We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

PC or connection issues?

12357

Comments

  • soolin
    soolin Posts: 74,468 Ambassador
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    hang on, that says it has been saved as a text file- so I'll go and look for it.

    EDIT: That is the same file
    I’m a Forum Ambassador and I support the Forum Team on the eBay, Auctions, Car Boot & Jumble Sales, Boost Your Income, Praise, Vents & Warnings, Overseas Holidays & Travel Planning , UK Holidays, Days Out & Entertainments boards. If you need any help on these boards, do let me know.. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.All views are my own and not the official line of MoneySavingExpert.
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    That's the one I wanted.

    Go here and read through the instructions for downloading and running ComboFix:

    Bleeping Computer ComboFix Tutorial
    • IMPORTANT! Ensure you temporarily turn off Mcafee before running. Instructions here
    • Double click combofix.exe & follow the prompts closely.
    • When it's finished, it'll produce a log. Post the contents of that log.
    • It'll be found on your C:\ drive named combofix.txt
    Above all, BE PATIENT! and let it run it's course.
  • soolin
    soolin Posts: 74,468 Ambassador
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    waddler_8 wrote: »
    That's the one I wanted.

    Go here and read through the instructions for downloading and running ComboFix:


    Bleeping Computer ComboFix Tutorial
    • IMPORTANT! Ensure you temporarily turn off Mcafee before running. Instructions here
    • Double click combofix.exe & follow the prompts closely.
    • When it's finished, it'll produce a log. Post the contents of that log.
    • It'll be found on your C:\ drive named combofix.txt
    Above all, BE PATIENT! and let it run it's course.
    OK, I'm off to try that now, thank you
    I’m a Forum Ambassador and I support the Forum Team on the eBay, Auctions, Car Boot & Jumble Sales, Boost Your Income, Praise, Vents & Warnings, Overseas Holidays & Travel Planning , UK Holidays, Days Out & Entertainments boards. If you need any help on these boards, do let me know.. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.All views are my own and not the official line of MoneySavingExpert.
  • soolin
    soolin Posts: 74,468 Ambassador
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    logs for Bleeping computer:

    part 1

    ComboFix 12-08-20.02 - Debra 20/08/2012 22:18:13.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3839.1993 [GMT 1:00]
    Running from: c:\users\Debra\Downloads\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\Common Files\packardbell.ico
    c:\programdata\ca083981-a55e-4de9-9b96-87a3f3608d70.ico
    c:\programdata\FullRemove.exe
    c:\users\Debra\AppData\Roaming\.#
    c:\users\Debra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Protection.lnk
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))))
    .
    .
    2012-08-20 17:35 . 2009-06-30 09:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
    2012-08-20 17:34 . 2012-08-20 17:34
    d
    w- c:\program files (x86)\Panda Security
    2012-08-20 12:18 . 2012-08-20 12:18
    d
    w- c:\programdata\Sophos
    2012-08-20 12:16 . 2012-08-20 12:16 73728 ----a-r- c:\users\Debra\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
    2012-08-20 12:16 . 2012-08-20 12:16 73728 ----a-r- c:\users\Debra\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
    2012-08-20 12:16 . 2012-08-20 12:16 73728 ----a-r- c:\users\Debra\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
    2012-08-20 12:16 . 2012-08-20 12:16
    d
    w- c:\program files (x86)\Sophos
    2012-08-19 08:02 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll
    2012-08-19 08:02 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll
    2012-08-19 08:01 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll
    2012-08-19 08:01 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe
    2012-08-19 08:01 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe
    2012-08-19 08:01 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
    2012-08-19 08:01 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
    2012-08-19 08:01 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
    2012-08-19 08:01 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
    2012-08-19 08:01 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
    2012-08-19 08:01 . 2012-07-18 17:31 3146752 ----a-w- c:\windows\system32\win32k.sys
    2012-08-19 08:01 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll
    2012-08-19 07:26 . 2012-08-19 07:26
    d
    w- c:\windows\SysWow64\Extensions
    2012-08-19 07:26 . 2012-08-19 07:26
    d
    w- c:\windows\SysWow64\searchplugins
    2012-08-18 21:23 . 2012-08-18 21:23
    d
    w- c:\programdata\Browser Manager
    2012-08-14 15:50 . 2012-08-14 15:50
    d
    w- c:\users\Debra\AppData\Local\Deployment
    2012-08-11 10:54 . 2012-08-11 10:54
    d
    w- c:\programdata\Tarma Installer
    2012-08-11 10:54 . 2012-08-11 10:54
    d
    w- c:\users\Debra\AppData\Roaming\Babylon
    2012-08-11 10:54 . 2012-08-11 10:54
    d
    w- c:\programdata\Babylon
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-08-19 23:06 . 2010-02-26 07:11 62134624 ----a-w- c:\windows\system32\MRT.exe
    2012-07-03 12:46 . 2010-09-09 19:06 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-18 12:56 . 2012-06-18 12:56 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-18 12:56 . 2012-06-18 12:56 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-06-09 05:30 . 2012-07-12 06:56 14165504 ----a-w- c:\windows\system32\shell32.dll
    2012-06-06 19:59 . 2012-06-06 19:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
    2012-06-06 05:50 . 2012-07-12 06:56 2003968 ----a-w- c:\windows\system32\msxml6.dll
    2012-06-06 05:50 . 2012-07-12 06:56 1880064 ----a-w- c:\windows\system32\msxml3.dll
    2012-06-06 05:09 . 2012-07-12 06:56 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
    2012-06-06 05:09 . 2012-07-12 06:56 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
    2012-06-02 22:19 . 2012-06-27 22:13 38424 ----a-w- c:\windows\system32\wups.dll
    2012-06-02 22:19 . 2012-06-27 22:14 2428952 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 22:19 . 2012-06-27 22:14 44056 ----a-w- c:\windows\system32\wups2.dll
    2012-06-02 22:19 . 2012-06-27 22:14 57880 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 22:19 . 2012-06-27 22:13 701976 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-02 22:15 . 2012-06-27 22:14 2622464 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-02 22:15 . 2012-06-27 22:13 99840 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-02 14:19 . 2012-06-27 22:13 186752 ----a-w- c:\windows\system32\wuwebv.dll
    2012-06-02 14:15 . 2012-06-27 22:13 36864 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-02 05:38 . 2012-07-12 06:56 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-06-02 05:38 . 2012-07-12 06:56 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-06-02 05:37 . 2012-07-12 06:56 459216 ----a-w- c:\windows\system32\drivers\cng.sys
    2012-06-02 05:27 . 2012-07-12 06:56 340992 ----a-w- c:\windows\system32\schannel.dll
    2012-06-02 05:27 . 2012-07-12 06:56 307200 ----a-w- c:\windows\system32\ncrypt.dll
    2012-06-02 04:48 . 2012-07-12 06:56 22016 ----a-w- c:\windows\SysWow64\secur32.dll
    2012-06-02 04:48 . 2012-07-12 06:56 225280 ----a-w- c:\windows\SysWow64\schannel.dll
    2012-06-02 04:47 . 2012-07-12 06:56 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
    2012-06-02 04:42 . 2012-07-12 06:56 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
    R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
    R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
    S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [2009-06-30 33800]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
    S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
    S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-13 66040]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
    S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-08-28 1150496]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]
    S2 MOBKbackup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-04-13 231224]
    S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
    S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-07-04 240160]
    S2 vseamps;vseamps;c:\program files\Common Files\Authentium\AntiVirus5\vseamps.exe [2010-04-08 149544]
    S2 vsedsps;vsedsps;c:\program files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2010-04-08 148008]
    S2 vseqrts;vseqrts;c:\program files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2010-04-08 205352]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
    S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys [2010-07-13 748648]
    .
    .
    I’m a Forum Ambassador and I support the Forum Team on the eBay, Auctions, Car Boot & Jumble Sales, Boost Your Income, Praise, Vents & Warnings, Overseas Holidays & Travel Planning , UK Holidays, Days Out & Entertainments boards. If you need any help on these boards, do let me know.. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.All views are my own and not the official line of MoneySavingExpert.
  • soolin
    soolin Posts: 74,468 Ambassador
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    (I've turned my anti virus programme back on BTW)

    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - PAVBOOT
    *NewlyCreated* - WS2IFSL
    *Deregistered* - mfeavfk01
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-25 15:49]
    .
    2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-25 15:49]
    .
    .
    X64 Entries
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
    @="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
    [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
    2010-04-13 20:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
    @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
    [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
    2010-04-13 20:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
    @="{b4caf489-1eec-c617-49ad-8d7088598c06}"
    [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
    2010-04-13 20:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "McAfeeWrapperApplication"="c:\program files (x86)\McAfeeMOBK\WrapperTrayIcon.exe" [2010-12-07 453344]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    Supplementary Scan
    .
    uStart Page = hxxp://www.google.co.uk/
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=ixtreme_m3720&r=173602100216p0305v1k5y47j1920p
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    TCP: DhcpNameServer = 192.168.0.1
    DPF: {0A43D7AC-D6C1-4622-B309-BF975F427C0E} - hxxps://internetbankingplus2.firstdirect.com/ibplus/frontdoorFD.cab
    FF - ProfilePath - c:\users\Debra\AppData\Roaming\Mozilla\Firefox\Profiles\a351s4p9.default\
    FF - prefs.js: browser.search.selectedEngine - Secure Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
    FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-Locked - (no file)
    .
    .
    .
    LOCKED REGISTRY KEYS
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Other Running Processes
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\windows\SysWOW64\rundll32.exe
    c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
    .
    **************************************************************************
    .
    Completion time: 2012-08-20 22:34:05 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-08-20 21:34
    .
    Pre-Run: 175,383,269,376 bytes free
    Post-Run: 175,358,070,784 bytes free
    .
    - - End Of File - - 1E77F58EDB61B233FA81F5F1C4B31915
    I’m a Forum Ambassador and I support the Forum Team on the eBay, Auctions, Car Boot & Jumble Sales, Boost Your Income, Praise, Vents & Warnings, Overseas Holidays & Travel Planning , UK Holidays, Days Out & Entertainments boards. If you need any help on these boards, do let me know.. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.All views are my own and not the official line of MoneySavingExpert.
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Mcafee was running last time, it's vital you turn it off. Mcafee doesn't play well with combofix at the best of times, deleting it's core files - I'm rather surprised it didn't this time?

    Run this combofix script.

    If combofix tells you there is a newer version available, let it update.
    • Open Notepad
    • Copy and paste the text present inside the code box below (Don't include Code:)
    Folder::
c:\programdata\Tarma Installer
c:\programdata\Babylon
c:\programdata\Browser Manager
c:\users\Debra\AppData\Roaming\Babylon

Driver::
vseamps
vsedsps
vseqrts

DDS::
uInternet Settings,ProxyOverride = *.local

File::
c:\program files\Common Files\Authentium\AntiVirus5\vseqrts.exe
c:\program files\Common Files\Authentium\AntiVirus5\vsedsps.exe 
c:\program files\Common Files\Authentium\AntiVirus5\vseamps.exe
    • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
    • Temporarily disable your anti-virus, before following the steps below.
    • To disable your Antivirus, see here.
      CFScriptB-4.gif
    • Drag CFScript.txt into ComboFix.exe as the screenshot above shows.
    • ComboFix will scan & may reboot when it finishes. Combofix.txt will open.
    • Copy and paste the contents of the log here.
  • soolin
    soolin Posts: 74,468 Ambassador
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    I double checked McAfee as I was prompted to confirm it was disabled and all of my McAffee showed as off and I kept getting the warning that my PC was not protected.

    There was nothing else I could turn off.
    I’m a Forum Ambassador and I support the Forum Team on the eBay, Auctions, Car Boot & Jumble Sales, Boost Your Income, Praise, Vents & Warnings, Overseas Holidays & Travel Planning , UK Holidays, Days Out & Entertainments boards. If you need any help on these boards, do let me know.. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.All views are my own and not the official line of MoneySavingExpert.
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Ok, run the script.
  • soolin
    soolin Posts: 74,468 Ambassador
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    Udated script:part 1


    ComboFix 12-08-20.02 - Debra 20/08/2012 23:08:31.2.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3839.2556 [GMT 1:00]
    Running from: c:\users\Debra\Desktop\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))))
    .
    .
    2012-08-20 22:15 . 2012-08-20 22:15
    d
    w- c:\users\Default\AppData\Local\temp
    2012-08-20 17:35 . 2009-06-30 09:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
    2012-08-20 17:34 . 2012-08-20 17:34
    d
    w- c:\program files (x86)\Panda Security
    2012-08-20 12:18 . 2012-08-20 12:18
    d
    w- c:\programdata\Sophos
    2012-08-20 12:16 . 2012-08-20 12:16 73728 ----a-r- c:\users\Debra\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
    2012-08-20 12:16 . 2012-08-20 12:16 73728 ----a-r- c:\users\Debra\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
    2012-08-20 12:16 . 2012-08-20 12:16 73728 ----a-r- c:\users\Debra\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
    2012-08-20 12:16 . 2012-08-20 12:16
    d
    w- c:\program files (x86)\Sophos
    2012-08-19 08:02 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll
    2012-08-19 08:02 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll
    2012-08-19 08:01 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll
    2012-08-19 08:01 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe
    2012-08-19 08:01 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe
    2012-08-19 08:01 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
    2012-08-19 08:01 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
    2012-08-19 08:01 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
    2012-08-19 08:01 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
    2012-08-19 08:01 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
    2012-08-19 08:01 . 2012-07-18 17:31 3146752 ----a-w- c:\windows\system32\win32k.sys
    2012-08-19 08:01 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll
    2012-08-19 07:26 . 2012-08-19 07:26
    d
    w- c:\windows\SysWow64\Extensions
    2012-08-19 07:26 . 2012-08-19 07:26
    d
    w- c:\windows\SysWow64\searchplugins
    2012-08-18 21:23 . 2012-08-18 21:23
    d
    w- c:\programdata\Browser Manager
    2012-08-14 15:50 . 2012-08-14 15:50
    d
    w- c:\users\Debra\AppData\Local\Deployment
    2012-08-11 10:54 . 2012-08-11 10:54
    d
    w- c:\programdata\Tarma Installer
    2012-08-11 10:54 . 2012-08-11 10:54
    d
    w- c:\users\Debra\AppData\Roaming\Babylon
    2012-08-11 10:54 . 2012-08-11 10:54
    d
    w- c:\programdata\Babylon
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-08-19 23:06 . 2010-02-26 07:11 62134624 ----a-w- c:\windows\system32\MRT.exe
    2012-07-03 12:46 . 2010-09-09 19:06 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-18 12:56 . 2012-06-18 12:56 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-18 12:56 . 2012-06-18 12:56 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-06-09 05:30 . 2012-07-12 06:56 14165504 ----a-w- c:\windows\system32\shell32.dll
    2012-06-06 19:59 . 2012-06-06 19:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
    2012-06-06 05:50 . 2012-07-12 06:56 2003968 ----a-w- c:\windows\system32\msxml6.dll
    2012-06-06 05:50 . 2012-07-12 06:56 1880064 ----a-w- c:\windows\system32\msxml3.dll
    2012-06-06 05:09 . 2012-07-12 06:56 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
    2012-06-06 05:09 . 2012-07-12 06:56 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
    2012-06-02 22:19 . 2012-06-27 22:13 38424 ----a-w- c:\windows\system32\wups.dll
    2012-06-02 22:19 . 2012-06-27 22:14 2428952 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 22:19 . 2012-06-27 22:14 44056 ----a-w- c:\windows\system32\wups2.dll
    2012-06-02 22:19 . 2012-06-27 22:14 57880 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 22:19 . 2012-06-27 22:13 701976 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-02 22:15 . 2012-06-27 22:14 2622464 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-02 22:15 . 2012-06-27 22:13 99840 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-02 14:19 . 2012-06-27 22:13 186752 ----a-w- c:\windows\system32\wuwebv.dll
    2012-06-02 14:15 . 2012-06-27 22:13 36864 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-02 05:38 . 2012-07-12 06:56 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-06-02 05:38 . 2012-07-12 06:56 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-06-02 05:37 . 2012-07-12 06:56 459216 ----a-w- c:\windows\system32\drivers\cng.sys
    2012-06-02 05:27 . 2012-07-12 06:56 340992 ----a-w- c:\windows\system32\schannel.dll
    2012-06-02 05:27 . 2012-07-12 06:56 307200 ----a-w- c:\windows\system32\ncrypt.dll
    2012-06-02 04:48 . 2012-07-12 06:56 22016 ----a-w- c:\windows\SysWow64\secur32.dll
    2012-06-02 04:48 . 2012-07-12 06:56 225280 ----a-w- c:\windows\SysWow64\schannel.dll
    2012-06-02 04:47 . 2012-07-12 06:56 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
    2012-06-02 04:42 . 2012-07-12 06:56 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
    .
    .
    ((((((((((((((((((((((((((((( [EMAIL="SnapShot@2012-08-20_21.29.59"]SnapShot@2012-08-20_21.29.59[/EMAIL] )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-10-28 22:44 . 2012-08-20 21:31 53050 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2012-08-20 21:31 30406 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2010-02-25 15:33 . 2012-08-20 21:31 20004 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1758057839-1451841138-4249003403-1001_UserData.bin
    - 2010-02-25 15:08 . 2012-08-20 20:42 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-02-25 15:08 . 2012-08-20 21:35 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-02-25 15:08 . 2012-08-20 21:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-02-25 15:08 . 2012-08-20 20:42 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-08-20 20:42 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-08-20 21:35 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2012-08-20 21:26 . 2012-08-20 21:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-08-20 22:16 . 2012-08-20 22:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-08-20 22:16 . 2012-08-20 22:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2012-08-20 21:26 . 2012-08-20 21:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2009-07-14 02:36 . 2012-08-20 12:01 628414 c:\windows\system32\perfh009.dat
    + 2009-07-14 02:36 . 2012-08-20 21:33 628414 c:\windows\system32\perfh009.dat
    - 2009-07-14 02:36 . 2012-08-20 12:01 110598 c:\windows\system32\perfc009.dat
    + 2009-07-14 02:36 . 2012-08-20 21:33 110598 c:\windows\system32\perfc009.dat
    - 2009-07-14 05:01 . 2012-08-20 21:25 320380 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2009-07-14 05:01 . 2012-08-20 22:15 320380 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2009-07-14 02:34 . 2012-08-20 15:41 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
    + 2009-07-14 02:34 . 2012-08-20 21:39 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
    + 2011-04-29 22:29 . 2012-08-20 22:15 48001748 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1758057839-1451841138-4249003403-1001-12288.dat
    - 2011-04-29 22:29 . 2012-08-20 21:25 48001748 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1758057839-1451841138-4249003403-1001-12288.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
    R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
    R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
    S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [2009-06-30 33800]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
    S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
    S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-13 66040]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
    S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-08-28 1150496]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]
    S2 MOBKbackup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-04-13 231224]
    S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
    S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-07-04 240160]
    S2 vseamps;vseamps;c:\program files\Common Files\Authentium\AntiVirus5\vseamps.exe [2010-04-08 149544]
    S2 vsedsps;vsedsps;c:\program files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2010-04-08 148008]
    S2 vseqrts;vseqrts;c:\program files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2010-04-08 205352]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
    S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys [2010-07-13 748648]
    .
    .
    I’m a Forum Ambassador and I support the Forum Team on the eBay, Auctions, Car Boot & Jumble Sales, Boost Your Income, Praise, Vents & Warnings, Overseas Holidays & Travel Planning , UK Holidays, Days Out & Entertainments boards. If you need any help on these boards, do let me know.. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.All views are my own and not the official line of MoneySavingExpert.
  • soolin
    soolin Posts: 74,468 Ambassador
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    --- Other Services/Drivers In Memory ---
    .
    *Deregistered* - mfeavfk01
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-25 15:49]
    .
    2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-25 15:49]
    .
    .
    X64 Entries
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
    @="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
    [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
    2010-04-13 20:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
    @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
    [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
    2010-04-13 20:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
    @="{b4caf489-1eec-c617-49ad-8d7088598c06}"
    [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
    2010-04-13 20:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "McAfeeWrapperApplication"="c:\program files (x86)\McAfeeMOBK\WrapperTrayIcon.exe" [2010-12-07 453344]
    .
    Supplementary Scan
    .
    uStart Page = hxxp://www.google.co.uk/
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=ixtreme_m3720&r=173602100216p0305v1k5y47j1920p
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    TCP: DhcpNameServer = 192.168.0.1
    DPF: {0A43D7AC-D6C1-4622-B309-BF975F427C0E} - hxxps://internetbankingplus2.firstdirect.com/ibplus/frontdoorFD.cab
    FF - ProfilePath - c:\users\Debra\AppData\Roaming\Mozilla\Firefox\Profiles\a351s4p9.default\
    FF - prefs.js: browser.search.selectedEngine - Secure Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
    FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    .
    .
    .
    LOCKED REGISTRY KEYS
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Other Running Processes
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\windows\SysWOW64\rundll32.exe
    .
    **************************************************************************
    .
    Completion time: 2012-08-20 23:20:28 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-08-20 22:20
    ComboFix2.txt 2012-08-20 21:34
    .
    Pre-Run: 175,382,552,576 bytes free
    Post-Run: 175,144,747,008 bytes free
    .
    - - End Of File - - DDB1DD0CC97821A6157F913C54FE9B62
    I’m a Forum Ambassador and I support the Forum Team on the eBay, Auctions, Car Boot & Jumble Sales, Boost Your Income, Praise, Vents & Warnings, Overseas Holidays & Travel Planning , UK Holidays, Days Out & Entertainments boards. If you need any help on these boards, do let me know.. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.All views are my own and not the official line of MoneySavingExpert.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352.3K Banking & Borrowing
  • 253.7K Reduce Debt & Boost Income
  • 454.4K Spending & Discounts
  • 245.3K Work, Benefits & Business
  • 601.1K Mortgages, Homes & Bills
  • 177.6K Life & Family
  • 259.2K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture