I was trying to find some way to install Skypemate and ended up getting iLivid or something like that on my PC. It's so annoying - it installed it's own toolbar and every time I open a new tab in IE it comes up as the Search Engine.
So far I have removed iLivid and another program, Bandoo, via add or remove programs and tried restarting.
I have also gone into Program Files and tried to delete an iLivid toolbar folder - this was not 'allowed' but having said that I rebooted again and that file disappeared so now I can't tell you what the error message was.. The http://www.searchqu.com//406 tab problem is still here however.
I am super worried that I am getting all kinds of viruses right now.. Sometimes IE just closes itself for no reason..
I have also done a Malwarebytes scan which picked up 6 infected files.
I read the post about DDS and I think I've done it ok (see below) except there was no option to open an 'Attach' file.. basically the little black screen thing ran, then a grey box boppoed up listing the two required files, I pressed 'OK' and then saved the .txt file blow to my desktop - there didn't seem to be another one...
I'd really appreciate your helkp to get this off my PC!!
Thank you.
Laura
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 10.0.0
Run by Administrator at 17:04:20 on 2011-09-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.129 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ie/
mStart Page = hxxp://eis.esnips.com/page/search/?clie ... fde8d1391d
uInternet Settings,ProxyOverride = *.local
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
BHO: Loader Class: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\wi371a~1\datamngr\BROWSE~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [DriverMax] "c:\program files\innovative solutions\drivermax\devices.exe" -agent
uRun: [DriverMax_RESTART] "c:\program files\innovative solutions\drivermax\devices.exe" -RESTART
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{899AF54A-7B11-4FA9-A7E5-505CEF3151CD} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{F73EE01E-DA1C-46DF-906C-808A28B4C4FF} : DhcpNameServer = 89.101.160.4 89.101.160.5
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\iebho.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-7-11 32464]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 229840]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-8-16 5264736]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-7-11 16720]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 136176]
S3 rt2870;TP-LINK Wireless USB Adapter;c:\windows\system32\drivers\rt2870.sys [2008-11-26 650624]
.
=============== Created Last 30 ================
.
2011-09-06 15:01:56 -------- d-----w- c:\windows\pss
2011-09-06 14:37:21 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2011-09-06 14:37:15 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-06 14:37:15 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-09-06 14:37:12 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-06 14:37:12 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
2011-09-06 14:37:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-06 14:14:00 -------- d-----w- c:\windows\system32\KB905474
2011-09-06 13:57:19 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-09-06 11:41:38 -------- d-----w- c:\documents and settings\administrator\Tracing
2011-09-06 11:41:25 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Ilivid Player
2011-09-06 11:41:24 -------- d-----w- c:\documents and settings\administrator\application data\Bandoo
2011-09-06 11:41:24 -------- d-----w- c:\documents and settings\administrator\AppData
2011-09-06 11:41:23 -------- d-----w- c:\documents and settings\administrator\application data\searchquband
2011-09-06 11:39:40 -------- d-----w- c:\documents and settings\administrator\application data\searchqutoolbar
2011-09-06 11:39:37 -------- d-----w- c:\program files\Windows iLivid Toolbar
2011-09-06 11:39:26 -------- d-----w- c:\documents and settings\administrator\local settings\application data\PackageAware
2011-09-06 08:31:52 70656 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP9Z.DLL
2011-09-06 08:31:52 27648 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD9Z.DLL
2011-09-06 08:31:51 272384 ----a-w- c:\windows\system32\CNMLM9Z.DLL
2011-09-06 08:31:23 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-09-06 08:31:04 303104 ----a-w- c:\windows\system32\CNC550L.dll
2011-09-06 08:31:04 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2011-09-06 08:31:04 1310720 ----a-w- c:\windows\system32\CNC550C.dll
2011-09-06 08:31:04 110592 ----a-w- c:\windows\system32\CNC550I.dll
2011-09-06 08:31:04 106496 ----a-w- c:\windows\system32\CNC550U.dll
2011-09-06 07:44:25 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-09-06 07:44:25 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2011-09-06 07:43:58 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2011-09-06 07:43:58 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2011-09-06 07:43:45 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-09-06 07:43:43 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2011-09-06 07:43:41 766464 ------w- c:\windows\system32\dllcache\vgx.dll
2011-09-06 07:43:32 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2011-09-06 07:43:16 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2011-09-06 07:43:16 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2011-09-06 07:43:15 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2011-09-06 07:42:55 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2011-09-06 07:42:03 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2011-09-06 07:41:29 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2011-09-06 07:41:29 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2011-09-06 07:41:29 35328 ------w- c:\windows\system32\dllcache\sc.exe
2011-09-06 07:41:29 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2011-09-06 07:41:29 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2011-09-06 07:41:29 110592 ------w- c:\windows\system32\dllcache\services.exe
2011-09-06 07:41:28 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2011-09-06 07:41:28 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-09-06 07:40:27 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2011-09-06 07:40:22 293376 ------w- c:\windows\system32\browserchoice.exe
2011-09-06 07:40:09 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-09-06 07:40:02 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2011-09-06 07:39:48 105472 ------w- c:\windows\system32\dllcache\mup.sys
2011-09-06 07:39:39 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2011-09-06 07:39:16 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2011-09-06 07:38:28 692736 ------w- c:\windows\system32\dllcache\inetcomm.dll
2011-09-06 07:38:14 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2011-09-06 07:37:13 718336 ------w- c:\windows\system32\dllcache\ntdll.dll
2011-09-06 07:37:12 2192768 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-09-06 07:37:12 2148864 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-09-06 07:37:11 2069376 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-09-06 07:37:11 2027008 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-09-06 07:36:21 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
2011-09-06 07:35:59 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-09-06 07:33:48 45568 ------w- c:\windows\system32\dllcache\wab.exe
2011-09-06 07:33:44 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2011-09-06 07:33:44 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-09-05 22:24:14 -------- d-----w- c:\windows\system32\PreInstall
2011-09-05 22:24:11 -------- d--h--w- c:\windows\$hf_mig$
2011-09-05 18:52:20 -------- d-----w- c:\program files\Logia
2011-09-05 18:52:19 -------- d-----w- c:\documents and settings\administrator\application data\Logia
2011-09-05 18:45:46 -------- d-----w- c:\windows\system32\appmgmt
2011-09-05 18:37:24 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-09-05 18:37:23 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-09-05 18:28:01 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-09-05 18:25:14 -------- d-----w- c:\windows\SHELLNEW
2011-09-05 18:24:11 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Microsoft Help
2011-09-05 18:08:39 -------- d-----w- c:\documents and settings\administrator\application data\AVG2012
2011-09-05 17:37:29 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2011-09-05 17:34:54 -------- d-----w- c:\windows\system32\drivers\AVG
2011-09-05 17:34:54 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2011-09-05 17:34:20 -------- d-----w- c:\program files\AVG
2011-09-05 17:32:40 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2011-09-05 15:17:47 5632 ----a-w- c:\windows\system32\ptpusb.dll
2011-09-05 15:17:44 159232 ----a-w- c:\windows\system32\ptpusd.dll
2011-09-05 15:17:41 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-09-05 15:01:37 -------- d-----w- c:\documents and settings\administrator\application data\OpenOffice.org
2011-09-05 14:00:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-09-02 14:04:46 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-09-02 10:32:14 213544 ----a-w- c:\windows\system32\drivers\b57xp32.sys
2011-09-02 09:00:00 155648 ----a-w- c:\windows\system32\igfxres.dll
2011-09-02 08:48:08 -------- d-----w- c:\documents and settings\all users\application data\Innovative Solutions
2011-09-02 08:48:08 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Innovative Solutions
2011-09-02 08:48:04 -------- d-----w- c:\program files\Innovative Solutions
2011-09-02 08:40:28 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Sun
.
==================== Find3M ====================
.
2011-09-01 13:12:13 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-01 13:12:13 128000 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-01 13:11:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 04:20:54 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 04:20:54 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 04:20:54 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 04:20:54 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-11 00:14:38 295248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-07-11 00:14:30 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-07-11 00:14:28 24272 ----a-w- c:\windows\system32\drivers\AVGIDSFilter.sys
2011-07-11 00:14:28 23120 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys
2011-07-11 00:14:26 134608 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-07-11 00:13:46 229840 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-07-11 00:13:42 32464 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-05 11:37:00 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 11:37:00 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:43:59 841216 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:43:58 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 18:43:58 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-21 18:43:57 17408 ----a-w- c:\windows\system32\corpol.dll
2011-06-21 12:09:26 389120 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 17:04:39.21 ===============