Help, can not remove Searchqu/virus

[Absenthe]

Hi all

I have found this forum and it looks like some very helpfull people are around on it, Maybe you guys can help me, I have had Searchqu on the system due to it slipping in somehow, I thought I had gotten rid of it the usual way, but now the Tab opened up using search option using right mouse button on highlighted word opens up and is using the search engine I have not selected, after reading up on it it is something to do with Searchqu?

Here is the DDS (I think)

I maybe think its got something to do with this?

uStart Page = hxxp://www.searchnu.com/406

All help is welcome, I thank you now in advance.

Regards

Phil

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe

C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe

C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Program Files (x86)\Belkin\Nostromo\nost_LM.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Belkin\Nostromo\LoadoutManagerHelper.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Phillip Hobbs\Desktop\OTL.com

C:\Windows\notepad.exe

C:\Windows\notepad.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.searchnu.com/406

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll

TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File

TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

uRun: [<NO NAME>]

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NOSTRO~1.LNK - C:\Windows\Installer\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}\NewShortcut2_548C7B778B04427EACD0D0E6E6E59BCF.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: Interfaces\{36754C3E-8208-4A9B-AC5B-52F1FE707BEE} : DhcpNameServer = 10.37.48.1

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

BHO-X64: AVG Do Not Track - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll

TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File

TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Phillip Hobbs\AppData\Roaming\Mozilla\Firefox\Profiles\wvoz6khd.default\

FF - prefs.js: browser.search.selectedEngine - Search Results

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=390&systemid=406&sr=0&q=

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll

FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\system32\DRIVERS\hssdrv6.sys --> C:\Windows\system32\DRIVERS\hssdrv6.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-5 361984]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-30 5106744]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]

R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]

R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2011-3-9 21504]

R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-7-13 471408]

R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2012-7-10 385392]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-25 655944]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdLH6.sys --> C:\Windows\system32\drivers\AtihdLH6.sys [?]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]

R3 c65013264;C-Media CM6501 Like Sound UDAX Interface;C:\Windows\system32\drivers\c6501.sys --> C:\Windows\system32\drivers\c6501.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

RUnknown SASKUTIL;SASKUTIL; [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-16 250056]

S3 bcgame;Nostromo HID Device Minidriver;C:\Windows\system32\drivers\bcgame.sys --> C:\Windows\system32\drivers\bcgame.sys [?]

S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2011-3-9 19968]

S3 STTub30;USB Driver for Tube device v3.0.1.0;C:\Windows\System32\drivers\STTub30.sys [2009-3-24 31104]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-3-9 89920]

.

=============== File Associations ===============

.

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2012-07-25 14:59:58 -------- d-----w- C:\Users\Phillip Hobbs\AppData\Roaming\Malwarebytes

2012-07-25 14:59:43 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-07-25 14:59:43 -------- d-----w- C:\ProgramData\Malwarebytes

2012-07-25 14:59:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-07-24 22:09:48 -------- d-----w- C:\Users\Phillip Hobbs\AppData\Local\Microsoft Corporation

2012-07-24 19:46:17 -------- d-----w- C:\Users\Phillip Hobbs\AppData\Roaming\DriverCure

2012-07-24 19:46:16 -------- d-----w- C:\Users\Phillip Hobbs\AppData\Roaming\ParetoLogic

2012-07-24 19:45:49 -------- d-----w- C:\ProgramData\ParetoLogic

2012-07-24 19:45:49 -------- d-----w- C:\Program Files (x86)\ParetoLogic

2012-07-24 19:45:49 -------- d-----w- C:\Program Files (x86)\Common Files\ParetoLogic

2012-07-24 19:20:21 -------- d-----w- C:\Users\Phillip Hobbs\AppData\Local\VS Revo Group

2012-07-22 12:16:32 -------- d-----w- C:\Windows\SysWow64\Hotspot Shield

2012-07-21 08:54:21 -------- d-----w- C:\ProgramData\boost_interprocess

2012-07-20 21:15:12 -------- d-----w- C:\Users\Phillip Hobbs\AppData\Local\Ilivid Player

2012-07-15 16:01:08 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-07-15 16:01:07 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-07-15 16:01:07 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-07-15 16:00:05 -------- d-----w- C:\Program Files\iPod

2012-07-15 16:00:02 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-07-15 16:00:02 -------- d-----w- C:\Program Files\iTunes

2012-07-15 16:00:02 -------- d-----w- C:\Program Files (x86)\iTunes

2012-07-15 15:54:03 -------- d-----w- C:\Program Files\Bonjour

2012-07-15 15:54:03 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-07-15 12:03:25 -------- d-----w- C:\Users\Phillip Hobbs\AppData\Roaming\HandBrake

2012-07-15 12:02:52 -------- d-----w- C:\Program Files\Handbrake

2012-07-15 11:55:55 -------- d-----w- C:\Users\Phillip Hobbs\AppData\Local\Geckofx

2012-07-15 11:55:24 -------- d-----w- C:\Program Files (x86)\Regensoft

2012-07-15 11:55:18 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5

2012-07-15 11:30:56 -------- d-----w- C:\ProgramData\Aiseesoft Studio

2012-07-15 11:30:26 -------- d-----w- C:\Program Files (x86)\Aiseesoft Studio

2012-07-11 21:32:41 2769408 ----a-w- C:\Windows\System32\win32k.sys

2012-07-11 20:18:05 9822920 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-07-10 02:48:18 41704 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys

2012-07-09 19:39:17 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2012-07-07 16:32:53 562032 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor13.dll

2012-07-05 17:45:34 5030088 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

.

==================== Find3M ====================

.

2012-07-11 20:18:10 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-11 20:18:10 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-11 19:19:10 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2012-06-11 19:19:10 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-06-07 13:21:03 0 ----a-w- C:\Windows\ativpsrm.bin

2012-06-05 16:47:28 1401856 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-05 16:47:27 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-05 16:22:47 1797120 ----a-w- C:\Windows\System32\msxml6.dll

2012-06-05 16:22:46 1869824 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-04 15:29:59 516480 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 22:12:13 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll

2012-06-02 14:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 14:19:42 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll

2012-06-02 14:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 14:12:20 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe

2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-02 00:22:56 347136 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 00:22:10 254464 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 00:05:11 77312 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 00:04:25 278528 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 00:03:42 204288 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-05-01 14:29:44 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

.

============= FINISH: 17:42:51.39 ===============

[screen317]

Hi and welcome to Malwarebytes.

Please run DDS again and post attach.txt this time.

[Absenthe]

Hi MBAM

As requested i could not zip and attach so pasted it. hope this is ok.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 08/03/2011 11:07:37

System Uptime: 25/07/2012 16:09:03 (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | M2N-E SLI

Processor: AMD Athlon 64 X2 Dual Core Processor 5600+ | Socket AM2 | 2800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 1397 GiB total, 300.993 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.6

AMD VISION Engine Control Center

Apple Application Support

Apple Software Update

µTorrent

Auslogics Disk Defrag

AVG PC Tuneup 2011

AviSynth 2.5

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Cole2k Media - Codec Pack (Advanced) 7.9.5

Counter-Strike: Source

DH Driver Cleaner Professional Edition

dj_sf_software_req

File Type Assistant

FileZilla Client 3.3.5.1

Final Media Player 2011

Half-Life 2: Deathmatch

HandBrake 0.9.6

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotspot Shield 2.61

HydraVision

Java Auto Updater

Java 6 Update 26

JDownloader

Left 4 Dead 2

Malwarebytes Anti-Malware version 1.62.0.1300

Media Player Codec Pack 4.0.2

Microsoft Games for Windows Marketplace

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC100_CRT_SP1_x86

Mozilla Firefox 14.0.1 (x86 en-GB)

Mozilla Thunderbird 13.0.1 (x86 en-GB)

MSVC80_x86_v2

MSVC90_x86

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nokia Connectivity Cable Driver

Nokia Suite

Nostromo

ParetoLogic PC Health Advisor

PC Connectivity Solution

PunkBuster Services

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Skype Click to Call

Skype™ 5.8

Steam

STMicroelectronics DfuSe v3.0.0

swMSM

Toolbox

TypeIt ReadIt 1.6

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Visual Studio 2008 x64 Redistributables

Windows Media Player Firefox Plugin

YouTube Downloader App 3.00

.

==== Event Viewer Messages From Past Week ========

.

25/07/2012 16:14:54, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

25/07/2012 16:14:54, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

25/07/2012 16:13:49, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.

25/07/2012 16:13:19, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

25/07/2012 15:34:55, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting.

22/07/2012 23:17:34, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PnkBstrA service to connect.

22/07/2012 23:17:34, Error: Service Control Manager [7000] - The PnkBstrA service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

21/07/2012 18:16:25, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A0717E52-8AC8-4DD9-8682-0B76775125E6} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

21/07/2012 18:16:24, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

20/07/2012 21:54:09, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.71.112.154 for the Network Card with network address 00FF36754C3E has been denied by the DHCP server 10.37.55.254 (The DHCP Server sent a DHCPNACK message).

19/07/2012 17:57:17, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001D60227DEA. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

18/07/2012 21:00:58, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.71.56.139 for the Network Card with network address 00FF36754C3E has been denied by the DHCP server 10.71.119.254 (The DHCP Server sent a DHCPNACK message).

18/07/2012 20:59:23, Error: Server [2505] - The server could not bind to the transport \Device\NetbiosSmb because another computer on the network has the same name. The server could not start.

18/07/2012 20:59:11, Error: Service Control Manager [7034] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s).

18/07/2012 20:59:06, Error: Service Control Manager [7030] - The Hotspot Shield Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

18/07/2012 20:58:47, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.37.32.42 for the Network Card with network address 00FF36754C3E has been denied by the DHCP server 10.73.87.254 (The DHCP Server sent a DHCPNACK message).

.

==== End Of File ===========================

[screen317]

Hi,

Please see:

Forum Piracy Policy

We will not assist users that are obviously using illegal software.

If any such evidence is found you will be given the benefit of the doubt and the opportunity to completely uninstall and delete any such data from your system.

During the scanning process if any further evidence shows up your topic will be closed and no further assistance will be provided.

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

It's likely why your issue began in the first place.

[Absenthe]

Apologies for the peer to peer programs.

The PC is shared and someone has now recived a bollocking for allowing this stuff to be on the PC.

It has all been removed now, and rebooted, However it appears that doing just that has solved the problem, When high lighting Search using the Right mouse button it now says "SEARCH GOOGLE for " instead of "Seach Search for . . . " and then using Search qu.

I have done another Scan of PC using DDS, if you wish to see it for possible future help on the forum i will post it.

Regards

Phil

Hi,

Please see:

Forum Piracy Policy

We will not assist users that are obviously using illegal software.

If any such evidence is found you will be given the benefit of the doubt and the opportunity to completely uninstall and delete any such data from your system.

During the scanning process if any further evidence shows up your topic will be closed and no further assistance will be provided.

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

It's likely why your issue began in the first place.

[screen317]

Great!

Do post the DDS log please. Are you experiencing any further issues?

[Absenthe]

It looks like the problem is solved, so in effect your information about peer to peer programs was probably correct, maybe thats where its came from.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 08/03/2011 11:07:37

System Uptime: 30/07/2012 18:05:03 (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | M2N-E SLI

Processor: AMD Athlon 64 X2 Dual Core Processor 5600+ | Socket AM2 | 2800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 1397 GiB total, 868.055 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 149 GiB total, 133.8 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.6

AMD VISION Engine Control Center

Apple Application Support

Apple Software Update

Auslogics Disk Defrag

AVG PC Tuneup 2011

AviSynth 2.5

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Cole2k Media - Codec Pack (Advanced) 7.9.5

Counter-Strike: Source

Day of Defeat: Source

dj_sf_software_req

File Type Assistant

Final Media Player 2011

Half-Life 2: Deathmatch

HandBrake 0.9.6

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotspot Shield 2.65

HydraVision

Java Auto Updater

Java 6 Update 26

Left 4 Dead 2

Malwarebytes Anti-Malware version 1.62.0.1300

Media Player Codec Pack 4.0.2

Microsoft Games for Windows Marketplace

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC100_CRT_SP1_x86

Mozilla Firefox 14.0.1 (x86 en-GB)

Mozilla Thunderbird 13.0.1 (x86 en-GB)

MSVC80_x86_v2

MSVC90_x86

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nokia Connectivity Cable Driver

Nokia Suite

Nostromo

ParetoLogic PC Health Advisor

PC Connectivity Solution

PunkBuster Services

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Skype Click to Call

Skype™ 5.8

Spybot - Search & Destroy

Steam

STMicroelectronics DfuSe v3.0.0

swMSM

Toolbox

TypeIt ReadIt 1.6

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Visual Studio 2008 x64 Redistributables

Windows Media Player Firefox Plugin

Great!

Do post the DDS log please. Are you experiencing any further issues?

[screen317]

Looks good to me.

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.

Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:

1) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.

2) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.

3) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.

4) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

• Green to go
  
• Yellow for caution
  
• Red to stop
  

WOT has an addon available for both Firefox and IE.

5) Be sure to update your Antivirus and Antispyware programs often!

Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?

Safe surfing,

-screen317

[screen317]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!