Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Uninvited Yahoo page

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Uninvited Yahoo page

Unread postby Somersetboy1942 » December 31st, 2013, 6:28 am

I suddenly got infected by

http://uk.search.yahoo.com/?type=293224 ... got-yhp-ff

can you advise please

Thanks

John
Somersetboy1942
Active Member
 
Posts: 9
Joined: December 31st, 2013, 6:11 am
Advertisement
Register to Remove

Re: Uninvited Yahoo page

Unread postby Somersetboy1942 » December 31st, 2013, 6:48 am

Further


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by John at 10:45:47 on 2013-12-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4079.2440 [GMT 0:00]
.
AV: AVG AntiVirus 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Windows\vVX1000.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\John\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
uRun: [SearchProtection] "C:\Users\John\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\John\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{BB54AFA7-0621-4F84-8F4D-EF25D5814F3F} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [VX1000] C:\Windows\vVX1000.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\f6scdwrk.default\
FF - prefs.js: browser.startup.homepage - hxxp://uk.search.yahoo.com/?type=293224 ... got-yhp-ff
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=gr ... =293224&p=
FF - plugin: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-12-22 56336]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R2 AdobeActiveFileMonitor12.0;Adobe Active File Monitor V12;C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [2013-9-3 181152]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-20 203776]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-12 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-25 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-12-22 16152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-24 1255736]
.
=============== Created Last 30 ================
.
2013-12-29 17:32:35 -------- d-----w- C:\Program Files\McAfee Security Scan
2013-12-29 09:59:40 -------- d-----w- C:\ProgramData\Visan
2013-12-29 09:59:40 -------- d-----w- C:\ProgramData\HP Photo Creations
2013-12-29 09:59:40 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2013-12-29 09:59:29 -------- d-----w- C:\Windows\Hewlett-Packard
2013-12-27 20:01:25 -------- d-----w- C:\Windows\System32\MRT
2013-12-27 18:43:54 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-12-27 18:43:30 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-12-27 18:43:06 -------- d-----w- C:\Windows\PCHEALTH
2013-12-27 18:43:06 -------- d-----w- C:\Program Files\Microsoft SQL Server
2013-12-27 18:41:13 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-12-27 18:41:13 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-12-27 18:40:59 -------- d-----w- C:\Users\John\AppData\Local\Microsoft Help
2013-12-26 00:06:47 -------- d-----w- C:\Users\John\AppData\Local\Microsoft Games
2013-12-25 23:59:40 -------- d-----w- C:\Users\John\AppData\Roaming\Search Protection
2013-12-25 23:58:11 -------- d-----w- C:\Users\John\AppData\Roaming\uTorrent
2013-12-24 18:24:00 -------- d-----w- C:\Users\John\AppData\Local\Macromedia
2013-12-24 18:23:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-24 18:23:20 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-24 16:12:19 27136 ----a-w- C:\Windows\~GLH0001.TMP
2013-12-24 11:11:59 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2013-12-24 11:11:59 48128 ----a-w- C:\Windows\System32\imgutil.dll
2013-12-24 11:11:59 142336 ----a-w- C:\Program Files\Internet Explorer\jsdebuggeride.dll
2013-12-24 08:26:22 -------- d-----w- C:\Windows\SysWow64\Wat
2013-12-24 08:26:22 -------- d-----w- C:\Windows\System32\Wat
2013-12-24 03:52:16 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-24 03:52:16 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-24 03:52:16 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-24 03:52:15 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-24 02:45:16 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-12-24 02:20:03 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2013-12-24 01:59:52 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-12-24 01:59:52 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-12-24 01:59:51 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-12-24 01:59:51 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-12-24 01:59:51 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-12-24 01:59:51 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-12-24 01:59:51 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-12-24 01:40:31 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-12-24 01:40:31 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-12-24 01:40:31 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-12-23 09:28:54 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2013-12-23 09:27:57 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2013-12-23 09:26:59 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-12-23 09:25:54 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2013-12-23 09:24:58 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-12-23 09:23:53 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-12-23 09:22:59 723456 ----a-w- C:\Windows\System32\EncDec.dll
2013-12-23 09:07:20 77312 ----a-w- C:\Windows\System32\packager.dll
2013-12-23 09:07:20 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-12-22 18:13:55 -------- d-----w- C:\MM Map Folder
2013-12-22 17:56:31 -------- d-----w- C:\Users\John\AppData\Local\Memory-Map-License
2013-12-22 17:56:31 -------- d-----w- C:\ProgramData\Memory-Map-License
2013-12-22 17:55:37 -------- d-----w- C:\Maps_v5
2013-12-22 17:55:18 -------- d-----w- C:\Program Files (x86)\Memory-Map
2013-12-22 17:54:44 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-12-22 17:25:19 -------- d-----w- C:\Program Files\Microsoft LifeCam
2013-12-22 17:25:19 -------- d-----w- C:\Program Files (x86)\Microsoft LifeCam
2013-12-22 17:25:13 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2013-12-22 17:25:13 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2013-12-22 17:14:42 -------- d-----r- C:\Program Files (x86)\Skype
2013-12-22 16:59:22 -------- d-----w- C:\ProgramData\McAfee Security Scan
2013-12-22 15:32:03 -------- d-----w- C:\Windows\Panther
2013-12-22 15:21:06 -------- d-----w- C:\Windows.old.000
2013-12-22 10:41:51 -------- d-----w- C:\Users\John\AppData\Roaming\TrackLogs
2013-12-22 10:41:51 -------- d-----w- C:\Program Files (x86)\TrackLogs
2013-12-22 10:41:19 -------- d-----w- C:\ProgramData\TrackLogs
2013-12-22 10:22:33 -------- d-----w- C:\Users\John\AppData\Roaming\FamilyTreeMaker
2013-12-22 10:21:23 -------- d-----w- C:\Users\John\AppData\Local\IsolatedStorage
2013-12-22 10:18:35 -------- d-----w- C:\Users\John\AppData\Local\Ancestry.com
2013-12-22 10:17:34 -------- d-----w- C:\Program Files (x86)\Family Tree Maker 2012
2013-12-22 10:17:34 -------- d-----w- C:\Program Files (x86)\BCL Technologies
2013-12-22 10:17:26 -------- d-----w- C:\IExp5.tmp
2013-12-22 10:17:23 -------- d-----w- C:\Windows\RegisteredPackages
2013-12-22 10:17:23 -------- d-----w- C:\IExp4.tmp
2013-12-22 10:17:22 -------- d--h--w- C:\Windows\msdownld.tmp
2013-12-22 10:17:21 -------- d-----w- C:\Program Files (x86)\Windows Media Components
2013-12-22 10:10:47 -------- d--h--w- C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
2013-12-22 10:10:39 -------- d-----w- C:\Users\John\AppData\Local\PackageAware
2013-12-22 10:07:43 -------- d-----w- C:\ProgramData\Avanquest Software Publishing Ltd
2013-12-22 09:59:22 -------- d-----w- C:\Users\John\AppData\Roaming\AVG2014
2013-12-22 09:58:54 -------- d-----w- C:\Users\John\AppData\Roaming\TuneUp Software
2013-12-22 09:58:31 -------- d-----w- C:\ProgramData\AVG2014
2013-12-22 09:58:04 -------- d-----w- C:\Program Files (x86)\AVG
2013-12-22 09:54:50 -------- d--h--w- C:\ProgramData\Common Files
2013-12-22 09:54:50 -------- d-----w- C:\Users\John\AppData\Local\MFAData
2013-12-22 09:54:50 -------- d-----w- C:\Users\John\AppData\Local\Avg2014
2013-12-22 09:54:50 -------- d-----w- C:\ProgramData\MFAData
2013-12-22 09:25:19 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-12-22 09:25:09 56336 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2013-12-22 09:25:09 11376 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2013-12-22 09:25:09 10864 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2013-12-22 09:24:35 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2013-12-22 09:24:35 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2013-12-22 09:23:17 -------- d-----w- C:\Users\John\AppData\Local\Adobe
2013-12-22 08:58:56 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-12-22 08:58:03 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2013-12-22 08:58:01 -------- d-----w- C:\Users\John\AppData\Local\SlimWare Utilities Inc
2013-12-22 08:57:55 -------- d-----w- C:\Program Files (x86)\DriverUpdate
2013-12-22 08:49:51 0 ----a-w- C:\Windows\ativpsrm.bin
2013-12-22 08:41:24 -------- d-----w- C:\Program Files (x86)\Microsoft
2013-12-22 08:41:12 -------- d-----w- C:\Users\John\AppData\Roaming\HpUpdate
2013-12-22 08:41:03 741480 ------w- C:\Windows\System32\HPDiscoPM4812.dll
2013-12-22 08:40:39 -------- d-----w- C:\Program Files\HP
2013-12-22 08:40:39 -------- d-----w- C:\Program Files (x86)\HP
2013-12-22 08:40:37 -------- d-sh--w- C:\Windows\Installer
2013-12-22 08:40:09 -------- d-----w- C:\Users\John\AppData\Local\HP
2013-12-22 08:27:13 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-12-22 08:27:13 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-12-22 08:27:13 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-12-22 08:23:43 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-12-22 08:23:38 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-12-22 08:23:25 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-12-22 08:23:25 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-12-22 08:10:36 -------- d-----w- C:\Users\John\AppData\Local\Diagnostics
2013-12-21 08:35:19 -------- d--h--w- C:\$WINDOWS.~Q
2013-12-21 08:31:55 -------- d--h--w- C:\$INPLACE.~TR
2013-12-12 12:12:01 -------- d-----w- C:\Intel
2013-12-12 11:48:07 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-12-12 11:48:07 646248 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-12-12 11:48:07 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-12-12 11:48:06 -------- d-----w- C:\W7
2013-12-12 11:47:46 -------- d-----w- C:\HECI
2013-12-12 11:47:31 -------- d-----w- C:\INFUpdate
2013-12-12 11:46:57 -------- d-----w- C:\Realtek
2013-12-12 08:50:24 -------- d-----w- C:\IExp3.tmp
2013-12-12 08:50:22 -------- d-----w- C:\IExp2.tmp
2013-12-12 00:28:50 -------- d-----w- C:\Windows.old
.
==================== Find3M ====================
.
2013-12-24 15:59:12 27136 ----a-w- C:\Windows\~GLH0000.TMP
2013-12-24 02:34:21 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-05 21:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-11-04 21:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-10-31 23:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-10-31 22:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-24 22:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 02:16:30 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
.
============= FINISH: 10:46:18.60 ===============
Somersetboy1942
Active Member
 
Posts: 9
Joined: December 31st, 2013, 6:11 am

Re: Uninvited Yahoo page

Unread postby deltalima » December 31st, 2013, 4:37 pm

Bumping or Replying to Your Own Topic

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to or try to bump your topic.
Please submit a new log and wait for a helper to reply. Thank you for your understanding.

This topic is now closed.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 131 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware