Unread postby katiescarletts » May 25th, 2011, 12:22 pm

Hi, I too have been hijacked by this enemy. The searchqu page is now my homepage in Mozilla, and I can't change it. Please help me remove it from my computer. Thanks. Here are my dds logs.

DDS (Ver_11-05-19.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/22/2008 9:56:33 PM
System Uptime: 5/24/2011 7:04:34 PM (17 hours ago)
Motherboard: Compaq | | 077Ch
Processor: Intel(R) Pentium(R) 4 CPU 1.70GHz | XU1 | 1695/400mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 29.256 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 149 GiB total, 104.997 GiB free.
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: MTP Device
Device ID: ROOT\WPD\0000
Manufacturer: (Standard MTP-Compliant Device)
Name: MTP Device
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
==== System Restore Points ===================
RP319: 2/26/2011 4:42:16 PM - Removed AVG 2011
RP320: 3/9/2011 11:31:42 AM - Removed AVG 2011
RP321: 3/9/2011 12:28:45 PM - Software Distribution Service 3.0
RP322: 3/10/2011 8:00:35 PM - Software Distribution Service 3.0
RP323: 3/11/2011 11:28:18 AM - Removed AVG 2011
RP324: 3/12/2011 11:35:41 AM - System Checkpoint
RP325: 3/15/2011 12:52:14 PM - Removed pdfforge Toolbar v1.1.2.
RP326: 3/28/2011 11:38:37 AM - System Checkpoint
RP327: 3/29/2011 3:28:48 PM - Removed AVG 2011
RP328: 3/30/2011 5:43:03 PM - Removed Stamps.com
RP329: 4/1/2011 5:16:43 PM - Software Distribution Service 3.0
RP330: 4/1/2011 5:29:46 PM - Software Distribution Service 3.0
RP331: 4/8/2011 11:04:46 AM - System Checkpoint
RP332: 4/11/2011 11:39:00 AM - System Checkpoint
RP333: 4/13/2011 6:37:04 PM - Software Distribution Service 3.0
RP334: 4/20/2011 5:55:36 PM - Software Distribution Service 3.0
RP335: 4/24/2011 11:15:19 AM - System Checkpoint
RP336: 4/24/2011 7:26:49 PM - Installed Java(TM) 6 Update 24
RP337: 4/26/2011 12:40:21 PM - System Checkpoint
RP338: 4/27/2011 1:42:21 PM - System Checkpoint
RP339: 4/27/2011 8:14:38 PM - Software Distribution Service 3.0
RP340: 4/30/2011 7:49:51 PM - System Checkpoint
RP341: 5/3/2011 5:01:03 PM - System Checkpoint
RP342: 5/4/2011 5:53:42 PM - System Checkpoint
RP343: 5/6/2011 5:36:50 PM - System Checkpoint
RP344: 5/11/2011 4:28:40 AM - Software Distribution Service 3.0
RP345: 5/14/2011 2:36:51 PM - System Checkpoint
RP346: 5/17/2011 12:32:21 PM - Removed AVG 2011
RP347: 5/20/2011 3:10:54 PM - System Checkpoint
RP348: 5/24/2011 6:55:54 PM - System Checkpoint
==== Installed Programs ======================
ABBYY FineReader 5.0 Sprint
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Help Viewer CS3
Adobe PDF Library Files
Adobe Photoshop 7.0
Adobe Photoshop Elements 3.0
Adobe Reader 9.4.0
Adobe Setup
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Alien Skin Image Doctor
Apple Software Update
AutoCAD 2000
AVG 2011
AVG PC Tuneup 2011
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
BWC Photo Imaging ROES
Canon iP6700D
Canon iP6700D Memory Card Utility
Canon iP6700D User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint
Color Efex Pro 3.0 Complete
Corel Painter X
DesignPro 5.4 Limited Edition
EPSON Copy Utility
EPSON Photo Print
EPSON Smart Panel
Ferro Tour Offer
FinePixViewer Ver.4.1
FreeRIP v3.40
Google Earth
Google Update Helper
Handmark® MobileDB(TM) for Palm OS
Handmark® PDA Money for palmOne
ImageMixer VCD2 for FinePix
Ipswitch WS_FTP LE
Java 2 Runtime Environment, SE v1.4.2_15
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) 6 Update 7
Malwarebytes' Anti-Malware
MemoryMixer 2.0.3
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Small Business Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MicroStaff WINASPI
Miller's Remote Suite (PLUS)
Mozilla Firefox 4.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero Suite
Palm Desktop
pdfforge Toolbar v4.3
powerOne Personal v2.1.1 for Handhelds
Presto! BizCard 4.1 Eng
Professor Franklin
Rhapsody Player Engine
Scrabble v2.0
Spybot - Search & Destroy
Update for Windows XP (KB911164)
Watchtower Library 2007 - English
Watchtower Library 2008 - English
Watchtower Library 2008 - Español
Watchtower Library 2010 - English
Web-Based Email Tools
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Player 11
WinZip 11.2
==== Event Viewer Messages From Past Week ========
5/22/2011 6:25:37 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TabletService service to connect.
5/22/2011 6:25:37 PM, error: Service Control Manager [7000] - The TabletService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/22/2011 5:10:05 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
5/21/2011 3:31:23 PM, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The authentication service is unknown.
==== End Of File ===========================

DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_24
Run by Kellye at 12:07:40 on 2011-05-25
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.204 [GMT -4:00]
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Canon\Memory Card Utility\iP6700D\PDUiP6700DMon.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\AVG\AVG10\avgscanx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Documents and Settings\Kellye\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/firefox?client=fi ... S:official
uSearch Bar = hxxp://www.searchqu.com/sidebar.html?src=ssb&sysid=406
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.searchqu.com/sidebar.html?src=ssb&sysid=406
mSearchAssistant = hxxp://www.searchqu.com/sidebar.html?src=ssb&sysid=406
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\toolbar\searchqudtx.dll
BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.3\pdfforgeToolbarIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.3\pdfforgeToolbarIE.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\toolbar\searchqudtx.dll
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [PDUiP6700DMon] c:\program files\canon\memory card utility\ip6700d\PDUiP6700DMon.exe
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SearchSettings] c:\program files\pdfforge toolbar\SearchSettings.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "c:\program files\Windows iLivid Toolbar"
mRunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "c:\program files\windows ilivid toolbar\ToolBar"
StartupFolder: c:\docume~1\kellye\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palmone\HOTSYNC.EXE
StartupFolder: c:\documents and settings\kellye\start menu\programs\startup\PowerReg Scheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewer\QuickDCF.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tabuse~1.lnk - c:\windows\system32\wtablet\TabUserW.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\trendnet\tew-424ub\WlanCU.exe
mPolicies-system: DisableTaskMgr = 1 (0x1)
IE: &Search
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_Print.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: {1B1C926C-1924-4B72-99E9-9BC6C86F56B9} =,
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\documents and settings\kellye\application data\mozilla\firefox\profiles\p4sa1uth.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=
FF - component: c:\documents and settings\kellye\application data\mozilla\firefox\profiles\p4sa1uth.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\kellye\application data\mozilla\firefox\profiles\p4sa1uth.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\program files\windows ilivid toolbar\datamngr\firefoxextension\components\DataMngrHlp.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwbe.dll
============= SERVICES / DRIVERS ===============
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 299984]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-4 98304]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2011-1-28 387072]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-4 118784]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-3 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-3 135664]
S3 RTL8187B;TRENDnet TEW-424UB Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2008-8-23 189312]
S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2002-10-2 13532]
=============== File Associations ===============
regfile=regedit.exe "%1" %*
scrfile="%1" %*
=============== Created Last 30 ================
2011-05-18 22:22:52 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-05-18 22:22:52 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-05-18 22:22:51 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-05-18 22:22:51 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-05-18 22:22:51 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-05-18 22:22:50 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-05-18 22:22:49 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-05-18 22:22:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-05-16 02:57:24 -------- d-----w- c:\documents and settings\kellye\local settings\application data\Ilivid Player
2011-05-16 02:45:19 -------- dc-h--w- c:\documents and settings\all users\application data\~0
2011-05-16 02:39:11 -------- d-----w- c:\program files\Windows iLivid Toolbar
2011-05-16 02:37:13 -------- d-----w- c:\documents and settings\kellye\local settings\application data\PackageAware
2011-05-06 15:25:02 -------- d-----w- c:\program files\common files\Symantec Shared
2011-05-06 15:04:59 -------- d-----w- c:\documents and settings\kellye\local settings\application data\Tific
2011-05-06 15:04:59 -------- d-----w- c:\documents and settings\kellye\application data\Tific
2011-05-06 15:03:33 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-05-06 15:03:16 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
==================== Find3M ====================
2008-09-07 18:30:27 15083520 ----a-w- c:\program files\spybotsd160.exe
2008-09-02 22:02:36 7499056 ----a-w- c:\program files\Firefox Setup 3.0.1.exe
2008-08-31 22:25:22 48367896 ----a-w- c:\program files\avg_free_stf_en_8_138a1332.exe
2007-02-21 08:21:54 16083128 ----a-w- c:\program files\Dreamweaver.exe
============= FINISH: 12:09:04.79 ===============
Active Member
Posts: 1
Joined: May 25th, 2011, 12:13 pm
Re: searchqu removal

Unread postby askey127 » May 27th, 2011, 6:33 am

Looking at your log.
Be back soon.
Posts: 13915
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: searchqu removal

Unread postby askey127 » May 27th, 2011, 7:10 am

Hi katiescarletts, and welcome to Malware Removal

Before We Start, Some Notes On This Process
During this repair, we may need to remove some obsolete programs, and some which interfere with our tools.
We will install replacements later.
Please do not install or uninstall any programs, or scan with anything, unless I ask, until we are through cleaning.

Also, please be aware that removing Malware is a potentially hazardous undertaking.
I will take care not to knowingly suggest courses of action that might damage your computer. However, it is impossible for me to foresee all interactions that may happen between your computer software and the tools we'll use to clear you of infection, so I cannot guarantee the safety of your system.
It is not likely, but possible, that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate taking your computer to a repair shop.
Because of this, I advise you to backup any important personal files to some external media, like a USB flash or CD, before we start.
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

Adobe Reader 9.4.0
AVG PC Tuneup 2011
Java 2 Runtime Environment, SE v1.4.2_15
Java(TM) 6 Update 7
Spybot - Search & Destroy

Take extra care in answering questions posed by any Uninstaller.
If the Spybot Uninstaller asks whether you want to remove all files and settings, answer YES. If it reports that it cannot remove all files, that's OK.
Run a Scan with OTL
  • Download OTL to your desktop.
  • You can also download OTL from HERE
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, In the Standard Registry box, click All.
  • Check the boxes beside LOP Check and Purity Check.
  • Copy the text from the code box below and paste it into the Custom Scans/Fixes box (under the aqua colored line)
    Code: Select all
    c:|Fun4IM;true;true;true; /FP
    c:|Bandoo;true;true;true; /FP
    c:|Searchqu;true;true;true; /FP
    c:|iLivid;true;true;true; /FP
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location
      as OTL (should be on your desktop).
    • Make sure Notepad's Format, Wordwrap is unchecked.
    • Please copy the contents of each of these files, one at a time, and post them in your next reply.
  • Use separate replies if you wish.

Posts: 13915
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: searchqu removal

Unread postby askey127 » May 30th, 2011, 12:23 pm

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
Posts: 13915
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
