We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Help please with metropolitan police scam
mudgekin
Posts: 514 Forumite
hi
Looks like my DH's PC has been infected with the Metropolitan police virus.
I have downloaded malwarebytes and did the quick scan as recommended in an old thread. I have fixed what iut says to fix and posted the log below. Can someone advise what to do next please
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.04.05.05
Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
*************** [administrator]
05/04/2012 16:19:53
mbam-log-2012-04-05 (16-19-53).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227602
Time elapsed: 5 minute(s), 35 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Documents and Settings\*****\Local Settings\Temp\wpbt0.dll (Trojan.Zbot.HWGen) -> Quarantined and deleted successfully.
C:\Documents and Settings\*****\Local Settings\Temporary Internet Files\Content.IE5\0TC7DB3F\contacts[1].exe (Trojan.Zbot.HWGen) -> Quarantined and deleted successfully.
C:\Documents and Settings\*****\Start Menu\Programs\Startup\wpbt0.dll.lnk (Trojan.Agent) -> Quarantined and deleted successfully.
(end)
After removal I am in the process of running a full scan
Looks like my DH's PC has been infected with the Metropolitan police virus.
I have downloaded malwarebytes and did the quick scan as recommended in an old thread. I have fixed what iut says to fix and posted the log below. Can someone advise what to do next please
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.04.05.05
Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
*************** [administrator]
05/04/2012 16:19:53
mbam-log-2012-04-05 (16-19-53).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227602
Time elapsed: 5 minute(s), 35 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Documents and Settings\*****\Local Settings\Temp\wpbt0.dll (Trojan.Zbot.HWGen) -> Quarantined and deleted successfully.
C:\Documents and Settings\*****\Local Settings\Temporary Internet Files\Content.IE5\0TC7DB3F\contacts[1].exe (Trojan.Zbot.HWGen) -> Quarantined and deleted successfully.
C:\Documents and Settings\*****\Start Menu\Programs\Startup\wpbt0.dll.lnk (Trojan.Agent) -> Quarantined and deleted successfully.
(end)
After removal I am in the process of running a full scan
0
Comments
-
Can you boot to normal mode and run mbam (quick scan) from there? A full scan in safe mode is a bit pointless at the moment - it may take a very long time.
Run this in any mode, post the log.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)0 -
Thanks for the reply waddler. I will do that now0
-
It should only take 2 -3 mins (ish).0
-
Fingers crosses, here is the MBAM log, I will do the other one next
Malwarebytes Anti-Malware 1.60.1.1000
https://www.malwarebytes.org
Database version: v2012.04.05.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
[administrator]
05/04/2012 18:22:28
mbam-log-2012-04-05 (18-22-28).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228766
Time elapsed: 7 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)0 -
dds log
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by Derek at 18:32:26 on 2012-04-05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3198.2126 [GMT 1:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: ESET Smart Security 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Documents and Settings\Derek\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\notepad.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0071127
uSearch Page = hxxp://www.google.co.uk/hws/sb/dell-usuk/en/side.html?channel=uk
uDefault_Page_URL = https://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0071127
uSearch Bar = hxxp://www.google.co.uk/hws/sb/dell-usuk/en/side.html?channel=uk
mSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.co.uk/hws/sb/dell-usuk/en/side.html?channel=uk
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [Google Update] "c:\documents and settings\derek\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\derek\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\derek\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\derek\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.euro.dell.com/systemprofiler/SysPro.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242297386796
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.euro.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{8181A72B-283B-4850-B96B-96C8D967329C} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\derek\application data\mozilla\firefox\profiles\yb630sqb.default\
FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/?p=us
FF - plugin: c:\documents and settings\derek\application data\mozilla\firefox\profiles\yb630sqb.default\extensions\support@ancestry.com\plugins\npImgCtl.dll
FF - plugin: c:\documents and settings\derek\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Ancestry.com Advanced Image Viewer: support@ancestry.com - %profile%\extensions\support@ancestry.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-9-10 64512]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2012-3-11 56208]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2011-8-4 118104]
R1 RapportCerberus_34302;RapportCerberus_34302;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\34302\RapportCerberus32_34302.sys [2011-12-16 228208]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2012-3-11 71440]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2012-3-11 164112]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2011-9-22 974944]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-1-14 233472]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-8-18 2152152]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2012-1-25 2253120]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2012-3-11 931640]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]
R2 wwEngineSvc;Window Washer Engine;c:\program files\webroot\washer\WasherSvc.exe [2010-10-9 598856]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-1-14 36608]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-8-18 15232]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-4-5 40776]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2012-1-25 119656]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-13 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-13 135664]
S3 RapportIaso;RapportIaso;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\28896\RapportIaso.sys [2011-8-7 21520]
.
=============== Created Last 30 ================
.
2012-04-05 17:06:32 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-04-03 06:01:40
d
w- C:\Crash
2012-03-11 12:48:50 56208 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
.
==================== Find3M ====================
.
2012-04-05 10:35:29 26112 ----a-w- c:\windows\system32\userinit.exe
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 16:56:24 285176 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-01-25 16:56:24 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-01-25 16:56:22 285176 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-01-11 19:06:47 3072
w- c:\windows\system32\iacenc.dll
2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 18:33:07.73 ===============0 -
I need to pop away for 20 mins to make dinner but will be back. Many thanks for the help0
-
That looks ok.
I'd remove these from the trusted zone:
Having sites in the trusted zone lowers the security when visiting sites in that zone - If they're ever compromised (and normally safe & reputable sites can be), it makes it so much easier to infect you.Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Looking at the mbam log it looks as though you've been infected through an exploit and looking at the DDS log I'd lay money on it being through outdated versions of Java runtime.
Post me the attach.txt now.0 -
Thanks again. Neither of us are very tech savy but DH is even less so than me, so thanks from both of us for your time
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 30/11/2007 22:44:09
System Uptime: 05/04/2012 18:03:55 (0 hours ago)
.
Motherboard: Dell Inc. | | 0RY007
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | Socket 775 | 2327/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 230 GiB total, 105.744 GiB free.
is FIXED (NTFS) - 233 GiB total, 232.691 GiB free.
E: is CDROM (UDF)
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1054: 06/01/2012 10:23:03 - System Checkpoint
RP1055: 07/01/2012 10:25:31 - System Checkpoint
RP1056: 09/01/2012 17:29:45 - System Checkpoint
RP1057: 11/01/2012 06:43:21 - Software Distribution Service 3.0
RP1058: 11/01/2012 13:00:01 - Software Distribution Service 3.0
RP1059: 12/01/2012 16:52:47 - System Checkpoint
RP1060: 13/01/2012 17:11:04 - System Checkpoint
RP1061: 17/01/2012 16:53:54 - System Checkpoint
RP1062: 19/01/2012 16:41:34 - System Checkpoint
RP1063: 21/01/2012 15:19:08 - System Checkpoint
RP1064: 23/01/2012 13:12:14 - System Checkpoint
RP1065: 26/01/2012 17:21:44 - System Checkpoint
RP1066: 27/01/2012 17:33:48 - System Checkpoint
RP1067: 29/01/2012 14:46:59 - System Checkpoint
RP1068: 30/01/2012 17:29:27 - System Checkpoint
RP1069: 31/01/2012 16:51:39 - Software Distribution Service 3.0
RP1070: 01/02/2012 18:19:17 - System Checkpoint
RP1071: 04/02/2012 16:49:52 - System Checkpoint
RP1072: 05/02/2012 16:58:01 - System Checkpoint
RP1073: 07/02/2012 17:42:22 - System Checkpoint
RP1074: 10/02/2012 16:50:24 - System Checkpoint
RP1075: 11/02/2012 17:58:21 - System Checkpoint
RP1076: 12/02/2012 05:35:09 - Removed ESET NOD32 Antivirus
RP1077: 12/02/2012 05:38:04 - Removed Sygate Personal Firewall
RP1078: 12/02/2012 05:42:59 - Installed ESET NOD32 Antivirus
RP1079: 12/02/2012 05:48:59 - Removed ESET NOD32 Antivirus
RP1080: 12/02/2012 05:49:15 - Removed ESET NOD32 Antivirus
RP1081: 12/02/2012 05:55:18 - Installed ESET Smart Security
RP1082: 15/02/2012 05:57:07 - Software Distribution Service 3.0
RP1083: 17/02/2012 16:50:36 - System Checkpoint
RP1084: 18/02/2012 17:12:26 - System Checkpoint
RP1085: 20/02/2012 17:08:47 - System Checkpoint
RP1086: 25/02/2012 20:19:50 - System Checkpoint
RP1087: 27/02/2012 17:17:13 - System Checkpoint
RP1088: 28/02/2012 18:38:30 - System Checkpoint
RP1089: 02/03/2012 07:50:47 - System Checkpoint
RP1090: 03/03/2012 14:37:43 - System Checkpoint
RP1091: 05/03/2012 16:34:45 - System Checkpoint
RP1092: 07/03/2012 05:26:00 - System Checkpoint
RP1093: 11/03/2012 14:44:49 - System Checkpoint
RP1094: 12/03/2012 18:23:25 - System Checkpoint
RP1095: 13/03/2012 18:13:42 - Software Distribution Service 3.0
RP1096: 14/03/2012 18:41:30 - Software Distribution Service 3.0
RP1097: 16/03/2012 17:00:30 - System Checkpoint
RP1098: 18/03/2012 12:56:08 - System Checkpoint
RP1099: 20/03/2012 18:53:04 - System Checkpoint
RP1100: 22/03/2012 05:26:09 - System Checkpoint
RP1101: 23/03/2012 16:49:24 - System Checkpoint
RP1102: 27/03/2012 05:08:31 - Installed Rapport
RP1103: 28/03/2012 05:21:30 - System Checkpoint
RP1104: 29/03/2012 05:22:50 - System Checkpoint
RP1105: 30/03/2012 05:24:02 - System Checkpoint
RP1106: 31/03/2012 15:25:44 - System Checkpoint
RP1107: 02/04/2012 05:34:22 - System Checkpoint
RP1108: 03/04/2012 06:17:04 - System Checkpoint
RP1109: 04/04/2012 07:56:51 - System Checkpoint
RP1110: 05/04/2012 09:35:50 - System Checkpoint
.
==== Installed Programs ======================
.
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.4
Anquet Maps
Anquet Maps Data: Great Britain North
Anquet Maps v06
ArcSoft PhotoImpression 5
ArcSoft VideoImpression 2
BCL easyConverter SDK 1.0.0 Module
BlackBerry Desktop Software 4.2.2
BlackBerry Device Software Updater
Browser Address Error Redirector
Dark Age of Camelot
Dell Driver Download Manager
Dell Driver Reset Tool
Dell System Restore
Dropbox
EQ2MAP Updater 1.2.4
ESET Smart Security
EverQuest II
EverQuest II: Play the Fae
EverQuest II: The Shadow Odyssey
EverQuest Platinum
Family Tree Maker 2008
Family Tree Maker 2010
GameSpy Comrade
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Smart Web Printing 4.60
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Jewel Quest (remove only)
Junk Mail filter update
LDC Hazard Perception eXtra
Legacy 7.5
Legends of Norrath
Magelo Update
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft WSE 3.0
Mozilla Firefox (3.6.28)
Mozilla Thunderbird 11.0.1 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
NVIDIA Control Panel 285.58
NVIDIA Graphics Driver 285.58
NVIDIA HD Audio Driver 1.2.24.0
NVIDIA Install Application
NVIDIA nView 135.95
NVIDIA PhysX
NVIDIA PhysX System Software 9.11.0621
NVIDIA Update 1.5.20
NVIDIA Update Components
OGA Notifier 2.0.0048.0
Paint.NET v3.5.5
Pando Media Booster
Peggle Deluxe
Personal Ancestral File 5
PMB
PowerDVD
Rapport
Realtek High Definition Audio Driver
Rome - Total War
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio Media Manager
Roxio Update Manager
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
SatSYNC
SearchAssist
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Sid Meier's Civilization 4 Complete
SmartWebPrinting
SpywareBlaster 4.4
SpywareGuard v2.2
Station Launcher
The Lord of the Rings Online™ v03.02.04.8010
The Official DSA Theory Test for Car Drivers
The Rise of Atlantis 1.0
TomTom HOME 2.8.2.2264
TomTom HOME Visual Studio Merge Modules
Ulead PhotoImpact XL ESD
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Window Washer
Windows Genuine Advantage Notifications (KB905474)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Encoder 9 Series
Windows Media Format Runtime
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
Wisdom-soft ScreenHunter 6.0 Free
.
==== Event Viewer Messages From Past Week ========
.
30/03/2012 17:23:09, error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the file specified.
05/04/2012 16:29:47, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ehdrv Fips iaStor intelppm RapportKELL
05/04/2012 16:15:07, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ehdrv Fips intelppm RapportKELL
05/04/2012 16:06:54, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
05/04/2012 16:06:22, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ehdrv epfwtdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RapportKELL RasAcd Rdbss Tcpip
05/04/2012 16:06:22, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
05/04/2012 16:06:22, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
05/04/2012 16:06:22, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
05/04/2012 16:06:22, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
03/04/2012 05:30:42, error: Dhcp [1002] - The IP address lease 192.168.1.66 for the Network Card with network address 001D09782DBA has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================0 -
Remove these and update them to the latest secure versions. When downloading uncheck any extras like toolbars or security scans etc before downloading from the webpage & during the install.
http://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.htmlAdobe Flash Player 10 ActiveX
http://get.adobe.com/flashplayer/
Via add/remove programs.Adobe Reader 8.1.4
http://get.adobe.com/uk/reader/
All these via add/remove programs.
http://java.com/en/download/index.jspJ2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
I use that version myself, but note that support for it ends this month. It'll have to be updated soon.Mozilla Firefox (3.6.28)
I'd uninstall Ad-aware & SpywareGuard. Eset should be more than enough with the odd quick scan with mbam.
This will tell you if I've missed anything.
http://secunia.com/vulnerability_scanning/online/
Any other problems? We can check for rootkits if you like but I feel ESET would be at least giving some kind of warning if you had one.0 -
Thank you so so very much for all the time you have spent. He has been in a panic all afternoon. I am guilty about not keeping his pc as up to date as mine but maybe I should do his also.
I will get all the things done that you recommend
Again, many many thanks. You have made a worried man breathe a bit easier.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.1K Banking & Borrowing
- 254K Reduce Debt & Boost Income
- 454.8K Spending & Discounts
- 246.2K Work, Benefits & Business
- 602.3K Mortgages, Homes & Bills
- 177.9K Life & Family
- 260.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards