Sign in to follow this  
Followers 0
extefractory

websearch soft-quick info -- cannot be removed

7 posts in this topic

Hello,

I am experiencing with this malware for 3 days. It redirects me bing.com when I open the Firefox and Chrome. I also scanned the computer with Spybot 3 problems cause they are still loaded in the memory.

The outputs are as follows.

Thanks in advance.

Regards.

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 14.06.2010 17:27:23

System Uptime: 21.01.2013 11:42:40 (9 hours ago)

.

Motherboard: TOSHIBA | | NSWAA

Processor: Intel® Core i3 CPU M 330 @ 2.13GHz | CPU | 1194/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 49,59 GiB free.

D: is FIXED (NTFS) - 149 GiB total, 1,748 GiB free.

E: is CDROM ()

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Officejet Pro 8500 A909a

Device ID: ROOT\IMAGE\0002

Manufacturer: HP

Name: Officejet Pro 8500 A909a

PNP Device ID: ROOT\IMAGE\0002

Service: StillCam

.

Class GUID:

Description: Officejet Pro 8500 A909a

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer:

Name: Officejet Pro 8500 A909a

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID:

Description: HP LaserJet 2100 Series

Device ID: ROOT\MULTIFUNCTION\0001

Manufacturer:

Name: HP LaserJet 2100 Series

PNP Device ID: ROOT\MULTIFUNCTION\0001

Service:

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet Pro 8500 A909a

Device ID: ROOT\MULTIFUNCTION\0002

Manufacturer: HP

Name: Officejet Pro 8500 A909a

PNP Device ID: ROOT\MULTIFUNCTION\0002

Service:

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet Pro 8500 A909a

Device ID: ROOT\MULTIFUNCTION\0003

Manufacturer: HP

Name: Officejet Pro 8500 A909a

PNP Device ID: ROOT\MULTIFUNCTION\0003

Service:

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet Pro 8500 A909a

Device ID: ROOT\MULTIFUNCTION\0004

Manufacturer: HP

Name: Officejet Pro 8500 A909a

PNP Device ID: ROOT\MULTIFUNCTION\0004

Service:

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco Systems VPN Adapter for 64-bit Windows

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco Systems VPN Adapter for 64-bit Windows

PNP Device ID: ROOT\NET\0000

Service: CVirtA

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: CSN5PDTS82x64 NDIS Protocol Driver

Device ID: ROOT\LEGACY_CSN5PDTS82X64\0000

Manufacturer:

Name: CSN5PDTS82x64 NDIS Protocol Driver

PNP Device ID: ROOT\LEGACY_CSN5PDTS82X64\0000

Service: CSN5PDTS82x64

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Sentinel64

Device ID: ROOT\LEGACY_SENTINEL64\0000

Manufacturer:

Name: Sentinel64

PNP Device ID: ROOT\LEGACY_SENTINEL64\0000

Service: Sentinel64

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

64 Bit HP CIO Components Installer

8500A909_eDocs

8500A909_Help

8500A909a

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Adsl Utility Program

Ask Toolbar

Ask Toolbar Updater

ATI Catalyst Install Manager

µTorrent

Bluetooth Stack for Windows by Toshiba

BPD_DSWizards

bpd_scan

BPDSoftware

BPDSoftware_Ini

BufferChm

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Championship Manager 01-02

Check Point SSL Network Extender

Cisco Packet Tracer 5.3

Cisco Systems VPN Client 5.0.07.0240

D3DX10

DAEMON Tools Pro

Destinations

DeviceDiscovery

DocMgr

DocProc

EasyWords 1.0

English Fast Dictionary

Fax

Feedback Tool

FileZilla Client 3.5.3

Free PDF to Word Doc Converter v1.1

GOM PICKER

GOM Player

GOM Video Converter

Google Chrome

Google Earth

Google Update Helper

GPBaseService2

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

HP Customer Participation Program 13.0

HP Document Manager 2.0

HP Imaging Device Functions 13.0

HP Smart Web Printing 4.51

HP Solution Center 13.0

HPProductAssistant

HPSSupply

HUAWEI DataCard Driver 4.22.16.00

Intel® Control Center

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java 7 Update 11

Java Auto Updater

Java 6 Update 26

JavaFX 2.1.1

Juniper Networks Host Checker

Juniper Networks Network Connect 6.3.0

Juniper Networks Network Connect 7.0.0

Juniper Networks Setup Client

Juniper Networks Setup Client Activex Control

Junk Mail filter update

MarketResearch

Mesh Runtime

Messenger Companion

MibViewer

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel 2007 Help Güncelleştirmesi (KB963678)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Excel MUI (Turkish) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Live Meeting 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office OneNote MUI (Turkish) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office Powerpoint 2007 Help Güncelleştirmesi (KB963669)

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint MUI (Turkish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proof (Turkish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (Turkish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit MUI (Turkish) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (Turkish) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word 2007 Help Güncelleştirmesi (KB963665)

Microsoft Office Word MUI (English) 2007

Microsoft Office Word MUI (Turkish) 2007

Microsoft Silverlight

Microsoft SQL Server 2008 R2

Microsoft SQL Server 2008 R2 Native Client

Microsoft SQL Server 2008 R2 RsFx Driver

Microsoft SQL Server 2008 R2 Setup (English)

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Browser

Microsoft SQL Server Native Client

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Works

Mozilla Firefox 18.0.1 (x86 tr)

Mozilla Maintenance Service

MPEG2 Codec(libmpeg2/mad)

MPM

MSVC80_x64_v2

MSVC80_x86_v2

MSVC90_x64

MSVC90_x86

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MTPuTTY 1.6 beta

Nero Backup Drivers

Network64

Nokia Connectivity Cable Driver

Nokia Ovi Suite

Nokia PC Internet Access

Norton 360

Norton Management

Notepad++

OCR Software by I.R.I.S. 13.0

Officejet Pro 8500 A909 Series

Ovi Desktop Sync Engine

OviMPlatform

PC Connectivity Solution

Picasa 3

PlayReady PC Runtime amd64

PowerISO

ProductContext

Realtek Ethernet Controller Driver For Windows Vista and Later

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

Rosetta Stone Version 3

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Scan

Search Assistant SoftQuick 1.66

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Groove 2007 (KB2552997)

Security Update for Microsoft Office InfoPath 2007 (KB2510061)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Service Pack 1 for SQL Server 2008 R2 (KB2528583)

Shop for HP Supplies

Skype Click to Call

Skype™ 6.0

SmartWebPrinting

SolutionCenter

Spybot - Search & Destroy

SQL Server 2008 R2 SP1 Common Files

SQL Server 2008 R2 SP1 Database Engine Services

SQL Server 2008 R2 SP1 Database Engine Shared

Sql Server Customer Experience Improvement Program

Status

Synaptics Pointing Device Driver

TeamViewer 6

TeamViewer 7

Toolbox

Toshiba Assist

TOSHIBA Bulletin Board

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA DVD PLAYER

TOSHIBA eco Utility

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Face Recognition

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

Toshiba Manuals

Toshiba Online Product Information

TOSHIBA PC Health Monitor

TOSHIBA Recovery Media Creator

TOSHIBA Recovery Media Creator Reminder

TOSHIBA ReelTime

TOSHIBA Sabit Disk Sürücüsü/Elektro Manyetik Sürücüsü Uyarısı

TOSHIBA Service Station

TOSHIBA Supervisor Password

Toshiba TEMPRO

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

TOSHIBA Yönetici Parolası

TrayApp

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Utility Common Driver

Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi

Visual C++ 8.0 Runtime Setup Package (x64)

Vodafone Mobile Broadband Lite

WebEx

WebReg

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Fotoğraf Galerisi

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live Temel Parçalar

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinPcap 4.1.1

WinRAR archiver

WinSCP 4.3.5

WinZip 15.5

Wireshark 1.0.7

.

==== End Of File ===========================

DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by Ozz at 20:48:16 on 2013-01-21

Microsoft Windows 7 Home Premium 6.1.7601.1.1254.90.1055.18.3958.1959 [GMT 2:00]

.

AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe

C:\Windows\system32\crypserv.exe

C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Common Files\Juniper Networks\Endpoint Defense\dsEES.exe

C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe

c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ACTIXSQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe

C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe

C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclToBTSrv64.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ozz\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com.tr/

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH

mStart Page = hxxp://websearch.soft-quick.info/

uProxyServer = 10.1.240.50:8080

uProxyOverride = <local>

uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

mWinlogon: Userinit = userinit.exe

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ips\ipsbho.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Windows Live ID Oturum Açma Yardım Aracı: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - <orphaned>

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO: GretechBHO Class: {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coieplg.dll

TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [NokiaPCInternetAccess] "C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe

dRun: [Norton Download Manager{N360201102-SHPD-FSD31014}] C:\Program Files (x86)\Norton Management\Engine\3.1.0.24\ccSvcHst.exe /m

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: Bilisim Sözlügü: Türkçe - İngilizce - C:\Program Files (x86)\Bilisim Sozlugu\bildict.exe/SEARCH_TR2EN.HTM

IE: Bilisim Sözlügü: İngilizce - Türkçe - C:\Program Files (x86)\Bilisim Sozlugu\bildict.exe/SEARCH_EN2TR.HTM

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Microsoft Excel'e &Ver - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: ????3?? - <no file>

IE: ????3?????? - <no file>

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} - hxxps://212.65.157.110/CSHELL/extender.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{0044C98B-D5F9-4DEF-A912-579CC58A72B9} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{0044C98B-D5F9-4DEF-A912-579CC58A72B9}\2416B63656C6C6D294E6475627E65647 : DHCPNameServer = 8.8.8.8

TCP: Interfaces\{0044C98B-D5F9-4DEF-A912-579CC58A72B9}\4556C656E65627 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{0044C98B-D5F9-4DEF-A912-579CC58A72B9}\4756C656 : DHCPNameServer = 192.168.43.1

TCP: Interfaces\{0044C98B-D5F9-4DEF-A912-579CC58A72B9}\7456E6A656C6961303 : DHCPNameServer = 192.168.100.1

TCP: Interfaces\{0044C98B-D5F9-4DEF-A912-579CC58A72B9}\7456E6A656C69643 : DHCPNameServer = 192.168.100.1

TCP: Interfaces\{0044C98B-D5F9-4DEF-A912-579CC58A72B9}\D414A5D2E45647 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{1FA7C7BD-2FC4-4244-91CA-3AEBD627E431} : DHCPNameServer = 192.168.42.129

TCP: Interfaces\{E331D417-F256-4F90-AF88-CF4BC6E9A02A} : NameServer = 188.59.246.11 86.108.132.165

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= c:\progra~2\contin~1\sprote~1.dll c:\progra~2\softqu~1\sprote~1.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Ozz\AppData\Roaming\Mozilla\Firefox\Profiles\feyi729s.default\

FF - prefs.js: browser.search.defaulturl - hxxp://websearch.soft-quick.info/?l=1&q=

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://websearch.soft-quick.info/

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=77362243-16E4-42E8-9D65-5B3A7ED99FD1&apn_ptnrs=U3&apn_sauid=7DF1C992-108A-4979-825F-E92E74B82109&apn_dtid=OSJ000YYTR&&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Ozz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: 2013-01-14 16:02; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn

FF - ExtSQL: 2013-01-16 08:52; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn

FF - ExtSQL: 2013-01-16 16:13; vb@yandex.ru; C:\Users\Ozz\AppData\Roaming\Mozilla\Firefox\Profiles\feyi729s.default\extensions\vb@yandex.ru

FF - ExtSQL: 2013-01-16 16:13; yasearch@yandex.ru; C:\Users\Ozz\AppData\Roaming\Mozilla\Firefox\Profiles\feyi729s.default\extensions\yasearch@yandex.ru

FF - ExtSQL: 2013-01-17 10:06; 50f7b108d4093@50f7b108d40ca.com; C:\Users\Ozz\AppData\Roaming\Mozilla\Firefox\Profiles\feyi729s.default\extensions\50f7b108d4093@50f7b108d40ca.com

FF - ExtSQL: 2013-01-21 09:52; toolbar@ask.com; C:\Users\Ozz\AppData\Roaming\Mozilla\Firefox\Profiles\feyi729s.default\extensions\toolbar@ask.com

FF - ExtSQL: !HIDDEN! 2011-11-28 14:33; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-8-11 72240]

R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-8-11 15920]

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402000.013\symds64.sys [2012-10-26 493216]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402000.013\symefa64.sys [2012-10-26 1133216]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\System32\drivers\tos_sps64.sys [2010-1-25 482384]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130111.001\BHDrvx64.sys [2013-1-15 1384608]

R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys [2012-10-23 168096]

R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1402000.013\ccsetx64.sys [2012-10-26 168096]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-2-18 254528]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130118.001\IDSviA64.sys [2013-1-20 513184]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402000.013\ironx64.sys [2012-10-26 224416]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys [2012-10-26 432800]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-25 202752]

R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]

R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]

R2 cpextender;Check Point SSL Network Extender;C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe [2011-10-18 355496]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-4 13336]

R2 JuniperAccessService;Juniper Unified Network Service;C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2011-2-4 198000]

R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccsvchst.exe [2012-10-23 143928]

R2 MSSQL$ACTIXSQLEXPRESS;SQL Server (ACTIXSQLEXPRESS);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ACTIXSQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-6-17 43040096]

R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccsvchst.exe [2012-10-26 143928]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-1-20 1153368]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-11 138912]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-1-25 56344]

R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-1-14 86016]

R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2010-1-25 35008]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-12-4 291328]

R3 VNA;Check Point Virtual Network Adapter;C:\Windows\System32\drivers\vna.sys [2009-11-2 161256]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 Sentinel64;Sentinel64;C:\Windows\System32\drivers\sentinel64.sys [2011-10-29 145448]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-3-27 36328]

S3 CBUSB;MARX CryptoTech LP;C:\Windows\System32\drivers\CBUSB_64.sys [2007-2-15 80000]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-1-14 117248]

S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2013-1-14 13952]

S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2013-1-14 421376]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-30 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2013-1-14 98816]

S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2013-1-14 28672]

S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2013-1-14 212992]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-1-25 225280]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-3-27 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-3-27 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-3-27 177640]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-23 59392]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]

FileExt: .js: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]

.

=============== Created Last 30 ================

.

2013-01-21 07:52:01 -------- d-----w- C:\Users\Ozz\AppData\Local\APN

2013-01-21 07:52:01 -------- d-----w- C:\Program Files (x86)\Ask.com

2013-01-21 07:41:41 -------- d-----w- C:\ProgramData\Ask

2013-01-21 07:41:30 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-01-20 21:42:40 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-01-20 21:42:40 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2013-01-20 12:06:40 74288 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\breakpadinjector.dll

2013-01-20 12:06:40 262704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\components\browsercomps.dll

2013-01-20 12:06:40 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\D3DCompiler_43.dll

2013-01-20 12:06:40 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\d3dx9_43.dll

2013-01-20 12:06:40 19504 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll

2013-01-20 12:06:40 116272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\crashreporter.exe

2013-01-20 10:37:15 -------- d-----w- C:\N360_BACKUP

2013-01-20 09:09:29 -------- d-----w- C:\Users\Ozz\AppData\Roaming\SpeedyPC Software

2013-01-20 09:09:29 -------- d-----w- C:\Users\Ozz\AppData\Roaming\DriverCure

2013-01-20 09:09:13 -------- d-----w- C:\ProgramData\SpeedyPC Software

2013-01-19 10:53:53 -------- d-----w- C:\Program Files (x86)\MTPuTTY

2013-01-17 07:44:34 -------- d-----w- C:\ProgramData\Cloud Software LTD

2013-01-17 07:44:34 -------- d-----w- C:\Program Files (x86)\SoftQuick

2013-01-17 07:44:19 -------- d-----w- C:\Program Files (x86)\ContinueToSave

2013-01-17 07:44:15 -------- d-----w- C:\ProgramData\continuetosave

2013-01-17 07:43:51 -------- d-----w- C:\ProgramData\InstallMate

2013-01-16 08:18:00 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2013-01-14 14:12:25 -------- d-----w- C:\ProgramData\Actix

2013-01-14 14:08:57 47456 ----a-w- C:\Windows\SysWow64\perf-MSSQL10_50.ACTIXSQLEXPRESS-sqlagtctr.dll

2013-01-14 14:08:40 73568 ----a-w- C:\Windows\SysWow64\perf-MSSQL$ACTIXSQLEXPRESS-sqlctr10.51.2500.0.dll

2013-01-14 14:05:30 -------- d-----w- C:\Windows\SysWow64\1033

2013-01-14 14:05:30 -------- d-----w- C:\Windows\System32\1033

2013-01-14 09:24:46 -------- d-----w- C:\Windows\en

2013-01-14 08:07:28 -------- d-----w- C:\Users\Ozz\AppData\Local\Turkcell_Teknoloji

2013-01-14 08:05:07 -------- d-----w- C:\Windows\massfilter

2013-01-14 08:04:51 -------- d-----w- C:\Program Files (x86)\Turkcell

2013-01-04 08:20:58 -------- d-----w- C:\ProgramData\SafeNet Sentinel

2012-12-25 12:17:25 -------- d-----w- C:\Users\Ozz\AppData\Roaming\TTYPlus

.

==================== Find3M ====================

.

2013-01-10 18:02:55 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-01-10 18:02:54 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

.

============= FINISH: 20:49:09,96 ===============

Checkup.txt

Results of screen317's Security Check version 0.99.57

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Norton 360

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Spybot - Search & Destroy

CCleaner

JavaFX 2.1.1

Java 6 Update 26

Java 7 Update 11

Adobe Flash Player 11.5.502.146

Adobe Reader 10.1.4 Adobe Reader out of Date!

Mozilla Firefox (18.0.1)

Google Chrome 23.0.1271.97

Google Chrome 24.0.1312.52

````````Process Check: objlist.exe by Laurent````````

Norton ccSvcHst.exe

Spybot Teatimer.exe is disabled!

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:

````````````````````End of Log``````````````````````

Share this post


Link to post
Share on other sites

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

    [*]Please do not attach logs or use code boxes, just copy and paste the text.

    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.

    [*]Please read every post completely before doing anything.

    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.

    [*]Please provide feedback about your experience as we go.

    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from
here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download
AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+

Gringo

Share this post


Link to post
Share on other sites

Greetings

 

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

 

 

 

Gringo

Share this post


Link to post
Share on other sites

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.