Hello,
Today I was looking up some information on terminal blocks to help my 12 year old with his electronics project.
I put 'using a terminal block for children' into google search.
One of the entries was labelled 'Terminal Block Electrical' the address underneath was
'smokers news.com/refer/terminal-block-electrical'- I am not sure if this will act as a link once I post so I have put a space between the smokers and the news which was one word. (I didn't notice the address at the time just looked at the title)
When I clicked on 'Terminal Block Electrical' I was greeted with an obscene photo and found I had been taken to a porn site. The site name in my history is Sex datings in Adelaide (this is where I live).
Here is the dds and I have attached the attach and the ark.text. I have access to a windows install disc.
I am sorry to say that I had a similar problem mid 2009 which you helped me fix. I do hope you can help this time also. Since then a lot of things have changed and I may not have the appropriate security.
Thankyou
Cathy
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2
Run by Catherine at 16:51:40 on 2013-03-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.61.1033.18.2047.895 [GMT 10.5:30]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Advanced System Protector\advancedsystemprotector.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Catherine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\prevhost.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.myplaycity.com/
mStart Page = hxxp://home.myplaycity.com/
uURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
uURLSearchHooks: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - <orphaned>
mURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: NCH EN Toolbar: {37483B40-C254-4A72-BDA4-22EE90182C1E} - c:\program files\nch_en\prxtbNCH_.dll
TB: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [Google Update] "c:\users\catherine\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Spotify Web Helper] "c:\users\catherine\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Advanced System Protector] <no file>
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to AMV Converter... - c:\program files\mp3 player utilities 4.15\amvconverter\grab.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\mp3 player utilities 4.15\mediamanager\grab.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{2DF55E09-5A98-43BD-BBBC-3552C002648D} : DHCPNameServer = 10.1.1.1
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-7-15 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-23 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-7-23 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-7-23 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2012-11-30 44808]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-4 27056]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-4 497320]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [2012-3-2 21504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-14 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-28 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-25 1343400]
.
=============== Created Last 30 ================
.
2013-03-01 21:26:19 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{77d1a71a-2c22-4cae-b23e-26aecbd1155c}\mpengine.dll
2013-02-27 10:26:59 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-02-27 10:26:57 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-02-14 22:14:27 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-13 23:12:33 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 23:12:13 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 23:12:11 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 23:12:07 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 23:12:06 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 23:12:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-12 02:57:05 -------- d-----w- c:\users\catherine\appdata\roaming\Blackboard
2013-02-10 09:48:15 -------- d-----w- c:\program files\directx
2013-02-10 09:48:06 -------- d-----w- c:\program files\GameSpy Arcade
2013-02-10 09:37:34 -------- d-----w- c:\program files\Activision
2013-02-07 09:07:00 -------- d-----w- c:\users\catherine\appdata\roaming\ooVoo Details
2013-02-07 09:06:36 -------- d-----w- c:\program files\ooVoo
.
==================== Find3M ====================
.
2013-02-27 08:27:51 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-27 08:27:50 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-14 22:14:08 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-14 22:14:08 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-16 14:58:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-13 21:17:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 20:30:34 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 20:22:22 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:54:01 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:48:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:02:06 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-04 06:11:21 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 01:19:38 454744 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
.
============= FINISH: 16:52:49.17 ===============
Today I was looking up some information on terminal blocks to help my 12 year old with his electronics project.
I put 'using a terminal block for children' into google search.
One of the entries was labelled 'Terminal Block Electrical' the address underneath was
'smokers news.com/refer/terminal-block-electrical'- I am not sure if this will act as a link once I post so I have put a space between the smokers and the news which was one word. (I didn't notice the address at the time just looked at the title)
When I clicked on 'Terminal Block Electrical' I was greeted with an obscene photo and found I had been taken to a porn site. The site name in my history is Sex datings in Adelaide (this is where I live).
Here is the dds and I have attached the attach and the ark.text. I have access to a windows install disc.
I am sorry to say that I had a similar problem mid 2009 which you helped me fix. I do hope you can help this time also. Since then a lot of things have changed and I may not have the appropriate security.
Thankyou
Cathy
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2
Run by Catherine at 16:51:40 on 2013-03-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.61.1033.18.2047.895 [GMT 10.5:30]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Advanced System Protector\advancedsystemprotector.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Catherine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\prevhost.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catherine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.myplaycity.com/
mStart Page = hxxp://home.myplaycity.com/
uURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
uURLSearchHooks: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - <orphaned>
mURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: NCH EN Toolbar: {37483B40-C254-4A72-BDA4-22EE90182C1E} - c:\program files\nch_en\prxtbNCH_.dll
TB: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [Google Update] "c:\users\catherine\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Spotify Web Helper] "c:\users\catherine\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Advanced System Protector] <no file>
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to AMV Converter... - c:\program files\mp3 player utilities 4.15\amvconverter\grab.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\mp3 player utilities 4.15\mediamanager\grab.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{2DF55E09-5A98-43BD-BBBC-3552C002648D} : DHCPNameServer = 10.1.1.1
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-7-15 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-23 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-7-23 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-7-23 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2012-11-30 44808]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-4 27056]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-4 497320]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [2012-3-2 21504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-14 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-28 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-25 1343400]
.
=============== Created Last 30 ================
.
2013-03-01 21:26:19 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{77d1a71a-2c22-4cae-b23e-26aecbd1155c}\mpengine.dll
2013-02-27 10:26:59 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-02-27 10:26:57 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-02-14 22:14:27 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-13 23:12:33 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 23:12:13 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 23:12:11 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 23:12:07 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 23:12:06 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 23:12:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-12 02:57:05 -------- d-----w- c:\users\catherine\appdata\roaming\Blackboard
2013-02-10 09:48:15 -------- d-----w- c:\program files\directx
2013-02-10 09:48:06 -------- d-----w- c:\program files\GameSpy Arcade
2013-02-10 09:37:34 -------- d-----w- c:\program files\Activision
2013-02-07 09:07:00 -------- d-----w- c:\users\catherine\appdata\roaming\ooVoo Details
2013-02-07 09:06:36 -------- d-----w- c:\program files\ooVoo
.
==================== Find3M ====================
.
2013-02-27 08:27:51 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-27 08:27:50 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-14 22:14:08 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-14 22:14:08 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-16 14:58:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-13 21:17:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 20:30:34 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 20:22:22 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:54:01 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:48:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:02:06 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-04 06:11:21 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 01:19:38 454744 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
.
============= FINISH: 16:52:49.17 ===============