Problem signature: Problem Event Name: APPCRASH Application Name: explorer.exe Application Version: 6.1.7601.17514 Application Timestamp: 4ce7a144 Fault Module Name: ntdll.dll Fault Module Version: 6.1.7601.17514 Fault Module...
Hi all, I am using Window7 64 bit version. I have a problem when I was trying to open a folder. When I open this particular folder windows explorer is crashing and saying cannot access memory (with different addresses). All other folders are opening properly. Also, there are few vedio files in...
Hey, just joined the forums so hi to everyone :D Now to tell you about my problem as its getting really annoying now, when ever im in the IE8 and ive got a few tabs open, if i ever close a tab ill get a box saying 'internet exploarer not found' whatever .. and i can either cancel or close the...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 06:37.
Find Us