Jump to content

I seem to have an issue with Conduit when browsing


Recommended Posts

I have set Google as my browser search, but if I open a second Tab, I get a Conduit search instead.

 

 

Attach details

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Enterprise
Boot Device: \Device\HarddiskVolume1
Install Date: 15/02/2013 19:11:35
System Uptime: 24/01/2014 21:04:19 (16 hours ago)
.
Motherboard: LENOVO |  | 44444WG
Processor: Intel® Core i3 CPU       M 380  @ 2.53GHz | CPU 1 | 2527/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 67.029 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP196: 01/01/2014 15:02:22 - New Year 2014
RP197: 02/01/2014 03:00:15 - Windows Update
RP198: 05/01/2014 03:31:56 - Windows Update
RP199: 09/01/2014 08:01:19 - Windows Update
RP200: 09/01/2014 14:41:46 - Windows Modules Installer
RP201: 13/01/2014 08:16:59 - Windows Update
RP202: 15/01/2014 14:44:03 - Windows Update
RP203: 18/01/2014 16:49:38 - Windows Update
RP204: 21/01/2014 19:49:13 - Windows Update
RP205: 24/01/2014 14:07:43 - Installed Java 7 Update 51
RP206: 24/01/2014 21:17:33 - Windows Update
RP207: 25/01/2014 10:50:52 - Pre Malware removal
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
7-zip v9.20
Adobe Digital Editions 2.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.06)
Advanced Monitoring Agent
Basic Operation Guide EPSON SX440 Series
CDBurnerXP
Certiport Browser Lockdown 3
Certiport Embedded Browser
Certiport Exam Service
Cisco Connect
Dropbox
EPSON BX525WD Series Manual
EPSON BX525WD Series Network Guide
EPSON BX525WD Series Printer Uninstall
Epson Download Navigator
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Event Manager
EPSON Scan
EPSON StandardBusinessPrinters Printer Uninstall
EPSON SX420W Series Manual
EPSON SX420W Series Network Guide
EPSON SX420W Series Printer Uninstall
EPSON SX440 Series Printer Uninstall
EPSON SX510W Series Printer Uninstall
EpsonNet Print
EpsonNet Setup 3.3
FileZilla Client 3.7.1
FreeMind
Google Update Helper
Integrated Camera Driver Installer Package Ver.1.0.1.9
Integrated Camera TWAIN
Intel® Graphics Media Accelerator Driver
iQsystem 7.001 English
Java 7 Update 51
Java Auto Updater
JMicron Flash Media Controller Driver
KeePass Password Safe 2.22
Lenovo Power Management Driver
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET-keretrendszer 4.5.1 (magyar)
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (?????)
Microsoft .NET Framework 4.5.1 (???????)
Microsoft .NET Framework 4.5.1 (????????)
Microsoft .NET Framework 4.5.1 (ARA)
Microsoft .NET Framework 4.5.1 (ceština)
Microsoft .NET Framework 4.5.1 (CSY)
Microsoft .NET Framework 4.5.1 (DEU)
Microsoft .NET Framework 4.5.1 (Deutsch)
Microsoft .NET Framework 4.5.1 (ELL)
Microsoft .NET Framework 4.5.1 (ESN)
Microsoft .NET Framework 4.5.1 (español)
Microsoft .NET Framework 4.5.1 (FIN)
Microsoft .NET Framework 4.5.1 (FRA)
Microsoft .NET Framework 4.5.1 (Français)
Microsoft .NET Framework 4.5.1 (HEB)
Microsoft .NET Framework 4.5.1 (HUN)
Microsoft .NET Framework 4.5.1 (ITA)
Microsoft .NET Framework 4.5.1 (Italiano)
Microsoft .NET Framework 4.5.1 (KOR)
Microsoft .NET Framework 4.5.1 (Nederlands)
Microsoft .NET Framework 4.5.1 (NLD)
Microsoft .NET Framework 4.5.1 (NOR)
Microsoft .NET Framework 4.5.1 (suomi)
Microsoft .NET Framework 4.5.1 (SVE)
Microsoft .NET Framework 4.5.1 (svenska)
Microsoft .NET Framework 4.5.1(???)
Microsoft .NET Framework 4.5.1, norsk språkpakke
Microsoft Lync 2010
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NEC Electronics USB 3.0 Host Controller Driver
Network Guide EPSON SX440 Series
Olympus Sonority
OpenOffice 4.0.0
OpenOffice Packages
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Secure Download Manager
SecureAssess Central - SecureClient_E-VOLVE
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Visio 2007 suites (KB2596595) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
SolidConverterPDF
SolidWordAddIn
SolitaireMahjong 1.3.1
Switch Sound File Converter
ThinkPad Bluetooth with Enhanced Data Rate Software
ThinkPad UltraNav Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guide EPSON SX440 Series
ViewSonic Windows 7 x64 Signed Files
Visual CertExam Suite
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.2
Vodafone Mobile Connect Lite
WatchGuard Mobile VPN
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
Xmarks for IE
YTD Video Downloader 3.9.6
.
==== Event Viewer Messages From Past Week ========
.
24/01/2014 23:00:40, Error: Microsoft-Windows-GroupPolicy [1129]  - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
24/01/2014 21:11:26, Error: Service Control Manager [7022]  - The Windows Search service hung on starting.
24/01/2014 21:07:42, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
24/01/2014 21:05:39, Error: Service Control Manager [7000]  - The Advanced Monitoring Agent service failed to start due to the following error:  The system cannot find the file specified.
24/01/2014 21:05:36, Error: Microsoft-Windows-GroupPolicy [1055]  - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:  a) Name Resolution failure on the current domain controller.  b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
24/01/2014 21:05:32, Error: NETLOGON [5719]  - This computer was not able to set up a secure session with a domain controller in domain ITACADEMY due to the following:  There are currently no logon servers available to service the logon request.  This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.   ADDITIONAL INFO  If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
24/01/2014 21:03:39, Error: Service Control Manager [7038]  - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
24/01/2014 21:03:39, Error: Service Control Manager [7000]  - The UPnP Device Host service failed to start due to the following error:  The service did not start due to a logon failure.
24/01/2014 21:03:39, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
23/01/2014 16:51:39, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
.
==== End Of File ===========================
 

 

DDS file

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer:   BrowserJavaVersion: 10.51.2
Run by haighs at 13:27:59 on 2014-01-25
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.44.1033.18.7988.5633 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Certiport\Certiport Exam Service\CPExamSvc.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpclcfg.exe
C:\Program Files (x86)\WatchGuard\Mobile VPN\ncprwsnt.exe
C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpsec.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
C:\Users\haighs\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Microsoft Lync\communicator.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\WatchGuard\Mobile VPN\NCPMON.exe
C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uSearch Bar = Preserve

mWinlogon: Userinit = userinit.exe,
BHO: Solid Converter PDF: {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Solid Converter PDF: {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
uRun: [EPSON BX525WD Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGAU.EXE /FU "C:\Users\haighs\AppData\Local\Temp\E_SF18F.tmp" /EF "HKCU"
uRun: [Xmarks] C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe -q
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [NcpBudgetGui] "C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe" -start
mRun: [NcpPopup] "C:\Program Files (x86)\WatchGuard\Mobile VPN\ncppopup.exe" noerrmsg
mRun: [NcpMonitor] "C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpmon.exe" autorun
StartupFolder: C:\Users\haighs\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\haighs\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\haighs\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DEVICE~1.LNK - C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoStartMenuMyGames = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: RunStartupScriptSync = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: certiport.com



TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42}\05F4C454341445 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42}\244584572633D273754553 : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42}\34963736F61443431363 : DHCPNameServer = 192.168.241.2 192.168.1.1
TCP: Interfaces\{121AF323-A410-4BDE-95E6-C0DA057ACB42}\45563686E6963616C6 : DHCPNameServer = 10.0.32.250 192.168.1.1
TCP: Interfaces\{527C6C37-9DD6-4132-8AE1-6EF744402F76} : DHCPNameServer = 192.168.241.2
TCP: Interfaces\{843DB42B-70EC-4807-B54B-98ECD4B8D188} : DHCPNameServer = 88.82.13.12 88.82.13.12
SSODL: WebCheck - <orphaned>

x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 10.35.10.11        intranet
Hosts: 86.12.142.173        virtualacademy.remit.co.uk
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\haighs\AppData\Roaming\Mozilla\Firefox\Profiles\jfsn9g2s.default\
FF - prefs.js: browser.search.selectedEngine - Conduit Search

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2013-2-19 167040]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2014-1-1 54824]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2014-1-1 35104]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2013-2-19 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-2-19 317440]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2013-2-19 174168]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-24 25928]
R3 ncplelhp;WatchGuard Secure Client NDIS6 Driver;C:\Windows\System32\drivers\ncplelhp.sys [2013-2-19 151272]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-2-19 766096]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-3-9 1098784]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-2-19 44344]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2013-4-30 133632]
S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\System32\drivers\ewusbfake.sys [2013-4-30 114304]
S3 ncpfilt;WatchGuard Filter;C:\Windows\System32\drivers\ncplelhp.sys [2013-2-19 151272]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-15 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-1-15 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-1-15 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-1-15 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== File Associations ===============
.
ShellExec: solidconverterpdf.exe: open="C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\solidconverterpdf.exe"
ShellExec: solidconverterpdfopenwith.exe: open="C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\solidconverterpdf.exe"  -i "%1" -z -w x
ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L"
.
=============== Created Last 30 ================
.
2014-01-24 21:20:37    10315576    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5044CB99-82DE-4C6D-AF77-FF31BEC7C130}\mpengine.dll
2014-01-24 16:55:51    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-01-24 16:55:51    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-24 14:39:49    --------    d-----w-    C:\Program Files (x86)\NCH Software
2014-01-24 14:39:44    --------    d-----w-    C:\Users\haighs\AppData\Roaming\NCH Software
2014-01-24 14:25:02    --------    d-----w-    C:\Users\haighs\AppData\Local\SearchProtect
2014-01-24 14:13:16    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-24 14:06:41    --------    d-----w-    C:\Users\haighs\Library
2014-01-23 16:51:59    965000    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-23 16:51:59    965000    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1274562F-4C36-48DD-9B3F-C954186EA41F}\gapaengine.dll
2014-01-23 16:51:38    10315576    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-21 14:12:33    --------    d-----w-    C:\ProgramData\Visual CertExam Suite
2014-01-15 10:57:03    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 10:57:03    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-01-15 10:57:03    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-01-15 10:57:03    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-01-15 10:57:03    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-01-15 10:57:03    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 10:57:03    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2014-01-15 10:57:01    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-01-15 10:55:55    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-01-09 10:56:59    --------    d-----w-    C:\Users\haighs\AppData\Local\Macromedia
2014-01-08 13:36:57    --------    d-----w-    C:\Users\haighs\AppData\Roaming\Malwarebytes
2014-01-08 13:36:42    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-01-01 21:33:13    55296    ----a-w-    C:\Windows\System32\admwprox.dll
2014-01-01 21:33:13    192000    ----a-w-    C:\Windows\System32\iisRtl.dll
2014-01-01 21:33:13    154624    ----a-w-    C:\Windows\SysWow64\iisRtl.dll
2014-01-01 21:33:12    50688    ----a-w-    C:\Windows\SysWow64\admwprox.dll
2014-01-01 21:33:12    16896    ----a-w-    C:\Windows\System32\iisreset.exe
2014-01-01 21:33:11    60928    ----a-w-    C:\Windows\System32\ahadmin.dll
2014-01-01 21:33:11    26624    ----a-w-    C:\Windows\SysWow64\ahadmin.dll
2014-01-01 21:33:11    15360    ----a-w-    C:\Windows\SysWow64\iisreset.exe
2014-01-01 21:33:11    14848    ----a-w-    C:\Windows\System32\wamregps.dll
2014-01-01 21:33:11    11264    ----a-w-    C:\Windows\System32\iisrstap.dll
2014-01-01 21:33:11    10752    ----a-w-    C:\Windows\SysWow64\wamregps.dll
2014-01-01 21:33:10    8192    ----a-w-    C:\Windows\SysWow64\iisrstap.dll
2014-01-01 14:03:38    --------    d-----w-    C:\Windows\Migration
2014-01-01 13:57:51    --------    d-----w-    C:\Users\haighs\AppData\Local\Broadcom
2014-01-01 13:53:05    35104    ----a-w-    C:\Windows\System32\drivers\btwl2cap.sys
2014-01-01 13:53:04    21288    ----a-w-    C:\Windows\System32\drivers\btwrchid.sys
2014-01-01 13:53:04    132648    ----a-w-    C:\Windows\System32\drivers\btwavdt.sys
2014-01-01 13:53:03    98344    ----a-w-    C:\Windows\System32\drivers\btwaudio.sys
2014-01-01 13:50:21    --------    d-----w-    C:\Program Files\ThinkPad
2014-01-01 13:49:23    54824    ----a-w-    C:\Windows\System32\drivers\btusbflt.sys
2014-01-01 12:29:28    --------    d-----w-    C:\Windows\SysWow64\BestPractices
2014-01-01 12:29:12    --------    d-----w-    C:\Windows\System32\BestPractices
2014-01-01 12:28:52    --------    d-----w-    C:\inetpub
2013-12-28 20:34:51    --------    d-----w-    C:\Users\haighs\.android
2013-12-28 20:34:49    --------    d-----w-    C:\Users\haighs\AppData\Local\cache
2013-12-28 20:34:45    --------    d-----w-    C:\Users\haighs\AppData\Local\genienext
2013-12-28 20:33:31    --------    d-----w-    C:\Users\haighs\AppData\Local\Mobogenie
2013-12-28 20:24:59    --------    d-----w-    C:\Users\haighs\AppData\Roaming\UpdaterEX
2013-12-28 20:24:59    --------    d-----w-    C:\Program Files (x86)\Mobogenie
.
==================== Find3M  ====================
.
2014-01-19 07:33:29    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2013-12-11 01:04:55    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 01:04:55    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-11 01:04:44    9272200    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-11 11:22:20    66856    ----a-w-    C:\Windows\System32\ibmpmsvc.exe
2013-11-11 11:22:20    60712    ----a-w-    C:\Windows\System32\ibmpmctl.exe
2013-11-11 11:22:20    54528    ----a-w-    C:\Windows\System32\drivers\ibmpmdrv.sys
2013-11-11 11:22:20    40232    ----a-w-    C:\Windows\System32\tpinspm.dll
2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
.
============= FINISH: 13:30:03.33 ===============
 

Link to post
Share on other sites

Hello Stevehaigh! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall this application: Xmarks for IE

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Borislav,

 

I thank you for your offer, I made the mistake of posting into another persons thread and therefore I followed the instructions for that person, provided by MrCharlie.

 

 

I have managed to get rid of Conduit thank you very much, I have checked and there does not seem to be anything nasty on my system anymore.

 

Again, I thank you for your offer.

 

Steve.

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.