Jump to content

Stevehaigh

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Borislav, I thank you for your offer, I made the mistake of posting into another persons thread and therefore I followed the instructions for that person, provided by MrCharlie. I have managed to get rid of Conduit thank you very much, I have checked and there does not seem to be anything nasty on my system anymore. Again, I thank you for your offer. Steve.
  2. I have set Google as my browser search, but if I open a second Tab, I get a Conduit search instead. Attach details UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Enterprise Boot Device: \Device\HarddiskVolume1 Install Date: 15/02/2013 19:11:35 System Uptime: 24/01/2014 21:04:19 (16 hours ago) . Motherboard: LENOVO | | 44444WG Processor: Intel® Core i3 CPU M 380 @ 2.53GHz | CPU 1 | 2527/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 67.029 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP196: 01/01/2014 15:02:22 - New Year 2014 RP197: 02/01/2014 03:00:15 - Windows Update RP198: 05/01/2014 03:31:56 - Windows Update RP199: 09/01/2014 08:01:19 - Windows Update RP200: 09/01/2014 14:41:46 - Windows Modules Installer RP201: 13/01/2014 08:16:59 - Windows Update RP202: 15/01/2014 14:44:03 - Windows Update RP203: 18/01/2014 16:49:38 - Windows Update RP204: 21/01/2014 19:49:13 - Windows Update RP205: 24/01/2014 14:07:43 - Installed Java 7 Update 51 RP206: 24/01/2014 21:17:33 - Windows Update RP207: 25/01/2014 10:50:52 - Pre Malware removal . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer 7-zip v9.20 Adobe Digital Editions 2.0 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.06) Advanced Monitoring Agent Basic Operation Guide EPSON SX440 Series CDBurnerXP Certiport Browser Lockdown 3 Certiport Embedded Browser Certiport Exam Service Cisco Connect Dropbox EPSON BX525WD Series Manual EPSON BX525WD Series Network Guide EPSON BX525WD Series Printer Uninstall Epson Download Navigator Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) Epson Event Manager EPSON Scan EPSON StandardBusinessPrinters Printer Uninstall EPSON SX420W Series Manual EPSON SX420W Series Network Guide EPSON SX420W Series Printer Uninstall EPSON SX440 Series Printer Uninstall EPSON SX510W Series Printer Uninstall EpsonNet Print EpsonNet Setup 3.3 FileZilla Client 3.7.1 FreeMind Google Update Helper Integrated Camera Driver Installer Package Ver.1.0.1.9 Integrated Camera TWAIN Intel® Graphics Media Accelerator Driver iQsystem 7.001 English Java 7 Update 51 Java Auto Updater JMicron Flash Media Controller Driver KeePass Password Safe 2.22 Lenovo Power Management Driver Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET-keretrendszer 4.5.1 (magyar) Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (?????) Microsoft .NET Framework 4.5.1 (???????) Microsoft .NET Framework 4.5.1 (????????) Microsoft .NET Framework 4.5.1 (ARA) Microsoft .NET Framework 4.5.1 (ceština) Microsoft .NET Framework 4.5.1 (CSY) Microsoft .NET Framework 4.5.1 (DEU) Microsoft .NET Framework 4.5.1 (Deutsch) Microsoft .NET Framework 4.5.1 (ELL) Microsoft .NET Framework 4.5.1 (ESN) Microsoft .NET Framework 4.5.1 (español) Microsoft .NET Framework 4.5.1 (FIN) Microsoft .NET Framework 4.5.1 (FRA) Microsoft .NET Framework 4.5.1 (Français) Microsoft .NET Framework 4.5.1 (HEB) Microsoft .NET Framework 4.5.1 (HUN) Microsoft .NET Framework 4.5.1 (ITA) Microsoft .NET Framework 4.5.1 (Italiano) Microsoft .NET Framework 4.5.1 (KOR) Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft .NET Framework 4.5.1 (NOR) Microsoft .NET Framework 4.5.1 (suomi) Microsoft .NET Framework 4.5.1 (SVE) Microsoft .NET Framework 4.5.1 (svenska) Microsoft .NET Framework 4.5.1(???) Microsoft .NET Framework 4.5.1, norsk språkpakke Microsoft Lync 2010 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Visio 2007 Service Pack 3 (SP3) Microsoft Office Visio MUI (English) 2007 Microsoft Office Visio Professional 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Mozilla Firefox 26.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NEC Electronics USB 3.0 Host Controller Driver Network Guide EPSON SX440 Series Olympus Sonority OpenOffice 4.0.0 OpenOffice Packages Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Renesas Electronics USB 3.0 Host Controller Driver Secure Download Manager SecureAssess Central - SecureClient_E-VOLVE Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Visio 2007 suites (KB2596595) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition SolidConverterPDF SolidWordAddIn SolitaireMahjong 1.3.1 Switch Sound File Converter ThinkPad Bluetooth with Enhanced Data Rate Software ThinkPad UltraNav Driver Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Visio 2007 Help (KB963666) Update for Microsoft Office Word 2007 Help (KB963665) User's Guide EPSON SX440 Series ViewSonic Windows 7 x64 Signed Files Visual CertExam Suite Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player 2.1.2 Vodafone Mobile Connect Lite WatchGuard Mobile VPN Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) Xmarks for IE YTD Video Downloader 3.9.6 . ==== Event Viewer Messages From Past Week ======== . 24/01/2014 23:00:40, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. 24/01/2014 21:11:26, Error: Service Control Manager [7022] - The Windows Search service hung on starting. 24/01/2014 21:07:42, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 24/01/2014 21:05:39, Error: Service Control Manager [7000] - The Advanced Monitoring Agent service failed to start due to the following error: The system cannot find the file specified. 24/01/2014 21:05:36, Error: Microsoft-Windows-GroupPolicy [1055] - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller). 24/01/2014 21:05:32, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain ITACADEMY due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. 24/01/2014 21:03:39, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 24/01/2014 21:03:39, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure. 24/01/2014 21:03:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56} 23/01/2014 16:51:39, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 252. . ==== End Of File =========================== DDS file DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: BrowserJavaVersion: 10.51.2 Run by haighs at 13:27:59 on 2014-01-25 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.44.1033.18.7988.5633 [GMT 0:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Certiport\Certiport Exam Service\CPExamSvc.exe C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpclcfg.exe C:\Program Files (x86)\WatchGuard\Mobile VPN\ncprwsnt.exe C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpsec.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe C:\Windows\System32\tcpsvcs.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe C:\Users\haighs\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Microsoft Lync\communicator.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\WatchGuard\Mobile VPN\NCPMON.exe C:\Program Files (x86)\Microsoft Lync\UcMapi.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe, BHO: Solid Converter PDF: {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Solid Converter PDF: {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll uRun: [EPSON BX525WD Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGAU.EXE /FU "C:\Users\haighs\AppData\Local\Temp\E_SF18F.tmp" /EF "HKCU" uRun: [Xmarks] C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe -q mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [NcpBudgetGui] "C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe" -start mRun: [NcpPopup] "C:\Program Files (x86)\WatchGuard\Mobile VPN\ncppopup.exe" noerrmsg mRun: [NcpMonitor] "C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpmon.exe" autorun StartupFolder: C:\Users\haighs\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\haighs\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\haighs\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DEVICE~1.LNK - C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoStartMenuMyGames = dword:1 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: RunStartupScriptSync = dword:1 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm Trusted Zone: certiport.com TCP: NameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42} : DHCPNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42}\05F4C454341445 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42}\244584572633D273754553 : DHCPNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42}\34963736F61443431363 : DHCPNameServer = 192.168.241.2 192.168.1.1 TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42}\45563686E6963616C6 : DHCPNameServer = 10.0.32.250 192.168.1.1 TCP: Interfaces\{527C6C37-9DD6-4132-8AE1-6EF744402F76} : DHCPNameServer = 192.168.241.2 TCP: Interfaces\{843DB42B-70EC-4807-B54B-98ECD4B8D188} : DHCPNameServer = 88.82.13.12 88.82.13.12 SSODL: WebCheck - <orphaned> x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> Hosts: 10.35.10.11 intranet Hosts: 86.12.142.173 virtualacademy.remit.co.uk . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\haighs\AppData\Roaming\Mozilla\Firefox\Profiles\jfsn9g2s.default\ FF - prefs.js: browser.search.selectedEngine - Conduit Search FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944] R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2013-2-19 167040] R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2014-1-1 54824] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2014-1-1 35104] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2013-2-19 158976] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-2-19 317440] R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2013-2-19 174168] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-24 25928] R3 ncplelhp;WatchGuard Secure Client NDIS6 Driver;C:\Windows\System32\drivers\ncplelhp.sys [2013-2-19 151272] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-2-19 766096] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-3-9 1098784] R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-2-19 44344] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2013-4-30 133632] S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\System32\drivers\ewusbfake.sys [2013-4-30 114304] S3 ncpfilt;WatchGuard Filter;C:\Windows\System32\drivers\ncplelhp.sys [2013-2-19 151272] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-15 19456] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-1-15 29696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-1-15 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-1-15 30208] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] . =============== File Associations =============== . ShellExec: solidconverterpdf.exe: open="C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\solidconverterpdf.exe" ShellExec: solidconverterpdfopenwith.exe: open="C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\solidconverterpdf.exe" -i "%1" -z -w x ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L" . =============== Created Last 30 ================ . 2014-01-24 21:20:37 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5044CB99-82DE-4C6D-AF77-FF31BEC7C130}\mpengine.dll 2014-01-24 16:55:51 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-24 16:55:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-24 14:39:49 -------- d-----w- C:\Program Files (x86)\NCH Software 2014-01-24 14:39:44 -------- d-----w- C:\Users\haighs\AppData\Roaming\NCH Software 2014-01-24 14:25:02 -------- d-----w- C:\Users\haighs\AppData\Local\SearchProtect 2014-01-24 14:13:16 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-01-24 14:06:41 -------- d-----w- C:\Users\haighs\Library 2014-01-23 16:51:59 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2014-01-23 16:51:59 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1274562F-4C36-48DD-9B3F-C954186EA41F}\gapaengine.dll 2014-01-23 16:51:38 10315576 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2014-01-21 14:12:33 -------- d-----w- C:\ProgramData\Visual CertExam Suite 2014-01-15 10:57:03 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-01-15 10:57:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-15 10:57:03 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-15 10:57:03 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-15 10:57:03 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-15 10:57:03 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-01-15 10:57:03 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-15 10:57:01 3156480 ----a-w- C:\Windows\System32\win32k.sys 2014-01-15 10:55:55 376768 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-01-09 10:56:59 -------- d-----w- C:\Users\haighs\AppData\Local\Macromedia 2014-01-08 13:36:57 -------- d-----w- C:\Users\haighs\AppData\Roaming\Malwarebytes 2014-01-08 13:36:42 -------- d-----w- C:\ProgramData\Malwarebytes 2014-01-01 21:33:13 55296 ----a-w- C:\Windows\System32\admwprox.dll 2014-01-01 21:33:13 192000 ----a-w- C:\Windows\System32\iisRtl.dll 2014-01-01 21:33:13 154624 ----a-w- C:\Windows\SysWow64\iisRtl.dll 2014-01-01 21:33:12 50688 ----a-w- C:\Windows\SysWow64\admwprox.dll 2014-01-01 21:33:12 16896 ----a-w- C:\Windows\System32\iisreset.exe 2014-01-01 21:33:11 60928 ----a-w- C:\Windows\System32\ahadmin.dll 2014-01-01 21:33:11 26624 ----a-w- C:\Windows\SysWow64\ahadmin.dll 2014-01-01 21:33:11 15360 ----a-w- C:\Windows\SysWow64\iisreset.exe 2014-01-01 21:33:11 14848 ----a-w- C:\Windows\System32\wamregps.dll 2014-01-01 21:33:11 11264 ----a-w- C:\Windows\System32\iisrstap.dll 2014-01-01 21:33:11 10752 ----a-w- C:\Windows\SysWow64\wamregps.dll 2014-01-01 21:33:10 8192 ----a-w- C:\Windows\SysWow64\iisrstap.dll 2014-01-01 14:03:38 -------- d-----w- C:\Windows\Migration 2014-01-01 13:57:51 -------- d-----w- C:\Users\haighs\AppData\Local\Broadcom 2014-01-01 13:53:05 35104 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys 2014-01-01 13:53:04 21288 ----a-w- C:\Windows\System32\drivers\btwrchid.sys 2014-01-01 13:53:04 132648 ----a-w- C:\Windows\System32\drivers\btwavdt.sys 2014-01-01 13:53:03 98344 ----a-w- C:\Windows\System32\drivers\btwaudio.sys 2014-01-01 13:50:21 -------- d-----w- C:\Program Files\ThinkPad 2014-01-01 13:49:23 54824 ----a-w- C:\Windows\System32\drivers\btusbflt.sys 2014-01-01 12:29:28 -------- d-----w- C:\Windows\SysWow64\BestPractices 2014-01-01 12:29:12 -------- d-----w- C:\Windows\System32\BestPractices 2014-01-01 12:28:52 -------- d-----w- C:\inetpub 2013-12-28 20:34:51 -------- d-----w- C:\Users\haighs\.android 2013-12-28 20:34:49 -------- d-----w- C:\Users\haighs\AppData\Local\cache 2013-12-28 20:34:45 -------- d-----w- C:\Users\haighs\AppData\Local\genienext 2013-12-28 20:33:31 -------- d-----w- C:\Users\haighs\AppData\Local\Mobogenie 2013-12-28 20:24:59 -------- d-----w- C:\Users\haighs\AppData\Roaming\UpdaterEX 2013-12-28 20:24:59 -------- d-----w- C:\Program Files (x86)\Mobogenie . ==================== Find3M ==================== . 2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe 2013-12-11 01:04:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-12-11 01:04:55 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-12-11 01:04:44 9272200 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll 2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll 2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll 2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-11-11 11:22:20 66856 ----a-w- C:\Windows\System32\ibmpmsvc.exe 2013-11-11 11:22:20 60712 ----a-w- C:\Windows\System32\ibmpmctl.exe 2013-11-11 11:22:20 54528 ----a-w- C:\Windows\System32\drivers\ibmpmdrv.sys 2013-11-11 11:22:20 40232 ----a-w- C:\Windows\System32\tpinspm.dll 2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll 2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll . ============= FINISH: 13:30:03.33 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.