Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

I am not very computer savy


whippet
 Share

Recommended Posts

Hi guys

I am not computer literate.

I have no idea how this has happened but my Firefox browser has been highjacked by something called QSearch which appears not to search at all.

I referred this to a computer literate who recommended spybot search and destroy which I ran and it found two problems and I fixed then but after a reboot the browser issue remained and the spybot could no longer be updated. My computer literate friend then recommended Malwarebytes which I have also ran but that detects nothing.

I run windows XP and a firefox browser with AVG 9.0. If you can fix this problem then I will add the Malwarebytes Pro to my virus protection.

I include the Malwarebytes log but it detects nothing

Please please help

Whippet

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 5137

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

17-11-2010 16:51:54

mbam-log-2010-11-17 (16-51-54).txt

Scan type: Quick scan

Objects scanned: 144634

Time elapsed: 8 minute(s), 12 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

OK I have managed to download DDS and I enclose DDS.txt and Attach.txt

Some of it is in Dutch

Whippet

DDS (Ver_10-11-10.01) - NTFSx86

Run by Administrator at 20:30:00,98 on wo 17-11-2010

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1015.410 [GMT 1:00]

AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\System32\svchost.exe -k Cognizance

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

svchost.exe

svchost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\PDF Complete\pdfsty.exe

C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\WINDOWS\SMINST\Scheduler.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\AccelerometerSt.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Program Files\eNerds Pty Ltd\ENRPTY38777496171834\KaUsrTsk.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe

C:\Program files\Telstra\Telstra Connection Manager\WaHelper.exe

C:\PROGRA~1\WI9130~1\DataMngr\DataMngrUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

svchost.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\WINDOWS\system32\bgsvcgen.exe

C:\WINDOWS\system32\FortiSSLVPNdaemon.exe

C:\Program Files\AVG\AVG9\avgam.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\eNerds Pty Ltd\ENRPTY38777496171834\AgentMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\PDF Complete\pdfsvc.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\mqsvc.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Documents and Settings\Administrator\Mijn documenten\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.searchqu.com/

mStart Page = hxxp://www.muuler.com/

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Searchqu Toolbar: {7ff99715-3016-4381-84ce-e4e4c9673020} - c:\program files\windows searchqu toolbar\toolbar\SearchquDx.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Credential Manager for HP ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Searchqu Toolbar: {7ff99715-3016-4381-84ce-e4e4c9673020} - c:\program files\windows searchqu toolbar\toolbar\SearchquDx.dll

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [MsmqIntCert] regsvr32 /s mqrt.dll

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [soundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray

mRun: [PDF Complete] "c:\program files\pdf complete\pdfsty.exe"

mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun: [CognizanceTS] rundll32.exe c:\progra~1\hewlet~1\iam\bin\ASTSVCC.dll,RegisterModule

mRun: [Recguard] c:\windows\sminst\Recguard.exe

mRun: [Reminder] c:\windows\creator\Remind_XP.exe

mRun: [scheduler] c:\windows\sminst\Scheduler.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [AccelerometerSysTrayApplet] c:\windows\system32\AccelerometerSt.exe

mRun: [HPWWANGSAssistant] c:\swsetup\hpqwwan\HPWWanGSAssistant.exe /TrayMode

mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe

mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe

mRun: [KASHENRPTY38777496171834] "c:\program files\enerds pty ltd\enrpty38777496171834\KaUsrTsk.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [TRUUpdater] "c:\program files\sierra wireless inc\webupdater\TRUUpdater.exe" /bkground

mRun: [WatcherHelper] "c:\program files\telstra\telstra connection manager\WaHelper.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [DataMngr] c:\progra~1\wi9130~1\datamngr\DataMngrUI.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe

StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\myplac~1.lnk - c:\program files\telstra\telstra connection manager\welcome.exe

StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\photof~1.lnk - c:\program files\common files\panasonic\photofunstudio autostart\AutoStartupService.exe

IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272456829343

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Notify: avgrsstarter - avgrsstx.dll

Notify: igfxcui - igfxdev.dll

Notify: OneCard - c:\program files\hewlett-packard\iam\bin\ASWLNPkg.dll

AppInit_DLLs: c:\progra~1\wi9130~1\datamngr\datamngr.dll apshook.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

LSA: Notification Packages = scecli ASWLNPkg

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\x2llcep1.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c125403&v=6.010.006.004&i=26&tp=ab&iy=&ychte=nl&lng=nl&q=

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\documents and settings\administrator\application data\fortinet\sslvpnclient\npccplugin.dll

FF - plugin: c:\documents and settings\administrator\application data\mozilla\plugins\np-mswmp.dll

FF - plugin: c:\documents and settings\administrator\application data\mozilla\plugins\npatgpc.dll

FF - plugin: c:\program files\fortinet\sslvpnclient\npccplugin.dll

FF - plugin: c:\program files\fortinet\sslvpnclient\nptcplugin.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-4-28 52872]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-4-28 216400]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-4-28 29584]

R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-4-28 243024]

R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2004-8-4 14336]

R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2004-8-4 14336]

R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-22 308136]

R2 FortiSslvpnDaemon;FortiClient SSL VPN;c:\windows\system32\FortiSSLVPNdaemon.exe [2009-9-17 703080]

R2 KAENRPTY38777496171834;eNerds Pty Ltd Agent;c:\program files\enerds pty ltd\enrpty38777496171834\AgentMon.exe [2010-5-17 806912]

R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2007-7-13 539936]

R2 SWIHPWMI;SWIHPWMI;c:\program files\hpq\shared\sierra wireless\win32\unicode\SWIHPWMI.exe [2006-12-4 292384]

R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-1-23 36608]

R3 KAPFA;KAPFA;c:\windows\system32\drivers\KAPFA.sys [2010-5-17 13824]

R3 pppop;PPPoP WAN Adapter;c:\windows\system32\drivers\pppop.sys [2009-7-21 36384]

R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [2007-7-13 47616]

R3 SWNC8U02;HP hs2300 MUX NDIS Driver (#02);c:\windows\system32\drivers\SWNC8U02.sys [2007-1-12 102144]

R3 SWUMX02;HP hs2300 USB MUX Driver (#02);c:\windows\system32\drivers\swumx02.sys [2007-1-12 70656]

S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-5 135664]

S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 517448]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2010-1-28 198016]

S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\drivers\swumxa3.sys [2009-12-8 154752]

=============== Created Last 30 ================

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 10-4-2009 14:36:08

System Uptime: 17-11-2010 19:56:09 (1 hours ago)

Motherboard: Hewlett-Packard | | 30BE

Processor: Intel® Core2 Duo CPU T7300 @ 2.00GHz | U10 | 1576/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 67 GiB total, 42,707 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 8 GiB total, 7,352 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP77: 17-8-2010 2:37:20 - Avg Update

RP78: 18-8-2010 13:19:03 - Controlepunt van systeem

RP79: 19-8-2010 16:16:22 - Controlepunt van systeem

RP80: 23-8-2010 11:27:23 - Controlepunt van systeem

RP81: 26-8-2010 8:08:11 - Controlepunt van systeem

RP82: 28-8-2010 23:32:03 - Installed Java 6 Update 21

RP83: 30-8-2010 8:38:09 - Controlepunt van systeem

RP84: 31-8-2010 17:28:41 - Controlepunt van systeem

RP85: 2-9-2010 13:20:29 - Controlepunt van systeem

RP86: 4-9-2010 12:21:55 - Controlepunt van systeem

RP87: 5-9-2010 13:19:36 - Controlepunt van systeem

RP88: 8-9-2010 5:09:25 - Controlepunt van systeem

RP89: 10-9-2010 2:58:01 - Controlepunt van systeem

RP90: 10-9-2010 10:30:09 - Installed Telstra Connection Manager.

RP91: 11-9-2010 11:38:38 - Controlepunt van systeem

RP92: 12-9-2010 12:58:28 - Controlepunt van systeem

RP93: 14-9-2010 2:50:21 - Controlepunt van systeem

RP94: 15-9-2010 4:04:34 - Controlepunt van systeem

RP95: 15-9-2010 14:19:20 - Software Distribution Service 3.0

RP96: 17-9-2010 4:21:46 - Controlepunt van systeem

RP97: 19-9-2010 2:07:58 - Controlepunt van systeem

RP98: 20-9-2010 2:47:43 - Controlepunt van systeem

RP99: 20-9-2010 14:19:04 - Avg Update

RP100: 20-9-2010 14:20:23 - Avg Update

RP101: 22-9-2010 0:50:38 - Controlepunt van systeem

RP102: 23-9-2010 1:32:24 - Controlepunt van systeem

RP103: 24-9-2010 3:02:35 - Controlepunt van systeem

RP104: 26-9-2010 3:33:04 - Controlepunt van systeem

RP105: 27-9-2010 7:44:37 - Controlepunt van systeem

RP106: 28-9-2010 10:27:19 - Controlepunt van systeem

RP107: 29-9-2010 8:57:55 - Software Distribution Service 3.0

RP108: 30-9-2010 20:19:29 - Avg Update

RP109: 4-10-2010 14:36:30 - Controlepunt van systeem

RP110: 5-10-2010 14:58:24 - Controlepunt van systeem

RP111: 7-10-2010 12:08:39 - Controlepunt van systeem

RP112: 8-10-2010 10:09:51 - Avg Update

RP113: 9-10-2010 3:00:14 - Software Distribution Service 3.0

RP114: 10-10-2010 5:29:47 - Controlepunt van systeem

RP115: 11-10-2010 17:06:45 - Controlepunt van systeem

RP116: 13-10-2010 14:50:34 - Controlepunt van systeem

RP117: 16-10-2010 2:19:16 - Software Distribution Service 3.0

RP118: 18-10-2010 8:29:11 - Controlepunt van systeem

RP119: 19-10-2010 20:53:43 - Controlepunt van systeem

RP120: 21-10-2010 10:09:57 - Controlepunt van systeem

RP121: 22-10-2010 16:03:16 - Controlepunt van systeem

RP122: 25-10-2010 9:17:55 - Installed Java 6 Update 22

RP123: 26-10-2010 19:36:04 - Avg Update

RP124: 29-10-2010 21:45:57 - Controlepunt van systeem

RP125: 1-11-2010 12:01:36 - Controlepunt van systeem

RP126: 3-11-2010 19:57:45 - Controlepunt van systeem

RP127: 5-11-2010 5:40:39 - Controlepunt van systeem

RP128: 6-11-2010 13:54:03 - Controlepunt van systeem

RP129: 7-11-2010 14:31:29 - Controlepunt van systeem

RP130: 9-11-2010 13:24:01 - Controlepunt van systeem

RP131: 10-11-2010 14:35:09 - Avg Update

RP132: 10-11-2010 14:35:33 - Avg Update

RP133: 10-11-2010 21:33:25 - Software Distribution Service 3.0

RP134: 12-11-2010 4:08:44 - Controlepunt van systeem

RP135: 13-11-2010 15:22:25 - Controlepunt van systeem

RP136: 14-11-2010 17:36:17 - Controlepunt van systeem

==== Installed Programs ======================

2007 Microsoft Office system

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Apple Application Support

Apple Software Update

Application Installer 4.00.B13

AVG 9.0

Beveiligingsupdate for Windows XP (KB923689)

Beveiligingsupdate for Windows XP (KB941569)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2183461)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2360131)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)

Beveiligingsupdate voor Windows Media Player (KB2378111)

Beveiligingsupdate voor Windows Media Player (KB911564)

Beveiligingsupdate voor Windows Media Player (KB952069)

Beveiligingsupdate voor Windows Media Player (KB954155)

Beveiligingsupdate voor Windows Media Player (KB968816)

Beveiligingsupdate voor Windows Media Player (KB973540)

Beveiligingsupdate voor Windows Media Player (KB975558)

Beveiligingsupdate voor Windows Media Player (KB978695)

Beveiligingsupdate voor Windows Media Player 11 (KB954154)

Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)

Beveiligingsupdate voor Windows Media Player 9 (KB911565)

Beveiligingsupdate voor Windows Media Player 9 (KB917734)

Beveiligingsupdate voor Windows XP (KB2079403)

Beveiligingsupdate voor Windows XP (KB2115168)

Beveiligingsupdate voor Windows XP (KB2121546)

Beveiligingsupdate voor Windows XP (KB2160329)

Beveiligingsupdate voor Windows XP (KB2229593)

Beveiligingsupdate voor Windows XP (KB2259922)

Beveiligingsupdate voor Windows XP (KB2279986)

Beveiligingsupdate voor Windows XP (KB2286198)

Beveiligingsupdate voor Windows XP (KB2296011)

Beveiligingsupdate voor Windows XP (KB2347290)

Beveiligingsupdate voor Windows XP (KB2360937)

Beveiligingsupdate voor Windows XP (KB2387149)

Beveiligingsupdate voor Windows XP (KB923561)

Beveiligingsupdate voor Windows XP (KB923789)

Beveiligingsupdate voor Windows XP (KB946648)

Beveiligingsupdate voor Windows XP (KB950760)

Beveiligingsupdate voor Windows XP (KB950762)

Beveiligingsupdate voor Windows XP (KB950974)

Beveiligingsupdate voor Windows XP (KB951066)

Beveiligingsupdate voor Windows XP (KB951376-v2)

Beveiligingsupdate voor Windows XP (KB951748)

Beveiligingsupdate voor Windows XP (KB952004)

Beveiligingsupdate voor Windows XP (KB952954)

Beveiligingsupdate voor Windows XP (KB955069)

Beveiligingsupdate voor Windows XP (KB956572)

Beveiligingsupdate voor Windows XP (KB956744)

Beveiligingsupdate voor Windows XP (KB956802)

Beveiligingsupdate voor Windows XP (KB956803)

Beveiligingsupdate voor Windows XP (KB956844)

Beveiligingsupdate voor Windows XP (KB958644)

Beveiligingsupdate voor Windows XP (KB958869)

Beveiligingsupdate voor Windows XP (KB959426)

Beveiligingsupdate voor Windows XP (KB960225)

Beveiligingsupdate voor Windows XP (KB960803)

Beveiligingsupdate voor Windows XP (KB960859)

Beveiligingsupdate voor Windows XP (KB961501)

Beveiligingsupdate voor Windows XP (KB969059)

Beveiligingsupdate voor Windows XP (KB969947)

Beveiligingsupdate voor Windows XP (KB970238)

Beveiligingsupdate voor Windows XP (KB970430)

Beveiligingsupdate voor Windows XP (KB971468)

Beveiligingsupdate voor Windows XP (KB971657)

Beveiligingsupdate voor Windows XP (KB972270)

Beveiligingsupdate voor Windows XP (KB973354)

Beveiligingsupdate voor Windows XP (KB973507)

Beveiligingsupdate voor Windows XP (KB973869)

Beveiligingsupdate voor Windows XP (KB973904)

Beveiligingsupdate voor Windows XP (KB974112)

Beveiligingsupdate voor Windows XP (KB974318)

Beveiligingsupdate voor Windows XP (KB974392)

Beveiligingsupdate voor Windows XP (KB974571)

Beveiligingsupdate voor Windows XP (KB975025)

Beveiligingsupdate voor Windows XP (KB975467)

Beveiligingsupdate voor Windows XP (KB975560)

Beveiligingsupdate voor Windows XP (KB975561)

Beveiligingsupdate voor Windows XP (KB975562)

Beveiligingsupdate voor Windows XP (KB975713)

Beveiligingsupdate voor Windows XP (KB977816)

Beveiligingsupdate voor Windows XP (KB977914)

Beveiligingsupdate voor Windows XP (KB978037)

Beveiligingsupdate voor Windows XP (KB978262)

Beveiligingsupdate voor Windows XP (KB978338)

Beveiligingsupdate voor Windows XP (KB978542)

Beveiligingsupdate voor Windows XP (KB978601)

Beveiligingsupdate voor Windows XP (KB978706)

Beveiligingsupdate voor Windows XP (KB979309)

Beveiligingsupdate voor Windows XP (KB979482)

Beveiligingsupdate voor Windows XP (KB979559)

Beveiligingsupdate voor Windows XP (KB979683)

Beveiligingsupdate voor Windows XP (KB979687)

Beveiligingsupdate voor Windows XP (KB980195)

Beveiligingsupdate voor Windows XP (KB980218)

Beveiligingsupdate voor Windows XP (KB980232)

Beveiligingsupdate voor Windows XP (KB980436)

Beveiligingsupdate voor Windows XP (KB981322)

Beveiligingsupdate voor Windows XP (KB981852)

Beveiligingsupdate voor Windows XP (KB981957)

Beveiligingsupdate voor Windows XP (KB981997)

Beveiligingsupdate voor Windows XP (KB982132)

Beveiligingsupdate voor Windows XP (KB982214)

Beveiligingsupdate voor Windows XP (KB982665)

Beveiligingsupdate voor Windows XP (KB982802)

Credential Manager for HP ProtectTools

eNerds Pty Ltd Agent (pc149083847227.root.unnamed - nerdmon.enerds.com.au)

FortiClient SSL VPN CacheCleaner Plug-In for FireFox3 v3.0.389

FortiClient SSL VPN v4.0.2073

Google Toolbar for Internet Explorer

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB976002-v5)

Hotfix voor Windows Media Player 11 (KB939683)

Hotfix voor Windows XP (KB2158563)

Hotfix voor Windows XP (KB952287)

Hotfix voor Windows XP (KB961118)

Hotfix voor Windows XP (KB979306)

Hotfix voor Windows XP (KB981793)

HP 3D DriveGuard

HP Backup and Recovery Manager Installer

HP BIOS Configuration for ProtectTools

HP Broadband Wireless Modules

HP Doc Viewer

HP Help and Support

HP Integrated Module with Bluetooth wireless technology

HP Notebook Accessories Product Tour

HP ProtectTools Security Manager

HP Quick Launch Buttons 6.20 D3

HP Update

HP User Guide Bluetooth Addendum 0062

HP User Guides 0058

HP Wireless Assistant

HP WWAN Setup Utility

HpSdpAppCoreApp

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

InterVideo DVD Check

InterVideo Register Manager

InterVideo WinDVD

Java Auto Updater

Java 6 Update 22

Java SE Runtime Environment 6

LightScribe 1.4.136.1

Malwarebytes' Anti-Malware

McAfee Security Scan Plus

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Dutch Language Pack

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Language Pack - NLD

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Software Update for Web Folders (Dutch) 12

Microsoft SQL Server Compact 3.5 SP1 English

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox (3.6.12)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

OGA Notifier 2.0.0048.0

PDF Complete

PHOTOfunSTUDIO 5.1 HD Edition

QuickTime

RAR File Open Knife - Free Opener

Roxio Creator Audio

Roxio Creator Basic v9

Roxio Creator Copy

Roxio Creator Data

Roxio Creator Tools

Roxio Express Labeler 3

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office Outlook 2007 (KB2288953)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB982124)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Soft Data Fax Modem with SmartCP

Sonic Activation Module

SoundMAX

Spybot - Search & Destroy

Synaptics Pointing Device Driver

Telstra Connection Manager

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Outlook 2007 Junk Email Filter (KB2443839)

Update voor Windows Internet Explorer 8 (KB976662)

Update voor Windows Internet Explorer 8 (KB980182)

Update voor Windows Internet Explorer 8 (KB980302)

Update voor Windows XP (KB2141007)

Update voor Windows XP (KB2345886)

Update voor Windows XP (KB951978)

Update voor Windows XP (KB955759)

Update voor Windows XP (KB967715)

Update voor Windows XP (KB968389)

Update voor Windows XP (KB971737)

Update voor Windows XP (KB973687)

Update voor Windows XP (KB973815)

Update voor Windows XP (KB980182)

WebEx

WebFldrs XP

Windows Defender

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows Searchqu Toolbar

Windows XP Service Pack 3

==== End Of File ===========================

Link to post
Share on other sites

Hi,

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them:
    Click me
    If you can't disable them then just continue on.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

whatnext.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

Link to post
Share on other sites

Hi,

Isn't there some kind of ("OK" ?) button where you can click on to continue on anyway? If not, do this instead:

Please download DDS and save it to your desktop.

  • Disable any script blocking protection.
  • Double click dds.com to run the tool..
  • When done, DDS will open two logs (DDS.txt and Attach.txt).
  • Save both reports to your desktop.

Please include the contents of DDS.txt in your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

  • Double click GMER.exe.
    gmer_zip.gif
  • If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
  • In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
      GMER_thumb.jpg
      Click the image to enlarge it

    [*] Then click the Scan button & wait for it to finish.

    [*] Once done click on the [save..] button, and in the File name area, type in "ark.txt"

    [*]Save the log where you can easily find it, such as your desktop.

**Caution**

Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Please copy and paste the report into your Post.

Link to post
Share on other sites

  • 2 months later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.