Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine/s


  • Please log in to reply
7 replies to this topic

#1 Voyeurtess

Voyeurtess

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 16 December 2011 - 05:35 PM

I cannot search on any search engines, I can get to the page, Google, MSN, Yahoo.. Any of the seach places, I can type in my queary, but when I enter search I get nothing!(No Hits, Page Stays Blank, No Error messages or redirects, just Nothing!) I ran, webroot, AVG, Malware Bytes, And Trend Micro House call, All come up clean?? I can access everywhere else on either IE broswer or Mozilla, but I get no hits when I do a search via a search engine, I am lost without being able to use any search engines, is there anyone that could please assist me? I am on MS Windows XP Professional 32-bit SP3, I also ran a HiJack This scan, and will redo one and send a log to the appropriate area when and if I am asked and shown where they go. I Would greatly appreciate any assistance you all can offer me. Thank you in advance..

~Voyeurtess

Edited by Voyeurtess, 16 December 2011 - 06:30 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 AM

Posted 16 December 2011 - 09:26 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 Voyeurtess

Voyeurtess
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 17 December 2011 - 02:27 AM

Hi Broni, I Posted the log files and the relink back to this post on the Virus, Trojan, Spyware, and Malware Removal Logs Forum, since I saw no where to attach to here, I hope that is correct.

Thank you for you assistance

Voyeurtess

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 AM

Posted 17 December 2011 - 11:07 AM

I didn't ask for attaching but for pasting all results.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 Voyeurtess

Voyeurtess
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 17 December 2011 - 12:35 PM

Sorry Broni,

New here and a little lost.. I will paste here to make it easier, I apologize. and thank you for your patience and assistance.




Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner
Adobe Flash Player ( 10.0.12.36) Flash Player Out of Date!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````








MiniToolBox by Farbar
Ran by Tammy (administrator) on 17-12-2011 at 00:00:05
Microsoft Windows XP Professional Service Pack 3 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : tammy-xp

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller

Physical Address. . . . . . . . . : 00-1F-E2-04-9E-81

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 173.18.124.94

Subnet Mask . . . . . . . . . . . : 255.255.248.0

Default Gateway . . . . . . . . . : 173.18.120.1

DHCP Server . . . . . . . . . . . : 97.64.180.224

DNS Servers . . . . . . . . . . . : 97.64.209.36

97.64.168.13

Lease Obtained. . . . . . . . . . : Friday, December 16, 2011 10:01:18 PM

Lease Expires . . . . . . . . . . : Saturday, December 24, 2011 6:34:58 PM

Server: albdc-dns-dts10.mcomdc.com
Address: 97.64.209.36

Name: google.com
Addresses: 74.125.65.103, 74.125.65.104, 74.125.65.105, 74.125.65.106
74.125.65.147, 74.125.65.99



Pinging google.com [74.125.65.104] with 32 bytes of data:



Reply from 74.125.65.104: bytes=32 time=39ms TTL=52

Reply from 74.125.65.104: bytes=32 time=41ms TTL=52



Ping statistics for 74.125.65.104:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 39ms, Maximum = 41ms, Average = 40ms

Server: albdc-dns-dts10.mcomdc.com
Address: 97.64.209.36

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.2.43, 98.137.149.56, 98.139.180.149



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=97ms TTL=49

Reply from 72.30.2.43: bytes=32 time=97ms TTL=49



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 97ms, Maximum = 97ms, Average = 97ms

Server: albdc-dns-dts10.mcomdc.com
Address: 97.64.209.36

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1f e2 04 9e 81 ...... Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 173.18.120.1 173.18.124.94 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
173.18.120.0 255.255.248.0 173.18.124.94 173.18.124.94 20
173.18.124.94 255.255.255.255 127.0.0.1 127.0.0.1 20
173.18.255.255 255.255.255.255 173.18.124.94 173.18.124.94 20
224.0.0.0 240.0.0.0 173.18.124.94 173.18.124.94 20
255.255.255.255 255.255.255.255 173.18.124.94 173.18.124.94 1
Default Gateway: 173.18.120.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/16/2011 00:02:33 PM) (Source: Application Hang) (User: )
Description: Hanging application SpybotSD.exe, version 1.6.2.46, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/16/2011 00:02:32 PM) (Source: Application Hang) (User: )
Description: Hanging application SpybotSD.exe, version 1.6.2.46, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/15/2011 11:28:21 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1904. SA_Error1904: StandardAction(0xC0070770): Module C:\Program Files\AVG\AVG2012\avgssie.dll failed to register. HRESULT -2147024891. Contact your support personnel.

Error: (12/11/2011 09:54:30 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/22/2011 09:44:19 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1904. SA_Error1904: StandardAction(0xC0070770): Module C:\Program Files\AVG\AVG2012\avgssie.dll failed to register. HRESULT -2147024891. Contact your support personnel.

Error: (11/20/2011 10:23:11 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/17/2011 08:48:14 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1904. SA_Error1904: StandardAction(0xC0070770): Module C:\Program Files\AVG\AVG2012\avgssie.dll failed to register. HRESULT -2147024891. Contact your support personnel.

Error: (11/10/2011 02:32:34 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/04/2011 07:47:23 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1904. SA_Error1904: StandardAction(0xC0070770): Module C:\Program Files\AVG\AVG2012\avgssie.dll failed to register. HRESULT -2147024891. Contact your support personnel.

Error: (10/29/2011 09:51:02 PM) (Source: Application Error) (User: )
Description: Faulting application avgtray.exe, version 12.0.0.1827, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgtray.exe!ws!]


System errors:
=============
Error: (12/16/2011 00:33:10 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume3

Error: (12/15/2011 00:10:21 PM) (Source: NtServicePack) (User: )
Description: Windows installation failed.
The specified module could not be found.

Error: (12/15/2011 00:09:27 PM) (Source: Service Control Manager) (User: )
Description: The Webroot Client Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/15/2011 00:09:25 PM) (Source: Service Control Manager) (User: )
Description: The Webroot Spy Sweeper Engine service failed to start due to the following error:
%%3

Error: (12/15/2011 11:40:48 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x8007007e: Security Update for Windows XP (KB2633171).

Error: (12/15/2011 11:40:44 AM) (Source: NtServicePack) (User: )
Description: Windows installation failed.
The specified module could not be found.

Error: (12/15/2011 11:39:19 AM) (Source: NtServicePack) (User: )
Description: Windows installation failed.
The specified module could not be found.

Error: (12/15/2011 11:38:32 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x8007007e: Security Update for Windows XP (KB2633171).

Error: (12/15/2011 11:38:27 AM) (Source: NtServicePack) (User: )
Description: Windows installation failed.
The specified module could not be found.

Error: (11/23/2011 09:58:50 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume3


Microsoft Office Sessions:
=========================
Error: (12/16/2011 00:02:33 PM) (Source: Application Hang)(User: )
Description: SpybotSD.exe1.6.2.46hungapp0.0.0.000000000

Error: (12/16/2011 00:02:32 PM) (Source: Application Hang)(User: )
Description: SpybotSD.exe1.6.2.46hungapp0.0.0.000000000

Error: (12/15/2011 11:28:21 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1904. SA_Error1904: StandardAction(0xC0070770): Module C:\Program Files\AVG\AVG2012\avgssie.dll failed to register. HRESULT -2147024891. Contact your support personnel.(NULL)(NULL)(NULL)

Error: (12/11/2011 09:54:30 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (11/22/2011 09:44:19 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1904. SA_Error1904: StandardAction(0xC0070770): Module C:\Program Files\AVG\AVG2012\avgssie.dll failed to register. HRESULT -2147024891. Contact your support personnel.(NULL)(NULL)(NULL)

Error: (11/20/2011 10:23:11 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (11/17/2011 08:48:14 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1904. SA_Error1904: StandardAction(0xC0070770): Module C:\Program Files\AVG\AVG2012\avgssie.dll failed to register. HRESULT -2147024891. Contact your support personnel.(NULL)(NULL)(NULL)

Error: (11/10/2011 02:32:34 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (11/04/2011 07:47:23 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1904. SA_Error1904: StandardAction(0xC0070770): Module C:\Program Files\AVG\AVG2012\avgssie.dll failed to register. HRESULT -2147024891. Contact your support personnel.(NULL)(NULL)(NULL)

Error: (10/29/2011 09:51:02 PM) (Source: Application Error)(User: )
Description: avgtray.exe12.0.0.18270.0.0.000000000


=========================== Installed Programs ============================

360Share Pro(remove only)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
AcroChallenge 2.86 (Version: 2.86.0000)
Adobe AIR (Version: 1.5.3.9120)
Adobe Flash Player 10 Plugin (Version: 10.0.12.36)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader 9.4.6 (Version: 9.4.6)
Ask Toolbar (Version: 1.13.1.0)
ATI - Software Uninstall Utility (Version: 6.14.10.1016)
ATI Catalyst Control Center (Version: 2.007.0614.2138)
ATI Display Driver (Version: 8.39-070614a-050449C-Acer)
Auslogics Disk Defrag (Version: version 3.2)
AVG 2012 (Version: 12.0.1831)
AVG 2012 (Version: 12.0.1890)
AVG 2012 (Version: 12.0.2092)
AVG 2012 (Version: 12.0.2108)
AVG 2012 (Version: 2012.0.1890)
Belarc Advisor 8.2 (Version: 8.2.6.0)
Catalyst Control Center Core Implementation (Version: 2007.0614.2139.36855)
Catalyst Control Center Graphics Full Existing (Version: 2007.0614.2139.36855)
Catalyst Control Center Graphics Full New (Version: 2007.0614.2139.36855)
Catalyst Control Center Graphics Light (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Chinese Standard (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Czech (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Danish (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Dutch (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Finnish (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization French (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization German (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Greek (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Hungarian (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Italian (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Japanese (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Korean (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Norwegian (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Polish (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Portuguese (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Russian (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Spanish (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Swedish (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Thai (Version: 2007.0614.2139.36855)
Catalyst Control Center Localization Turkish (Version: 2007.0614.2139.36855)
ccc-core-preinstall (Version: 2007.0614.2139.36855)
ccc-core-static (Version: 2007.0614.2139.36855)
ccc-utility (Version: 2007.0614.2139.36855)
CCC Help Chinese Standard (Version: 2007.0614.2138.36855)
CCC Help Chinese Traditional (Version: 2007.0614.2138.36855)
CCC Help Czech (Version: 2007.0614.2138.36855)
CCC Help Danish (Version: 2007.0614.2138.36855)
CCC Help Dutch (Version: 2007.0614.2138.36855)
CCC Help English (Version: 2007.0614.2138.36855)
CCC Help Finnish (Version: 2007.0614.2138.36855)
CCC Help French (Version: 2007.0614.2138.36855)
CCC Help German (Version: 2007.0614.2138.36855)
CCC Help Greek (Version: 2007.0614.2138.36855)
CCC Help Hungarian (Version: 2007.0614.2138.36855)
CCC Help Italian (Version: 2007.0614.2138.36855)
CCC Help Japanese (Version: 2007.0614.2138.36855)
CCC Help Korean (Version: 2007.0614.2138.36855)
CCC Help Norwegian (Version: 2007.0614.2138.36855)
CCC Help Polish (Version: 2007.0614.2138.36855)
CCC Help Portuguese (Version: 2007.0614.2138.36855)
CCC Help Russian (Version: 2007.0614.2138.36855)
CCC Help Spanish (Version: 2007.0614.2138.36855)
CCC Help Swedish (Version: 2007.0614.2138.36855)
CCC Help Thai (Version: 2007.0614.2138.36855)
CCC Help Turkish (Version: 2007.0614.2138.36855)
CCleaner (Version: 3.13)
DVD Suite (Version: 5.0.2002)
Google Update Helper (Version: 1.3.21.79)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HiJackThis (Version: 1.0.0)
Holdem Indicator 2.2.0
Internet Explorer (Enable DEP)
IrfanView (remove only)
Java Auto Updater (Version: 2.0.6.1)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
MediaShow (Version: 3.0.4325)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 5.0.1 (x86 en-US) (Version: 5.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
Next Generation Visualisations (Version: 1.0.0)
Omaha Indicator 1.6.0
OpenOffice.org 3.1 (Version: 3.1.9420)
PokerStars
Power2Go 5.0
PowerBackup (Version: 2.5.2903)
PowerDVD (Version: 7.0.3118.0)
PowerDVD Copy (Version: 1.0.3716a)
PowerProducer
Realtek High Definition Audio Driver (Version: 5.10.0.5436)
Revo Uninstaller 1.93 (Version: 1.93)
Segoe UI (Version: 14.0.4327.805)
Skins (Version: 2007.0614.2139.36855)
Skype™ 5.5 (Version: 5.5.124)
Speccy (Version: 1.11)
Spybot - Search & Destroy (Version: 1.6.2)
Stud Indicator 1.2.2
SUPERAntiSpyware (Version: 4.55.1000)
WebFldrs XP (Version: 9.50.7523)
Webroot SecureAnywhere (Version: 8.0.1.44)
Webroot Software (Version: 7.0.4.93)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
Word Riot Deluxe
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 1791.42 MB
Available physical RAM: 1299.32 MB
Total Pagefile: 3685.98 MB
Available Pagefile: 3046.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.53 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:71.36 GB) (Free:52.47 GB) NTFS
2 Drive d: (HP_PAVILION) (Fixed) (Total:177.75 GB) (Free:157.42 GB) NTFS
3 Drive e: (ACERDATA) (Fixed) (Total:71.82 GB) (Free:71.8 GB) FAT32
4 Drive f: (HP_RECOVERY) (Fixed) (Total:8.53 GB) (Free:0.45 GB) FAT32

========================= Users: ========================================

User accounts for \\TAMMY-XP

Administrator Guest HelpAssistant
postgres SUPPORT_388945a0 Tammy


**** End of log ****







Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8381

Windows 5.1.2600 Service Pack 3
Internet Explorer Unknown

12/16/2011 4:30:52 PM
mbam-log-2011-12-16 (16-30-52).txt

Scan type: Full scan (C:\|)
Objects scanned: 249271
Time elapsed: 2 hour(s), 9 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-12-16 23:41:32
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Hitachi_HDS721616PLA380 rev.P22OAB3A
Running: GMER.exe; Driver: C:\DOCUME~1\Tammy\LOCALS~1\Temp\fgryipoc.sys


---- System - GMER 1.0.15 ----

SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwAllocateVirtualMemory [0xB9ECB5E0]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwAssignProcessToJobObject [0xB9ECB790]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwCreateThread [0xB9ECB810]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwDebugActiveProcess [0xB9ECB690]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwDeleteKey [0xB9ECBEB0]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwDeleteValueKey [0xB9ECBFB0]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwDuplicateObject [0xB9ECB3F0]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA3CEEF3C]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwOpenSection [0xB9ECBCE0]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwOpenThread [0xB9ECBAA0]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwProtectVirtualMemory [0xB9ECB8A0]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwSetContextThread [0xB9ECB710]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwSetValueKey [0xB9ECC0D0]
SSDT WRkrn.sys (Webroot SecureAnywhere/Webroot) ZwSystemDebugControl [0xB9ECBE50]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xA6AE3640]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA3CEF080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA3CEF11C]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\Explorer.EXE[336] SHLWAPI.dll!SHIsLowMemoryMachine + 6E02 77FBDD0B 5 Bytes JMP 10012C40 C:\WINDOWS\system32\WRusr.dll (Webroot SecureAnywhere/Webroot)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip WRkrn.sys (Webroot SecureAnywhere/Webroot)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 WRkrn.sys (Webroot SecureAnywhere/Webroot)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 WRkrn.sys (Webroot SecureAnywhere/Webroot)
AttachedDevice \Driver\Tcpip \Device\Tcp WRkrn.sys (Webroot SecureAnywhere/Webroot)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp WRkrn.sys (Webroot SecureAnywhere/Webroot)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp WRkrn.sys (Webroot SecureAnywhere/Webroot)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 AM

Posted 17 December 2011 - 12:59 PM

I don't see anything malicious but I can see two AV programs running, AVG and Webroot SecureAnywhere.
You must uninstall one of them.
If AVG make sure to use AVG Remover: http://www.avg.com/us-en/utilities

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 Voyeurtess

Voyeurtess
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 17 December 2011 - 02:15 PM

Doing a happy dance now, I thank you so very much Broni, I removed all of AVG... and left my Webroot SecureAnywhere, rebooted my computer, and tried a search on google and it is working again, as well as all the other search engines I use at times as well..

Thank you kindly Sir

~Voyeurtess

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:40 AM

Posted 17 December 2011 - 03:02 PM

You're very welcome Posted Image

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users