We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
Have I picked up a virus?
wadewade
Posts: 735 Forumite
in Techie Stuff
All of a sudden when I google things I get one of two messages - sample below - have I picked up something nasty.
I've just started a security scan but with Virgin it takes ages. I mainly run Firefox.
Is there anything I can do now or shall I just wait for the scan to complete?
Reported Attack Page!
This web page at 109.206.160.232 has been reported as an attack page and has been blocked based on your security preferences.
Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
I've just started a security scan but with Virgin it takes ages. I mainly run Firefox.
Is there anything I can do now or shall I just wait for the scan to complete?
Reported Attack Page!
This web page at 109.206.160.232 has been reported as an attack page and has been blocked based on your security preferences.
Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
0
Comments
-
All of a sudden when I google things I get one of two messages - sample below - have I picked up something nasty.
I've just started a security scan but with Virgin it takes ages. I mainly run Firefox.
Is there anything I can do now or shall I just wait for the scan to complete?
Reported Attack Page!
This web page at 109.206.160.232 has been reported as an attack page and has been blocked based on your security preferences.
Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
Chrome also gives you a warning saying webpage contains malware.
If it as been flagged up then is as more than likely been stopped.
It is just a warning and unless you know the site best bet is to keep well away.
Just run a scan and that should be okay.0 -
From the looks of it your google searches are being redirected, so I would hazard a guess you are infected in some way.
Post me a DDS log - should take 2-3 minutes.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- Click Start
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)0 -
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 21/02/2011 12:13:20
System Uptime: 24/04/2013 10:31:39 (9 hours ago)
.
Motherboard: Dell Inc. | | 0WXY9J
Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz | CPU 1 | 2501/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 318.079 GiB free.
is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Photosmart B110 series
Device ID: ROOT\IMAGE\0001
Manufacturer: HP
Name: Photosmart B110 series
PNP Device ID: ROOT\IMAGE\0001
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C4700 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart B110 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Photosmart B110 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe Flash Player 10 ActiveX 64-bit
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Premiere Elements 7.0
Adobe Premiere Elements 7.0 Templates
Adobe Reader XI (11.0.02)
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
B110
Bing Bar
Bing Rewards Client Installer
BlackBerry Device Software Updater
Bonusprint
BufferChm
CardRecovery 6.10
Coupon Printer
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Driver Download Manager
Dell Getting Started Guide
Dell MusicStage
Dell Support Center
Dell VideoStage
Dell Webcam Central
Destinations
DeviceDiscovery
DirectX 9 Runtime
Driving Speed 2.0
DVD Flick 1.3.0.7
EaseUS Data Recovery Wizard 5.8.0
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPAppStudio
HPPhotoGadget
HPProductAssistant
HPSSupply
IDT Audio
ImgBurn
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Monitor
Java 7 Update 17
Java Auto Updater
Java(TM) 6 Update 22 (64-bit)
Junk Mail filter update
Live! Cam Avatar Creator
MarketResearch
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My CEWE PHOTO WORLD
Network64
PC Inspector smart recovery
PhotoShowExpress
PS_AIO_06_C4700_SW_Min
PS_AIO_07_B110_SW_Min
Quickset64
QuickTime
QuickTransfer
RBVirtualFolder64Inst
Realtek USB 2.0 Card Reader
Recuva
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup0 -
AV: Virgin Media Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Virgin Media Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Firewall Booster *Enabled* {50C2E989-60CF-0845-AFD3-290B7D301E79}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.38.58308.1\RpsSecurityAwareR.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Virgin Media\Service Manager\ServicepointService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Virgin Media\Service Manager\ServiceManager.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.38.58308.1\Rps.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [ServiceManager.exe] "C:\Program Files (x86)\Virgin Media\Service Manager\ServiceManager.exe" /AUTORUN
mRun: [Virgin Media Security] "C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.38.58308.1\RPS.exe" -set Silent "1" SplashURL ""
mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{70746B10-C11F-430B-8122-0408F41F8B26} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{70746B10-C11F-430B-8122-0408F41F8B26}\2445F40756E6A7F6E656D284 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{70746B10-C11F-430B-8122-0408F41F8B26}\45C4D22343 : DHCPNameServer = 10.59.3.1
TCP: Interfaces\{70746B10-C11F-430B-8122-0408F41F8B26}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{70746B10-C11F-430B-8122-0408F41F8B26}\54E67456E6965737 : DHCPNameServer = 71.3.0.116 76.2.127.122
TCP: Interfaces\{70746B10-C11F-430B-8122-0408F41F8B26}\641637470284F64756C6 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\xgv0wvk7.default\
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?ourmark=3&ei=utf-8&fr=nectar-tb-v2&slv8-&type=61465&p=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Virgin Media\Service Manager\nprpspa.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\31\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-04-22 17:16; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\xgv0wvk7.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF - ExtSQL: !HIDDEN! 2011-09-03 17:05; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.0 -
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-2-17 55856]
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2012-6-6 194640]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-2-17 89600]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-5-21 267480]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-17 13336]
R2 Radialpoint Security Services;Virgin Media Security;C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.38.58308.1\RpsSecurityAwareR.exe [2012-5-21 154632]
R2 ServicepointService;ServicepointService;C:\Program Files (x86)\Virgin Media\Service Manager\ServicepointService.exe [2012-5-21 10310968]
R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-5-21 67664]
R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2012-6-6 339536]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-17 2320920]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-2-17 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-17 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-2-17 172704]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-2-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-2-17 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-2-17 289280]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-31 25072]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-19 19456]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-2-17 232480]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-2-17 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-19 57856]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-23 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-04-24 07:56:31
d
w- C:\Users\Brian\AppData\Local\{55120617-7053-42FC-B581-5A8389B9EA2D}
2013-04-23 08:36:43 98304 --sha-r- C:\Windows\SysWow64\netcenteru.dll
2013-04-23 08:32:30
d
w- C:\Users\Brian\AppData\Local\{372758E8-139F-4CEC-AADC-A924BE53C333}
2013-04-22 20:27:37
d
w- C:\Users\Brian\AppData\Local\{7FB2D714-A132-4510-9295-E9099431B591}
2013-04-22 08:27:12
d
w- C:\Users\Brian\AppData\Local\{60A308EB-239A-4A84-A918-D90B29DA9D4E}
2013-04-21 20:26:47
d
w- C:\Users\Brian\AppData\Local\{57EC31FB-0CC1-4B03-AC3B-F436F54E5E1A}
2013-04-21 08:26:23
d
w- C:\Users\Brian\AppData\Local\{2ECBCD13-70E1-4A28-A4AE-AAA3DD1BC6AC}
2013-04-20 07:08:18
d
w- C:\Users\Brian\AppData\Local\{55867546-A310-40A2-888A-1BE733E363F3}
2013-04-19 10:46:19
d
w- C:\Users\Brian\AppData\Local\{C491A547-FB47-4A19-8F5D-EB1469676BE6}
2013-04-18 09:35:37
d
w- C:\Users\Brian\AppData\Local\{89376AB9-DF20-4F70-8EE6-8F3793B4DDD9}
2013-04-17 09:35:00
d
w- C:\Users\Brian\AppData\Local\{5724AE8A-D66B-4A48-9814-F1D81DBCE6A9}
2013-04-16 07:21:21
d
w- C:\Users\Brian\AppData\Local\{76F619F9-E883-4D81-966D-998941BF3617}
2013-04-15 06:18:00
d
w- C:\Users\Brian\AppData\Local\{4D5E969B-F7E4-4A3F-BD28-3F258E6403CA}
2013-04-14 15:06:57
d
w- C:\Users\Brian\AppData\Local\{0649A463-DBDC-4221-B114-2DB981274FD7}
2013-04-13 07:53:29
d
w- C:\Users\Brian\AppData\Local\{51F3EBE9-3166-4070-B2F4-100BBFD8424C}
2013-04-12 12:03:13
d
w- C:\Users\Brian\AppData\Local\{3B65899F-FAC1-4470-A5BA-48CFFAD1CBC8}
2013-04-11 08:14:43
d
w- C:\Users\Brian\AppData\Local\{0758A890-4BD4-44A4-9C9E-E3D9116EA75E}
2013-04-10 17:05:20 163088 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10143.bin
2013-04-10 06:09:02
d
w- C:\Users\Brian\AppData\Local\{A2CF048B-6DCA-4D54-95E8-27BD153624F3}
2013-04-10 05:38:57 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 05:38:56 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 05:38:55 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 05:38:53 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 05:38:52 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 05:38:52 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 05:38:52 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-10 05:38:51 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 05:38:51 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-09 06:08:25
d
w- C:\Users\Brian\AppData\Local\{561D0627-DB23-4AF3-B653-974FDF11E4FB}
2013-04-08 08:07:41
d
w- C:\Users\Brian\AppData\Local\{59B53879-3E96-4FB6-9E40-B0A418E6545A}
2013-04-07 15:06:52
d
w- C:\Users\Brian\AppData\Local\{20046232-C347-4E25-B540-D94D13D3CB3D}
2013-04-06 08:40:58
d
w- C:\Users\Brian\AppData\Local\{5F5B2869-8745-44CA-ABC3-52A6A5A213C0}
2013-04-05 07:34:06
d
w- C:\Users\Brian\AppData\Local\{73E4C54A-11A4-497B-8392-66B9C41C3694}
2013-04-04 08:54:42
d
w- C:\Users\Brian\AppData\Local\{47F261C0-4B3E-4F55-A7B8-028CB3C0E887}
2013-04-03 08:54:05
d
w- C:\Users\Brian\AppData\Local\{BF43853A-2065-42FD-BC2C-D677CA870054}
2013-04-02 08:21:13
d
w- C:\Users\Brian\AppData\Local\{D0360CFF-7D67-42AB-A631-5E5EE4B73B30}
2013-04-01 07:57:18
d
w- C:\Users\Brian\AppData\Local\{BD91FC0D-C243-4000-9548-20DDA8C8DA9A}
2013-03-31 14:37:20
d
w- C:\Users\Brian\AppData\Local\{A0DDC804-01E5-4097-A1CF-D8AF3797F9CB}
2013-03-30 10:05:47
d
w- C:\Users\Brian\AppData\Local\{422B5613-31C9-4E9A-938B-C710FE71AD72}
2013-03-29 14:51:25
d
w- C:\Users\Brian\AppData\Local\{3635032A-E388-49C0-B94D-63197E9594EC}
2013-03-28 08:55:27
d
w- C:\Users\Brian\AppData\Local\{FD263239-21F7-4D1E-81D2-48496C61A759}
2013-03-27 12:55:21
d
w- C:\Users\Brian\AppData\Local\{D552D009-44AF-43FD-98A5-67C9588DBF83}
2013-03-26 09:42:33
d
w- C:\Users\Brian\AppData\Local\{3904C3C0-E863-40CB-8F0C-4D890254C0E0}
.
==================== Find3M ====================
.
2013-04-07 15:08:03 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-07 15:08:03 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-22 09:09:26 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-22 09:09:25 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-03-22 09:09:25 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll
2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.0 -
I think I might have missed a bit in the middle when I was chopping it into sections. If I've messed it up, I'll try again!0
-
If a website has been hacked and reported to your virus software vendor then they often add the warning and stop you from going to the infected website. Many companies may be unaware that they may have been hacked, and may take a few days to remove any threats.
If you are still unsure Google Hitman Pro and run a free scan of your computer.
Regards
Tav0 -
I tried Hitman Pro and it showed 19 traces and 270 items, tracking, etc.
A quick trial suggests this has fixed the problem but I'll confirm this over the next few days.
Many thanks for your suggestion.
Only problem at the moment is that my usual Firefox opening page and search facility has been replaced by google and the following logo. I can't see any tools to change it back at the moment.
0 -
The most likely candidate:
2013-04-23 08:36:43 98304 --sha-r- C:\Windows\SysWow64\netcenteru.dll
If it isn't resolved, go here and read through the instructions for downloading and running ComboFix:
Bleeping Computer ComboFix Tutorial- IMPORTANT! Ensure you temporarily turn off your antivirus before downloading & running.
Instructions here - Save combofix to your desktop.
- Double click combofix.exe & follow the prompts closely.
- Combofix may reboot the PC several times.
- When it's finished, it will automatically produce a log. Post the contents of that log.
- It can also be found on your C:\ drive named combofix.txt
0 - IMPORTANT! Ensure you temporarily turn off your antivirus before downloading & running.
-
m*x* dj, 2nd time this month on here and also around the same date.
https://forums.moneysavingexpert.com/discussion/4552409Move along, nothing to see.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 348.6K Banking & Borrowing
- 252.2K Reduce Debt & Boost Income
- 452.5K Spending & Discounts
- 241.3K Work, Benefits & Business
- 617.8K Mortgages, Homes & Bills
- 175.8K Life & Family
- 254.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards