• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
donnie126

Cannot uninstall MarkAny ContentSafer

5 posts in this topic

I am running Windows Vista Home Basic 32-bit with Service Pack 2. Upon browsing my Program Files folder, I have discovered a strange tree of folders which I do not remember authorizing to be installed on my system. The tree is C:\Program Files\MarkAny\ContentSafer. The Programs and Features (Add/Remove Programs) control panel confirms that a program called "ContentSAFER for Wizmax" is installed on my machine. Upon researching this program, I discovered that it can manifest itself onto my machine when I plug in a Samsung MP3 player (such as a Q2, like one I have recently acquired). Most of what I have read about this program says it is a PUP -- Potentially Unwanted Program -- and some users even go so far as to label it as spyware. The only problem is, any attempt to uninstall it from Add/Remove Programs has absolutely no effect -- I click "Uninstall/Change" and the machine does absolutely nothing. What alternative method(s) would you suggest for removing this PUP?

 

Thank you.

 

Brandon Taylor

 

EDIT: Please read the FAQ and post a log... Our helpers can't help without details to review...

Edited by Budfred

Share this post


Link to post
Share on other sites

I am running Windows Vista Home Basic 32-bit with Service Pack 2. Upon browsing my Program Files folder, I have discovered a strange tree of folders which I do not remember authorizing to be installed on my system. The tree is C:\Program Files\MarkAny\ContentSafer. The Programs and Features (Add/Remove Programs) control panel confirms that a program called "ContentSAFER for Wizmax" is installed on my machine. Upon researching this program, I discovered that it can manifest itself onto my machine when I plug in a Samsung MP3 player (such as a Q2, like one I have recently acquired). Most of what I have read about this program says it is a PUP -- Potentially Unwanted Program -- and some users even go so far as to label it as spyware. The only problem is, any attempt to uninstall it from Add/Remove Programs has absolutely no effect -- I click "Uninstall/Change" and the machine does absolutely nothing. What alternative method(s) would you suggest for removing this PUP?

 

Thank you.

 

Brandon Taylor

 

EDIT: Please read the FAQ and post a log... Our helpers can't help without details to review...

 

As requested, here is my HiJackThis log.

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 2:56:14 AM, on 9/3/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18943)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files\Dell V105\dldnmon.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\stickies\stickies.exe

C:\Program Files\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe

C:\Program Files\Dell V105\dldnMsdMon.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

C:\Windows\system32\SearchFilterHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: IE Session Manager - {0893E729-5E25-471B-9836-A1A708F8A3F2} - C:\Program Files\IE Session Manager\IESessionManager.dll

O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL

O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll

O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [dldnamon] "C:\Program Files\Dell V105\dldnamon.exe"

O4 - HKLM\..\Run: [dldnmon.exe] "C:\Program Files\Dell V105\dldnmon.exe"

O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

O4 - HKCU\..\Run: [sansaDispatch] C:\Users\Administrator\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3767498533-36595516-2229111898-1009\..\Run: [Google Update] "C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'Brandon')

O4 - S-1-5-21-3767498533-36595516-2229111898-1009 Startup: HughesNetStatusMeter.lnk = C:\Program Files\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe (User 'Brandon')

O4 - S-1-5-21-3767498533-36595516-2229111898-1009 User Startup: HughesNetStatusMeter.lnk = C:\Program Files\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe (User 'Brandon')

O4 - Startup: HughesNetStatusMeter.lnk = C:\Program Files\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe

O4 - Global Startup: Stickies.lnk = C:\Program Files\stickies\stickies.exe

O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O15 - Trusted Zone: http://www.candystand.com

O15 - Trusted Zone: *.facebook.com

O16 - DPF: ActiveGS.cab - http://www.virtualapple.org/gs.cab

O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: dldnCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldnserv.exe

O23 - Service: dldn_device - - C:\Windows\system32\dldncoms.exe

O23 - Service: Google Update Service (gupdate1c98cead4c4906f) (gupdate1c98cead4c4906f) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

 

--

End of file - 8941 bytes

Share this post


Link to post
Share on other sites

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

 

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

 

Thank you for your patience.

 

 

[this is an automated reply]

Share this post


Link to post
Share on other sites

Hi,

I'm nasdaq and will be helping you.

 

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

 

In this topic it's suggested to use this Revo Uninstaller

 

http://forums.majorgeeks.com/showthread.php?t=208306

===

 

Hope it helps.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this Topic is closed.

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0