View Single Post
Old 13. May 2012, 07:03 AM   #13 (permalink)
George.J's Avatar
Join Date: Oct 2010
Posts: 1,938

Placou thanks for providing furthur info. The downloader & updater is a only a generic virus detection by certain antiviruses. (that can be included in the class of suspicious files). It's not necessary that all antiviruses classify it was malware and hence a detection.

Glad to know you were using all safe practises like WOT, Sandboxie, Limited access Windows account and an anti-malware scanner. The reason that had caused this problem is sadly your sheer carelessness. As I told there's a high chance that Ask was installed from Soft32 downloader. Probably after unchecking both the checkboxes you might have clicked "Accept" button instead of "Decline". This is how Ask forges itself to make people think that you have to "Accept" this change to install the software on the system.

For example watch this screenshot: .

Now for the cleanup, we would like you to perform these, for furthur help. Close all other running programs before you run these tests.
  1. Fix these with HiJackThis – mark them, close IE, click fix checked

    R3 - URLSearchHook: Search Results Toolbar - {e5593220-bcaf-4b30-89fe-af988d0eacaa} - C:\Program Files\searchresults\toolbar2X.dll (file missing)

    O4 - HKLM\..\RunOnce: [PM_reg] c:\windows\regedit.exe /s c:\sysprep\Nic_pm.reg
  1. Click START->RUN->type in %temp%-> OK->Edit->Select all-> File->Delete

    Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

    Empty the recycle bin

    Boot and post a new hijack log.
  1. Since we have hardly any time to analyze GMER log, download and run zip archive of Kaspersky
    , run the exe file and note if you have any rootkits on your system.
  1. Uninstall Firefox completly from your system. Use this guide
If you seek for attention, do common things in life in an uncommon way!
George.J is offline   Reply With Quote