Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Searchnu infection

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Searchnu infection

Unread postby Badkube » July 2nd, 2012, 4:19 am

Hi,

can anyone help with the removal of the searchnu redirect / virus. I've seen a few threads on here regarding it but they appear to be machine specific. Any help would be appreciated.

Regards

Keith.
Badkube
Active Member
 
Posts: 2
Joined: July 2nd, 2012, 4:16 am
Advertisement
Register to Remove

Re: Searchnu infection

Unread postby Badkube » July 2nd, 2012, 4:40 am

BTW the DDS log is as follows;


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by KWilkinson at 9:36:45 on 2012-07-02
Microsoft Windows 7 Professional 6.1.7600.0.1252.44.1033.18.3326.533 [GMT 1:00]
.
AV: AVG Anti-Virus Business Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Business Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
G:\Program Files\Retrospect\Retrospect 7.6\retrorun.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Windows\vVX3000.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Canon Electronics\P150\TouchDR.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\KWilkinson\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\KWilkinson\AppData\Local\Akamai\netsession_win.exe
C:\Users\KWilkinson\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Users\KWilkinson\AppData\Local\Akamai\netsession_win.exe
C:\Users\KWilkinson\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\System32\mobsync.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\rundll32.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Downloads\SystemLook.exe
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Windows\system32\taskhost.exe
C:\WINDOWS\notepad.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Users\KWilkinson\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.co.uk/
uDefault_Page_URL = hxxp://companyweb
uInternet Settings,ProxyOverride = <local>
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [Google Update] "c:\users\kwilkinson\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
uRun: [Akamai NetSession Interface] "c:\users\kwilkinson\appdata\local\akamai\netsession_win.exe"
uRun: [AdobeBridge]
uRun: [Spotify Web Helper] "c:\users\kwilkinson\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [P-150 CaptureOnTouch] "c:\program files\canon electronics\p150\TouchDR.exe" LOGON
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\kwilki~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\kwilkinson\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000002}\SC_Acrobat.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: RunStartupScriptSync = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office11\REFIEBAR.DLL
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.76
TCP: Interfaces\{7044975E-DD99-4803-884C-79EDD5A04931} : DhcpNameServer = 192.168.1.76
TCP: Interfaces\{AAB835BF-6F28-4456-A4CF-A7C38D07F09D} : DhcpNameServer = 192.168.1.76
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.1.0\ViProtocol.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
AppInit_DLLs:
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-14 20992]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-1-26 176128]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-6-19 3048136]
R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\common files\avg secure search\vtoolbarupdater\11.1.0\ToolbarUpdater.exe [2012-6-12 935480]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-1-26 7566848]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-1-26 238592]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2011-8-17 273448]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2009-6-17 40720]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2009-6-17 10384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-11 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-11 136176]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-9 1343400]
.
=============== File Associations ===============
.
.scr=DWGTrueViewScriptFile
.
=============== Created Last 30 ================
.
2012-07-02 08:08:56 -------- d-----w- C:\MGADiagToolOutput
2012-07-01 02:09:53 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-01 02:09:43 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-07-01 02:09:24 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-07-01 02:09:24 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-07-01 02:09:23 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-07-01 02:09:23 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-07-01 02:08:50 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-07-01 02:08:49 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-07-01 02:08:37 826368 ----a-w- c:\windows\system32\rdpcore.dll
2012-07-01 02:08:37 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-07-01 02:04:43 5120 ----a-w- c:\windows\system32\wmi.dll
2012-07-01 02:04:43 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-01 02:04:43 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-07-01 02:04:43 158720 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-01 02:04:37 2342400 ----a-w- c:\windows\system32\win32k.sys
2012-07-01 02:04:31 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-07-01 02:04:31 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2012-07-01 02:04:31 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-07-01 02:04:03 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-07-01 02:03:06 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-07-01 02:03:06 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-07-01 02:03:06 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-07-01 02:03:06 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-07-01 02:03:06 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-06-27 12:36:21 801792 ----a-w- c:\windows\system32\FntCache.dll
2012-06-27 12:36:21 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-06-27 12:36:21 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-06-27 12:36:21 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-06-27 12:36:21 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-06-27 12:36:20 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-06-27 12:36:20 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2012-06-27 12:36:20 3181568 ----a-w- c:\windows\system32\mf.dll
2012-06-27 12:36:20 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-06-27 12:36:20 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-06-27 12:36:20 107520 ----a-w- c:\windows\system32\cdd.dll
2012-06-20 09:15:56 -------- d-----w- c:\program files\iTunes
2012-06-20 09:15:56 -------- d-----w- c:\program files\iPod
2012-06-19 09:00:03 60304 ----a-w- c:\users\kwilkinson\g2mdlhlpx.exe
2012-06-19 08:46:00 -------- d-----w- c:\program files\Citrix
2012-06-12 10:54:11 -------- d-----w- c:\program files\AbleRAWer
2012-06-12 10:49:28 -------- d-----w- c:\program files\Sony
.
==================== Find3M ====================
.
2012-04-25 11:11:36 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-04-25 11:11:36 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
.
============= FINISH: 9:37:30.02 ===============
Badkube
Active Member
 
Posts: 2
Joined: July 2nd, 2012, 4:16 am

Re: Searchnu infection

Unread postby deltalima » July 2nd, 2012, 5:04 am

Business Use / Business Networked Computer
It appears you are using your computer for business purposes or connecting to a business network.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.


This topic is now closed.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 293 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware