Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

IE8, Firefox and Google Chrome freeze

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 14th, 2011, 9:18 pm

Hi, Whenever I use either IE8, Firefox or Google Chrome they all freeze after a short time. When I close a tab or window in any one of these browsers it leaves iexplorer.exe, firefox.exe or chrome.exe in the Windows Task Manager's processes section.

I have posted my dds log files for you to look at. Any help you can give to fix this problem is much appreciated. Thank you.

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Cragdo at 1:42:36 on 2011-08-15
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3583.2677 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\program files\instanteyedropper\instanteyedropper.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Documents and Settings\Cragdo\Application Data\Dropbox\bin\Dropbox.exe
C:\Documents and Settings\Cragdo\Local Settings\Application Data\Google\Update\1.3.21.65\GoogleCrashHandler.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\NOTEPAD.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
uRun: [instanteyedropperpro] "c:\program files\instanteyedropper\instanteyedropper.exe"
uRun: [Advanced SystemCare 4] "c:\program files\iobit\advanced systemcare 4\ASCTray.exe"
uRun: [Google Update] "c:\documents and settings\cragdo\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\cragdo\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\cragdo\application data\dropbox\bin\Dropbox.exe
uPolicies-explorer: NoInstrumentation = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/ ... vc1dmo.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{E70AF3A8-EA76-42B3-B4E0-769E0271D9C5} : DhcpNameServer = 192.168.0.1
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-4-9 13496]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-12 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-3-12 309848]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\iobit\advanced systemcare 4\ASCService.exe [2011-5-15 353168]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-3-12 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-3-12 42184]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2011-6-18 820568]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-7 366640]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-8-7 2214504]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2010-9-16 80896]
R2 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2011-8-13 532224]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2011-8-6 239600]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-7 22712]
R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2011-8-6 30368]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2010-7-8 606056]
R3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2011-8-6 16080]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-7-25 845184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-4-8 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-22 21248]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-4-14 14336]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-4-3 44896]
S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10_50.sqlexpress\mssql\binn\SQLAGENT.EXE [2010-4-3 367456]
.
=============== Created Last 30 ================
.
2011-08-13 04:41:34 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-08-13 04:41:34 -------- d-----w- c:\windows\system32\ZoneLabs
2011-08-13 04:41:32 -------- d-----w- c:\program files\Zone Labs
2011-08-11 19:25:56 -------- d-s---w- C:\ComboFix
2011-08-10 11:44:37 916480 ----a-w- c:\windows\system32\SET1A.tmp
2011-08-10 11:44:37 602112 ----a-w- c:\windows\system32\SET22.tmp
2011-08-10 11:44:37 55296 ----a-w- c:\windows\system32\SET21.tmp
2011-08-10 11:44:37 1991680 ----a-w- c:\windows\system32\SET26.tmp
2011-08-10 11:44:37 105984 ----a-w- c:\windows\system32\SET1C.tmp
2011-08-10 11:44:36 5969920 ----a-w- c:\windows\system32\SET20.tmp
2011-08-10 11:44:36 1212416 ----a-w- c:\windows\system32\SET1B.tmp
2011-08-10 11:44:36 11081728 ----a-w- c:\windows\system32\SET28.tmp
2011-08-07 16:13:55 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-08-07 16:13:55 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-08-07 16:06:18 -------- d-----w- c:\program files\Realtek
2011-08-07 15:54:29 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-08-07 15:54:29 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
2011-08-07 08:59:09 -------- d-----w- c:\documents and settings\cragdo\application data\ElevatedDiagnostics
2011-08-07 08:57:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2011-08-07 08:57:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2011-08-07 08:57:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2011-08-07 08:57:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2011-08-07 08:57:36 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2011-08-07 08:57:36 6144 ----a-w- c:\windows\system32\kbd101c.dll
2011-08-07 08:57:36 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2011-08-07 08:57:36 5632 ----a-w- c:\windows\system32\kbd103.dll
2011-08-07 08:57:35 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2011-08-07 08:57:35 6144 ----a-w- c:\windows\system32\kbd101b.dll
2011-08-07 08:57:34 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2011-08-07 08:57:34 6144 ----a-w- c:\windows\system32\kbd106.dll
2011-08-07 08:56:12 -------- d-----w- c:\program files\DLLSuite
2011-08-07 05:46:24 -------- d-----w- c:\documents and settings\cragdo\application data\Malwarebytes
2011-08-07 05:46:13 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-07 05:46:13 -------- d-----w- c:\documents and settings\all users.windows\application data\Malwarebytes
2011-08-07 05:46:06 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-07 01:51:33 -------- d-sha-r- C:\cmdcons
2011-08-07 01:48:30 98816 ----a-w- c:\windows\sed.exe
2011-08-07 01:48:30 518144 ----a-w- c:\windows\SWREG.exe
2011-08-07 01:48:30 256000 ----a-w- c:\windows\PEV.exe
2011-08-07 01:48:30 208896 ----a-w- c:\windows\MBR.exe
2011-08-06 23:24:18 388096 ----a-r- c:\documents and settings\cragdo\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-08-06 22:51:33 -------- d-----w- c:\documents and settings\cragdo\application data\searchquband
2011-08-06 22:51:33 -------- d-----w- c:\documents and settings\cragdo\AppData
2011-08-04 18:08:05 417792 ----a-w- c:\program files\windows media player\plugins\wmp_scrobbler.dll
2011-08-04 18:08:05 -------- d-----w- c:\documents and settings\all users.windows\application data\Last.fm
2011-08-04 18:07:33 -------- d-----w- c:\documents and settings\cragdo\local settings\application data\Last.fm
2011-08-04 18:07:30 -------- d-----w- c:\program files\Last.fm
2011-08-04 08:47:57 -------- d-----w- c:\documents and settings\cragdo\local settings\application data\Ilivid Player
2011-08-04 08:47:13 -------- d-----w- c:\documents and settings\cragdo\application data\searchqutoolbar
2011-08-04 08:47:11 -------- d-----w- c:\documents and settings\all users.windows\application data\boost_interprocess
2011-08-04 08:46:31 -------- d-----w- c:\documents and settings\cragdo\local settings\application data\PackageAware
.
==================== Find3M ====================
.
2011-08-07 16:14:22 273344 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-08-07 16:14:22 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-08-07 16:14:20 273344 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\SET25B.tmp
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-25 07:25:58 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25:58 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25:57 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25:57 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25:57 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25:57 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25:56 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25:56 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25:56 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
.
============= FINISH: 1:43:56.84 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 22/07/2010 20:41:08
System Uptime: 15/08/2011 01:27:24 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5KPL-AM
Processor: Intel Pentium III Xeon processor | Socket 775 | 3163/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 851.715 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP302: 07/08/2011 21:15:05 - System Checkpoint
RP303: 09/08/2011 10:27:06 - System Checkpoint
RP304: 10/08/2011 11:38:42 - System Checkpoint
RP305: 10/08/2011 13:12:05 - Software Distribution Service 3.0
RP306: 11/08/2011 17:36:23 - Software Distribution Service 3.0
RP307: 12/08/2011 19:17:19 - IObit Uninstaller restore point
RP308: 12/08/2011 19:18:44 - IObit Uninstaller restore point
RP309: 12/08/2011 19:19:42 - IObit Uninstaller restore point
RP310: 13/08/2011 19:54:58 - System Checkpoint
RP311: 14/08/2011 20:18:51 - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS5
Adobe Reader 8.3.0
Advanced SystemCare 4
Akamai NetSession Interface
AMP Font Viewer
avast! Free Antivirus
AVG 2011
Belkin USB Wireless Adaptor
CCleaner
DLL Suite 1.0
Dropbox
FileZilla Client 3.3.5.1
Google Chrome
Google Earth Plug-in
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB981793)
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
IObit Malware Fighter
Last.fm 1.5.4.27091
Macromedia Fireworks 8
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Help Viewer 1.0
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Web Developer 2010 Express - ENU
Microsoft Web Platform Installer 2.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MSN
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
MyFonts Order M1833979 (A-L)
MyFonts Order M1833979 (M-U)
MyFonts Order M1833979 (V-Z)
MyFonts Order M2874875
MyFonts Order M2875029
NVIDIA Control Panel 275.33
NVIDIA Graphics Driver 275.33
NVIDIA Install Application
NVIDIA nView 135.85
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Update 1.3.5
NVIDIA Update Components
OpenOffice.org 3.2
PDF Settings CS5
Picasa 3
Platform
REALTEK GbE & FE Ethernet PCI-E NIC Driver
REALTEK GbE & FE Ethernet PCI NIC Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Visual Web Developer 2010 Express - ENU (KB2251489)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag 2
Spotify
SQL Server 2008 R2 Common Files
SQL Server 2008 R2 Database Engine Services
SQL Server 2008 R2 Database Engine Shared
Sql Server Customer Experience Improvement Program
Total Validator Tool
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC 9.0 Runtime
VIA Platform Device Manager
VisiPics V1.30
Visual C++ 8.0 CRT (x86) WinSXS MSM
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
VLC media player 1.1.2
Web Deployment Tool
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
WinRAR archiver
WinZip 14.5
ZoneAlarm
.
==== Event Viewer Messages From Past Week ========
.
13/08/2011 14:42:38, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
12/08/2011 23:44:54, error: Service Control Manager [7024] - The SQL Server (SQLEXPRESS) service terminated with service-specific error 3417 (0xD59).
11/08/2011 20:22:22, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD aswRdr aswSnx aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
11/08/2011 20:22:22, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/08/2011 20:22:22, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/08/2011 20:22:22, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
11/08/2011 20:21:58, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
11/08/2011 20:21:49, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
.
==== End Of File ===========================
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm
Advertisement
Register to Remove

Re: IE8, Firefox and Google Chrome freeze

Unread postby Gary R » August 19th, 2011, 1:37 am

Looking over your log, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IE8, Firefox and Google Chrome freeze

Unread postby Gary R » August 19th, 2011, 1:49 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Malware Removal" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi Cragdo

I'm Gary R, I'll be glad to help you with your computer problems.

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please observe these rules while we work:
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • If you're using XP, you'll need Administrator privileges to perform the fixes. (XP accounts are Administrator by default)
  • If you're using Vista or Windows7, it will be necessary to right click all tools we use and select ----> Run as Administrator
Important As I said earlier removing Malware is a potentially hazardous thing to do, so to increase our chances of recovery in the event of something unexpected happening, I'd like you to make a backup of your Registry before we start to clean your computer.
  • Download ERUNT to your desktop
  • Alternate Download
  • Double-click on erunt_setup.exe to install the program
  • Untick the NTREGOPT desktop shortcut option
  • Click No when you get the option to run Erunt at Windows startup.
  • During the installation, tick Launch Erunt.
  • Accept the default options for running a backup.
  • Erunt will then backup your registry.
  • Click OK to finish.
  • If you are unable to back up your Registry with ERUNT ....
    • Let me know.
    • Do not follow any further instructions until I tell you to.
It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


Download OTL by OldTimer to your Desktop.

Alternative Download

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Under Custom Scans/Fixes copy/paste the contents of the code box below.
Code: Select all
c:|Fun4IM;true;true;true; /FP
c:|Bandoo;true;true;true; /FP
c:|Searchqu;true;true;true; /FP
c:|iLivid;true;true;true; /FP
c:|whitesmoke;true;true;true; /FP
c:|datamngr;true;true;true; /FP
c:|trolltech;true;true;true; /FP

|Fun4IM /RS
|Bandoo /RS
|Searchqu /RS
|iLivid /RS
|whitesmoke /RS
|datamngr /RS
|trolltech /RS
|kelkoopartners /RS

  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 8:47 am

Hi Gary R, Thank you so much for your help here. You guys are a cut above.

I have attempted to run OTL twice and both times it has has stopped responding at:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Dos Devices\AUX... (can't read the rest of the key)

Any ideas?

Cheers
Cragdo
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm

Re: IE8, Firefox and Google Chrome freeze

Unread postby Gary R » August 19th, 2011, 11:02 am

Try downloading a new copy of OTL, using either of the links below.

http://oldtimer.geekstogo.com/OTL.com

http://oldtimer.geekstogo.com/OTL.scr

.... then run a scan using these instructions ....

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

If it still won't run, please try running an OTL scan with your computer booted into Safe Mode ....

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
Note: if you cannot boot into safe mode using this method, DO NOT attempt to do so by using MSConfig, this could result in your computer becoming unbootable. Just let me know.

If still unable to run OTL, re-boot into normal mode and let me know.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 11:38 am

Hi Gary R, This version of OTL worked in normal mode Thanks. here are the required logs:

OTL logfile created on: 19/08/2011 16:30:34 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Cragdo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 76.94% Memory free
5.34 Gb Paging File | 4.51 Gb Available in Paging File | 84.46% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 850.33 Gb Free Space | 91.29% Space Free | Partition Type: NTFS

Computer Name: CRAZY-BOB | User Name: Cragdo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/19 16:29:19 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cragdo\Desktop\OTL.com
PRC - [2011/08/01 09:13:16 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\Google\Update\1.3.21.65\GoogleCrashHandler.exe
PRC - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/07/20 12:19:44 | 004,393,816 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 12:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 12:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/28 14:46:56 | 003,380,624 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASC.exe
PRC - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/05/25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Cragdo\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/05/25 08:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/22 13:37:56 | 001,644,376 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/01/27 18:57:48 | 000,585,728 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
PRC - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2008/04/14 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/17 16:22:56 | 000,352,256 | ---- | M] () -- C:\Program Files\InstantEyedropper\InstantEyedropper.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/19 12:10:10 | 001,287,680 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11081900\algo.dll
MOD - [2011/08/18 23:04:46 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11081900\aswRep.dll
MOD - [2011/08/03 02:24:49 | 003,542,616 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll
MOD - [2011/07/22 05:54:14 | 000,862,720 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\Scan.dll
MOD - [2011/06/23 13:41:30 | 000,138,752 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll
MOD - [2011/05/28 14:46:58 | 000,846,736 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\Scan.dll
MOD - [2011/05/28 14:46:58 | 000,561,184 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\sqlite3.dll
MOD - [2011/05/28 14:46:58 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\madexcept_.bpl
MOD - [2011/05/28 14:46:58 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\madbasic_.bpl
MOD - [2011/05/28 14:46:58 | 000,055,184 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\NtfsData.dll
MOD - [2011/05/28 14:46:58 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\maddisAsm_.bpl
MOD - [2011/05/28 14:46:56 | 000,596,368 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\DiskMap.dll
MOD - [2011/02/08 18:26:38 | 000,042,496 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2011/01/27 18:57:50 | 000,516,599 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
MOD - [2011/01/27 18:57:48 | 000,585,728 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
MOD - [2011/01/27 18:57:48 | 000,352,256 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll
MOD - [2011/01/27 18:57:48 | 000,139,264 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
MOD - [2011/01/27 18:57:48 | 000,139,264 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
MOD - [2011/01/27 18:57:46 | 000,094,208 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
MOD - [2010/11/26 12:18:08 | 000,175,616 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
MOD - [2010/11/21 15:54:34 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
MOD - [2009/09/15 18:20:50 | 000,177,152 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\madbasic_.bpl
MOD - [2009/09/15 18:20:50 | 000,044,544 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\maddisAsm_.bpl
MOD - [2009/09/15 18:20:44 | 000,345,088 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\madexcept_.bpl
MOD - [2007/10/17 16:22:56 | 000,352,256 | ---- | M] () -- C:\Program Files\InstantEyedropper\InstantEyedropper.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/08/03 02:24:49 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
SRV - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 12:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/05/25 08:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/07/26 16:01:58 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)


========== Driver Services (SafeList) ==========

DRV - [2011/07/11 14:40:46 | 000,239,600 | ---- | M] () [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 12:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 12:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 12:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 12:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 12:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 12:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 12:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/03/23 01:00:08 | 000,016,080 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 01:00:06 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2011/02/23 17:04:30 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/07/08 15:09:10 | 000,606,056 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010/06/22 18:01:50 | 000,021,248 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Auto | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010/04/03 11:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2009/06/10 00:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/08/07 12:14:00 | 000,111,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/07/25 13:09:24 | 000,845,184 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/02/14 07:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2004/08/13 11:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.0: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Cragdo\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Cragdo\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/07/14 15:22:54 | 000,000,000 | ---D | M]

[2011/08/12 19:17:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cragdo\Application Data\Mozilla\Extensions
[2010/08/08 15:00:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cragdo\Application Data\Mozilla\Firefox\Profiles\maui1igv.default\extensions

O1 HOSTS File: ([2011/08/07 10:51:05 | 000,000,027 | --S- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003..\Run: [instanteyedropperpro] c:\program files\instanteyedropper\instanteyedropper.exe ()
O4 - Startup: C:\Documents and Settings\Cragdo\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Cragdo\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Craig\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1409082233-1767777339-682003330-1011\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1767777339-682003330-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Cragdo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cragdo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/07 13:03:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SmartDefragBootTime.exe) - C:\WINDOWS\System32\SmartDefragBootTime.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/19 16:29:12 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cragdo\Desktop\OTL.com
[2011/08/19 16:23:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Cragdo\Recent
[2011/08/19 12:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/08/19 12:34:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\ERUNT
[2011/08/19 12:31:56 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Cragdo\Desktop\erunt-setup.exe
[2011/08/15 02:37:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2011/08/15 02:37:00 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/08/15 02:37:00 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/08/15 02:37:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/08/15 02:37:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/08/15 02:37:00 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/08/15 02:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Application Data\Sun
[2011/08/15 01:37:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Desktop\z log files
[2011/08/13 15:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Start Menu\Programs\Google Chrome
[2011/08/13 05:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\ZoneAlarm
[2011/08/13 05:41:41 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2011/08/13 05:41:40 | 000,104,448 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2011/08/13 05:41:40 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2011/08/13 05:41:36 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2011/08/13 05:41:34 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2011/08/13 05:41:34 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2011/08/13 05:41:34 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2011/08/13 05:41:34 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2011/08/13 05:41:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/08/13 05:41:33 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2011/08/13 05:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/08/13 05:40:42 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2011/08/13 05:40:41 | 000,715,264 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2011/08/13 05:40:41 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2011/08/13 02:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Desktop\Flimsy Folder
[2011/08/12 23:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Desktop\dresses
[2011/08/12 19:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Desktop\Firefox Bookmarks
[2011/08/11 20:25:56 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/08/11 20:17:26 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/08/07 19:11:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cragdo\Desktop\Trindo's Stuf
[2011/08/07 18:05:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cragdo\Desktop\jQuery
[2011/08/07 17:40:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cragdo\Desktop\Web Icons
[2011/08/07 17:36:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cragdo\Desktop\Fonts
[2011/08/07 17:18:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cragdo\Desktop\Websites
[2011/08/07 17:13:55 | 000,899,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco3220150.dll
[2011/08/07 17:13:55 | 000,865,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco322090.dll
[2011/08/07 17:06:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/08/07 16:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA
[2011/08/07 16:54:29 | 000,944,232 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco3220140.dll
[2011/08/07 16:54:29 | 000,855,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco322060.dll
[2011/08/07 10:26:26 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/08/07 10:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Favorites
[2011/08/07 09:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Application Data\ElevatedDiagnostics
[2011/08/07 09:57:36 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2011/08/07 09:57:36 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2011/08/07 09:57:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2011/08/07 09:57:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2011/08/07 09:57:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2011/08/07 09:57:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2011/08/07 09:57:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2011/08/07 09:57:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2011/08/07 09:57:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2011/08/07 09:57:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2011/08/07 09:57:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2011/08/07 09:57:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2011/08/07 09:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\DLLSuite
[2011/08/07 09:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Start Menu\Programs\Dll Suite 1.0
[2011/08/07 08:22:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cragdo\Desktop\Optimisation Tools
[2011/08/07 06:46:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Application Data\Malwarebytes
[2011/08/07 06:46:13 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/08/07 06:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/07 06:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2011/08/07 06:46:06 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/07 02:51:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/08/07 02:48:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/08/07 02:48:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/08/07 02:48:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/08/07 02:48:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/08/07 02:48:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/08/07 02:48:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/07 00:52:59 | 004,165,920 | R--- | C] (Swearware) -- C:\Documents and Settings\Cragdo\Desktop\ComboFix.exe
[2011/08/07 00:50:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cragdo\Start Menu\Programs\Administrative Tools
[2011/08/07 00:24:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Start Menu\Programs\HiJackThis
[2011/08/06 23:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Application Data\searchquband
[2011/08/06 23:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\AppData
[2011/08/06 23:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\IObit Malware Fighter
[2011/08/04 19:08:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Last.fm
[2011/08/04 19:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\Last.fm
[2011/08/04 19:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Last.fm
[2011/08/04 19:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Last.fm
[2011/08/04 09:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\Ilivid Player
[2011/08/04 09:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Application Data\searchqutoolbar
[2011/08/04 09:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\boost_interprocess
[2011/08/04 09:46:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\PackageAware
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/19 16:29:19 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cragdo\Desktop\OTL.com
[2011/08/19 16:24:50 | 000,013,686 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/19 16:24:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/19 16:24:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/08/19 16:24:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/08/19 16:23:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/19 14:22:53 | 000,034,297 | ---- | M] () -- C:\Documents and Settings\Cragdo\Desktop\Dave-site--inspiration.jpg
[2011/08/19 14:18:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/19 13:49:01 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1767777339-682003330-1003UA.job
[2011/08/19 12:34:39 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Cragdo\Desktop\ERUNT.lnk
[2011/08/19 12:32:58 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E7FB37CD-827C-45A6-B4D7-8C4C9FFFF1A2}.job
[2011/08/19 12:32:02 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Cragdo\Desktop\erunt-setup.exe
[2011/08/18 15:49:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1767777339-682003330-1003Core.job
[2011/08/17 18:52:10 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader X.lnk
[2011/08/15 02:36:49 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/08/15 02:36:49 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/08/15 02:36:49 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/08/15 02:36:49 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/08/15 02:36:49 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/08/15 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-CRAZY-BOB-Cragdo.job
[2011/08/14 00:30:59 | 000,079,360 | ---- | M] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/13 15:46:29 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\Cragdo\Desktop\Google Chrome.lnk
[2011/08/13 15:46:29 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Cragdo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/13 06:04:06 | 000,420,800 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/08/13 05:41:50 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/08/13 05:41:42 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Cragdo\Desktop\ZoneAlarm Security.lnk
[2011/08/13 04:21:53 | 001,882,279 | ---- | M] () -- C:\Documents and Settings\Cragdo\Desktop\IMAG0153.jpg
[2011/08/12 22:53:31 | 000,014,593 | ---- | M] () -- C:\Documents and Settings\Cragdo\Desktop\COVERGIRLGREYFITTED-2T.jpg
[2011/08/12 22:07:04 | 000,021,437 | ---- | M] () -- C:\Documents and Settings\Cragdo\Desktop\2011_brand_newest_christian_louboutin_mago_two_tone_suede_pumps_blue_with_cheap_price05.jpg
[2011/08/12 19:44:26 | 000,633,408 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 19:44:26 | 000,130,064 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/12 19:19:55 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Cragdo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/12 19:13:44 | 000,204,456 | ---- | M] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\census.cache
[2011/08/12 19:13:41 | 000,207,846 | ---- | M] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\ars.cache
[2011/08/12 19:08:34 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\housecall.guid.cache
[2011/08/07 17:14:22 | 000,273,344 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/08/07 17:14:22 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/08/07 17:14:20 | 000,273,344 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/08/07 11:31:16 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/07 11:07:19 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\Cragdo\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/08/07 10:52:08 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/08/07 10:52:08 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/08/07 10:51:05 | 000,000,027 | --S- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/08/07 09:54:20 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/08/07 02:51:39 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/08/07 00:53:11 | 004,165,920 | R--- | M] (Swearware) -- C:\Documents and Settings\Cragdo\Desktop\ComboFix.exe
[2011/08/04 19:07:31 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Last.fm.lnk
[2011/07/25 16:17:44 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/19 14:29:36 | 000,034,297 | ---- | C] () -- C:\Documents and Settings\Cragdo\Desktop\Dave-site--inspiration.jpg
[2011/08/19 12:34:39 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Cragdo\Desktop\ERUNT.lnk
[2011/08/17 18:52:10 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Reader X.lnk
[2011/08/17 18:52:10 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader X.lnk
[2011/08/13 15:46:29 | 000,002,293 | ---- | C] () -- C:\Documents and Settings\Cragdo\Desktop\Google Chrome.lnk
[2011/08/13 15:46:29 | 000,002,271 | ---- | C] () -- C:\Documents and Settings\Cragdo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/13 15:44:56 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1767777339-682003330-1003UA.job
[2011/08/13 15:44:55 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1767777339-682003330-1003Core.job
[2011/08/13 06:26:48 | 000,396,672 | ---- | C] () -- C:\Documents and Settings\Cragdo\Desktop\Trindo-Tweaked Again.jpg
[2011/08/13 05:41:42 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Cragdo\Desktop\ZoneAlarm Security.lnk
[2011/08/13 05:41:33 | 000,420,800 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/08/13 04:21:59 | 001,882,279 | ---- | C] () -- C:\Documents and Settings\Cragdo\Desktop\IMAG0153.jpg
[2011/08/12 22:55:43 | 000,014,593 | ---- | C] () -- C:\Documents and Settings\Cragdo\Desktop\COVERGIRLGREYFITTED-2T.jpg
[2011/08/12 22:22:28 | 000,021,437 | ---- | C] () -- C:\Documents and Settings\Cragdo\Desktop\2011_brand_newest_christian_louboutin_mago_two_tone_suede_pumps_blue_with_cheap_price05.jpg
[2011/08/12 19:13:44 | 000,204,456 | ---- | C] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\census.cache
[2011/08/12 19:13:41 | 000,207,846 | ---- | C] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\ars.cache
[2011/08/12 19:08:34 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\housecall.guid.cache
[2011/08/07 17:13:55 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/08/07 11:31:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/07 11:07:19 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Cragdo\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/08/07 02:51:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/08/07 02:51:37 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/08/07 02:48:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/08/07 02:48:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/08/07 02:48:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/08/07 02:48:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/08/07 02:48:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/08/04 19:07:31 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Last.fm.lnk
[2011/04/18 21:31:41 | 000,000,073 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/04/18 21:31:14 | 000,001,378 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ss.ini
[2011/04/09 14:25:39 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/04/09 14:25:39 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2010/10/31 01:42:08 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/10/31 01:42:06 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/10/31 01:42:06 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/10/16 15:02:15 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2010/09/08 19:21:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\prvlcl.dat
[2010/07/25 11:00:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/07/25 10:59:58 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/07/25 10:32:13 | 000,018,412 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010/07/25 10:32:03 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/07/25 10:32:00 | 000,018,169 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/07/25 10:31:52 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/07/22 22:59:11 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Cragdo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/22 21:03:34 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/07/22 21:01:24 | 003,804,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/22 20:41:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/07/22 20:37:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 13:00:00 | 000,633,408 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 13:00:00 | 000,130,064 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/02/22 17:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/02/22 17:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/02/22 16:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/08/08 11:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/03/20 16:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/26 10:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wacom
[2011/03/12 19:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2011/04/14 07:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Security Toolbar
[2011/08/07 02:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG10
[2010/10/24 19:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg9
[2011/08/04 09:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\boost_interprocess
[2010/10/24 21:34:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011/04/18 21:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FreeRIP
[2011/05/20 18:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011/08/04 19:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Last.fm
[2011/01/15 17:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2010/10/16 14:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\regid.1986-12.com.adobe
[2010/08/04 16:15:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2010/12/20 18:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\Alien Skin
[2010/08/04 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\AMPSoft
[2010/10/24 21:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\AVG10
[2010/07/27 17:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\AVG9
[2010/07/25 11:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\CheckPoint
[2011/08/19 16:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\Dropbox
[2011/08/07 09:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\ElevatedDiagnostics
[2011/04/10 13:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\FileZilla
[2011/05/29 06:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\GrabIt
[2011/05/15 17:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\HTC
[2011/04/08 21:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011/08/03 23:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\IObit
[2010/07/25 14:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\OpenOffice.org
[2011/08/06 23:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\searchquband
[2011/08/06 23:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\searchqutoolbar
[2010/11/02 23:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\Sencha, Inc
[2011/08/18 10:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\Spotify
[2010/12/20 11:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/04/09 21:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\Windows Desktop Search
[2011/05/28 05:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cragdo\Application Data\Windows Search
[2009/12/18 23:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Alien Skin
[2009/12/11 12:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\AMPSoft
[2010/03/10 13:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Bamboo Explore
[2010/03/10 13:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Bamboo Scribe
[2010/07/14 20:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\CheckPoint
[2010/03/10 20:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\com.gugga.inTouch.5F38BFD43016A92ECF6B8272C407E5E3E2F4A2AF.1
[2010/03/10 19:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1
[2009/08/10 08:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Easy Thumbnails
[2010/05/06 08:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\FileZilla
[2009/08/17 13:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Free Photo Converter
[2009/11/04 18:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\gtk-2.0
[2010/02/22 16:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\IObit
[2009/08/14 15:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\OpenOffice.org
[2009/08/09 13:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Opera
[2009/09/04 17:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Software Informer
[2010/07/17 13:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Spotify
[2009/08/21 23:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\SystemRequirementsLab
[2010/03/10 19:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\Wacom
[2010/03/10 19:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2010/03/10 18:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Craig\Application Data\WTouch
[2011/08/19 16:24:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
[2011/08/19 16:24:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job
[2011/08/19 12:32:58 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E7FB37CD-827C-45A6-B4D7-8C4C9FFFF1A2}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FA5F15C4

< End of report >

OTL Extras logfile created on: 19/08/2011 16:30:34 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Cragdo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 76.94% Memory free
5.34 Gb Paging File | 4.51 Gb Available in Paging File | 84.46% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 850.33 Gb Free Space | 91.29% Space Free | Partition Type: NTFS

Computer Name: CRAZY-BOB | User Name: Cragdo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1036:TCP" = 1036:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Documents and Settings\Cragdo\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Cragdo\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0270CDDA-B19D-6A11-3530-28EC36DAE787}" = MyFonts Order M1833979 (M-U)
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04E7A3BB-DB38-481C-A809-35FA60C78EDF}" = AVG 2011
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09DF00E6-520C-49D5-B7E0-9612165CACA8}" = OpenOffice.org 3.2
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1CA86915-6C2D-C7FE-B399-406B444A9FDA}" = MyFonts Order M1833979 (A-L)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB6A079-178B-4144-B21F-4D1AE71666A2}" = Microsoft SQL Server 2008 R2 Native Client
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{59996900-0E6C-45B7-8C39-C64CB98462E4}" = Microsoft Web Platform Installer 2.0
"{5BDFAB82-060E-438B-AB4F-A2331B2294C0}" = Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English)
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{85076DFF-7A17-3566-9CC0-488E6E6D4494}" = Microsoft Visual Web Developer 2010 Express - ENU
"{8524BBAC-E3A7-42F5-9B9A-5AE50A10C500}" = Belkin USB Wireless Adaptor
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3A8A33-D0EC-2E8F-3F22-B172680EEE33}" = MyFonts Order M1833979 (V-Z)
"{923E3957-F939-453A-BD55-41CFB8D7F211}" = HTC Sync
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A276502A-8979-44FB-8090-90CF72F22ABC}" = AVG 2011
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AC76BA86-7AD7-2448-0000-800000000003}" = Chinese Traditional Fonts Support For Adobe Reader 8
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4D0E839-72DD-2F46-BEA7-D44926AA9BFA}" = MyFonts Order M2874875
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CCF1D18B-AE16-4F69-B4F5-CAC4659C67AE}_is1" = DLL Suite 1.0
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DF99428D-8EAE-DE2B-1893-16A2765EE5D4}" = MyFonts Order M2875029
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F4C68898-EBA5-46A9-82B3-2D30426086BF}" = AVG 2011
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Akamai" = Akamai NetSession Interface
"AMP Font Viewer" = AMP Font Viewer
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.3.5.1
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{8524BBAC-E3A7-42F5-9B9A-5AE50A10C500}" = Belkin USB Wireless Adaptor
"IObit Malware Fighter_is1" = IObit Malware Fighter
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Microsoft Visual Web Developer 2010 Express - ENU" = Microsoft Visual Web Developer 2010 Express - ENU
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Picasa 3" = Picasa 3
"Smart Defrag 2_is1" = Smart Defrag 2
"Spotify" = Spotify
"Total Validator Tool" = Total Validator Tool
"VisiPics_is1" = VisiPics V1.30
"VLC media player" = VLC media player 1.1.2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YTdetect" = Yahoo! Detect
"ZoneAlarm" = ZoneAlarm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14/08/2011 21:26:29 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 14/08/2011 22:15:53 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

Error - 18/08/2011 07:38:05 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 18/08/2011 14:09:09 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 08:02:23 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 09:43:49 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

Error - 19/08/2011 10:53:04 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:06:10 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:25:48 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:26:00 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

[ Application Events ]
Error - 14/08/2011 21:26:29 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 14/08/2011 22:15:53 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

Error - 18/08/2011 07:38:05 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 18/08/2011 14:09:09 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 08:02:23 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 09:43:49 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

Error - 19/08/2011 10:53:04 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:06:10 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:25:48 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:26:00 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

[ Application Events ]
Error - 14/08/2011 21:26:29 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 14/08/2011 22:15:53 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

Error - 18/08/2011 07:38:05 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 18/08/2011 14:09:09 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 08:02:23 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 09:43:49 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

Error - 19/08/2011 10:53:04 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:06:10 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:25:48 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\CRAGDO\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 19/08/2011 11:26:00 | Computer Name = CRAZY-BOB | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

[ System Events ]
Error - 12/08/2011 18:44:54 | Computer Name = CRAZY-BOB | Source = Service Control Manager | ID = 7024
Description = The SQL Server (SQLEXPRESS) service terminated with service-specific
error 3417 (0xD59).

Error - 13/08/2011 09:42:38 | Computer Name = CRAZY-BOB | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 13/08/2011 09:42:38 | Computer Name = CRAZY-BOB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 16/08/2011 03:24:46 | Computer Name = CRAZY-BOB | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 944452F63528 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 19/08/2011 10:33:58 | Computer Name = CRAZY-BOB | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 19/08/2011 10:34:56 | Computer Name = CRAZY-BOB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSnx aswSP aswTdi Fips intelppm

Error - 19/08/2011 10:50:19 | Computer Name = CRAZY-BOB | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 19/08/2011 11:07:55 | Computer Name = CRAZY-BOB | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 19/08/2011 11:09:14 | Computer Name = CRAZY-BOB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSnx aswSP aswTdi Fips intelppm

Error - 19/08/2011 11:23:14 | Computer Name = CRAZY-BOB | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

[ System Events ]
Error - 12/08/2011 18:44:54 | Computer Name = CRAZY-BOB | Source = Service Control Manager | ID = 7024
Description = The SQL Server (SQLEXPRESS) service terminated with service-specific
error 3417 (0xD59).

Error - 13/08/2011 09:42:38 | Computer Name = CRAZY-BOB | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 13/08/2011 09:42:38 | Computer Name = CRAZY-BOB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 16/08/2011 03:24:46 | Computer Name = CRAZY-BOB | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 944452F63528 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 19/08/2011 10:33:58 | Computer Name = CRAZY-BOB | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 19/08/2011 10:34:56 | Computer Name = CRAZY-BOB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSnx aswSP aswTdi Fips intelppm

Error - 19/08/2011 10:50:19 | Computer Name = CRAZY-BOB | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 19/08/2011 11:07:55 | Computer Name = CRAZY-BOB | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 19/08/2011 11:09:14 | Computer Name = CRAZY-BOB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSnx aswSP aswTdi Fips intelppm

Error - 19/08/2011 11:23:14 | Computer Name = CRAZY-BOB | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >

Thank you
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm

Re: IE8, Firefox and Google Chrome freeze

Unread postby Gary R » August 19th, 2011, 12:41 pm

Please go to Control Panel > Add/Remove Programs and Uninstall the following:

IObit Malware Fighter


This is a program from a company with a proven record of stealing other people's copyrighted material .... http://forums.malwarebytes.org/index.ph ... opic=29681

Reboot your computer when finished.

Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
PRC - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/07/20 12:19:44 | 004,393,816 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
PRC - [2011/05/28 14:46:56 | 003,380,624 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASC.exe
PRC - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/03/22 13:37:56 | 001,644,376 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
MOD - [2011/07/22 05:54:14 | 000,862,720 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\Scan.dll
MOD - [2011/06/23 13:41:30 | 000,138,752 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll
MOD - [2011/05/28 14:46:58 | 000,846,736 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\Scan.dll
MOD - [2011/05/28 14:46:58 | 000,561,184 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\sqlite3.dll
MOD - [2011/05/28 14:46:58 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\madexcept_.bpl
MOD - [2011/05/28 14:46:58 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\madbasic_.bpl
MOD - [2011/05/28 14:46:58 | 000,055,184 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\NtfsData.dll
MOD - [2011/05/28 14:46:58 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\maddisAsm_.bpl
MOD - [2011/05/28 14:46:56 | 000,596,368 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\DiskMap.dll
MOD - [2011/02/08 18:26:38 | 000,042,496 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2010/11/26 12:18:08 | 000,175,616 | ---- | M] () -- C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
MOD - [2009/09/15 18:20:50 | 000,177,152 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\madbasic_.bpl
MOD - [2009/09/15 18:20:50 | 000,044,544 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\maddisAsm_.bpl
MOD - [2009/09/15 18:20:44 | 000,345,088 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\madexcept_.bpl
SRV - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
DRV - [2011/07/11 14:40:46 | 000,239,600 | ---- | M] () [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/03/23 01:00:08 | 000,016,080 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 01:00:06 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2011/02/23 17:04:30 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKU\S-1-5-21-1409082233-1767777339-682003330-1003..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FA5F15C4

:files
C:\Documents and Settings\Cragdo\Application Data\searchquband
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\IObit Malware Fighter
C:\Documents and Settings\Cragdo\Local Settings\Application Data\Ilivid Player
C:\Documents and Settings\Cragdo\Application Data\searchqutoolbar
C:\Documents and Settings\All Users\Application Data\IObit
C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
C:\Documents and Settings\Cragdo\Application Data\IObit
C:\Documents and Settings\Craig\Application Data\IObit
C:\Program Files\IObit

:Commands
[emptytemp]
[emptyflash]
[resethosts]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Next

I see you have previously run Combofix on your computer, I'd like to see the log it created, you'll find it at C:\Combofix.txt

Next

I see you have Malwarebytes Anti-Malware installed ....

  • Click on the Malwarebytes' Anti-Malware icon to launch the programme.
    • Click the Updates tab.
      • Click Check for Updates and allow the programme to download the latest definitions.
    • Click the Scanner tab.
      • Check Perform Quick Scan.
      • Click Scan and wait for the scan to complete.
      • When the scan is complete, click OK, then Show Results.
      • Check all items except items in the C:\System Volume Information folder and click on Remove Selected.
        • A box will pop-up telling you that files have been quarantined.
        • A log will pop-up.
      • Post the log in your next reply please.

Next

Please download SystemLook from one of the links below and save it to your Desktop.

For 32 bit Systems
Download Mirror #1
Download Mirror #2


  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
Code: Select all
:filefind
*Fun4IM*
*Bandoo*
*Searchqu*
*iLivid*
*whitesmoke*
*datamngr*
*trolltech*

:folderfind
*Fun4IM*
*Bandoo*
*Searchqu*
*iLivid*
*whitesmoke*
*datamngr*
*trolltech*

:Regfind
Fun4IM
Bandoo
Searchqu
iLivid
whitesmoke
datamngr
kelkoopartners
trolltech


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Summary of the logs I need from you in your next post:
  • OTL log
  • Combofix log (if available)
  • MBAM log
  • SystemLook log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 1:54 pm

OTL Log:

All processes killed
========== OTL ==========
No active process named IMFsrv.exe was found!
No active process named IMF.exe was found!
No active process named ASC.exe was found!
No active process named PMonitor.exe was found!
No active process named ASCTray.exe was found!
No active process named ASCService.exe was found!
No active process named SmartDefrag.exe was found!
Error: No service named IMFservice was found to stop!
Service\Driver key IMFservice not found.
File C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe not found.
Service AdvancedSystemCareService stopped successfully!
Service AdvancedSystemCareService deleted successfully!
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe moved successfully.
Error: No service named FileMonitor was found to stop!
Service\Driver key FileMonitor not found.
File C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys not found.
Error: No service named UrlFilter was found to stop!
Service\Driver key UrlFilter not found.
File C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys not found.
Error: No service named RegFilter was found to stop!
Service\Driver key RegFilter not found.
File C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys not found.
Service SmartDefragDriver stopped successfully!
Service SmartDefragDriver deleted successfully!
C:\WINDOWS\system32\drivers\SmartDefragDriver.sys moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IObit Malware Fighter not found.
File C:\Program Files\IObit\IObit Malware Fighter\IMF.exe not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 4 deleted successfully.
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:FA5F15C4 deleted successfully.
========== FILES ==========
C:\Documents and Settings\Cragdo\Application Data\searchquband folder moved successfully.
File\Folder C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\IObit Malware Fighter not found.
C:\Documents and Settings\Cragdo\Local Settings\Application Data\Ilivid Player folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\searchqutoolbar\weather folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\searchqutoolbar\coupons folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\searchqutoolbar folder moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit\IObit Security 360 folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Smart Defrag 2 folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\IObit Uninstaller folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced Uninsataller\log folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced Uninsataller folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\Toolbox folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\Startup Manager folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\SmartRAM folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\PMonitor folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\Log folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\EmptyFolder folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\Driver Manager\DriverBackup folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\Driver Manager folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\DiskCheck folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4\Backup folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\Cragdo\Application Data\IObit folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit\SmartRAM folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit\IObit SmartDefrag folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit\InternetBooster folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit\Advanced Uninsataller\log folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit\Advanced Uninsataller folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\Craig\Application Data\IObit folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\Skins\White folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\Skins\Black folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\Skins folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\Log folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\LatestNews folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\Language folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\Help\Images folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\Help folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers\wxp_x86 folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers\wxp_x64 folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers\wnet_x86 folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers\wnet_x64 folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers\wlh_x86 folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers\wlh_x64 folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers\win7_x86 folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers\win7_x64 folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2\drivers folder moved successfully.
C:\Program Files\IObit\Smart Defrag 2 folder moved successfully.
C:\Program Files\IObit\IObit SmartDefrag\language folder moved successfully.
C:\Program Files\IObit\IObit SmartDefrag folder moved successfully.
C:\Program Files\IObit\IObit Security 360\Update folder moved successfully.
C:\Program Files\IObit\IObit Security 360\Quarantine Zone folder moved successfully.
C:\Program Files\IObit\IObit Security 360\Downloaded folder moved successfully.
C:\Program Files\IObit\IObit Security 360 folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\Update folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Wood\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Wood\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Wood\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Wood\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Wood folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\White\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\White\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\White\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\White\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\White folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Public\upgrade folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Public\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Public folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Office\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Office\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Office\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Office\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Office folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Metal\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Metal\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Metal\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Metal\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Metal folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Maya\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Maya\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Maya\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Maya\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Maya folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Flat\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Flat\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Flat\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Flat\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Flat folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Default\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Default\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Default\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Default\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Default folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Cute\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Cute\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Cute\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Cute\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Cute folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\China\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\China\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\China\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\China\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\China folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Blue\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Blue\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Blue\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Blue\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Blue folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Black\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Black\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Black\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Black\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Black folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Asia\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Asia\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Asia\css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Asia\appimages folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI\Asia folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\UI folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\Toolbox_UI\js folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\Toolbox_UI\img folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\Toolbox_UI folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\Toolbox_Language folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\SecurityHoles_Download folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\LatestNews folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\Language folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4\Freeware folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 4 folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Update\Skin\White folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Update\Skin\Black folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Update\Skin folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Update folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Bak folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3 folder moved successfully.
C:\Program Files\IObit folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 2872 bytes

User: Administrator.CRAIG-69AB0C3CD
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes

User: Administrator.CRAZY-BOB
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: All Users

User: All Users.WINDOWS

User: Cragdo
->Temp folder emptied: 5563843 bytes
->Temporary Internet Files folder emptied: 20001335 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 504 bytes

User: Craig
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 116457118 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: CRAIG-69AB0C3CD

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 343 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402044 bytes
%systemroot%\System32 .tmp files removed: 22231569 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 83171 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23410230 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 188.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: Administrator.CRAIG-69AB0C3CD
->Flash cache emptied: 0 bytes

User: Administrator.CRAZY-BOB
->Flash cache emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: Cragdo
->Flash cache emptied: 0 bytes

User: Craig
->Flash cache emptied: 0 bytes

User: CRAIG-69AB0C3CD

User: Default User
->Flash cache emptied: 0 bytes

User: Default User.WINDOWS
->Flash cache emptied: 0 bytes

User: LocalService

User: LocalService.NT AUTHORITY
->Flash cache emptied: 0 bytes

User: NetworkService

User: NetworkService.NT AUTHORITY

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.26.5 log created on 08192011_181607

Files\Folders moved on Reboot...
C:\Documents and Settings\Cragdo\Local Settings\Temp\~DF9523.tmp moved successfully.
C:\Documents and Settings\Cragdo\Local Settings\Temporary Internet Files\Content.IE5\CUDR6MSH\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Cragdo\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_550.dat not found!
File\Folder C:\WINDOWS\temp\ZLT04256.TMP not found!

Registry entries deleted on Reboot...
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 1:55 pm

MBAM Log:

oMalwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7509

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

19/08/2011 18:31:02
mbam-log-2011-08-19 (18-31-02).txt

Scan type: Quick scan
Objects scanned: 267002
Time elapsed: 1 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 1:56 pm

SystemLook Log:
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 1:56 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 18:47 on 19/08/2011 by Cragdo
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM*"
No files found.

Searching for "*Bandoo*"
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\bandoocode.js --a---- 24210 bytes [12:30 31/05/2011] [12:30 31/05/2011] E2B3734A723FB575F4168B48552793BE
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\bandoocode.js --a---- 30447 bytes [12:30 31/05/2011] [12:30 31/05/2011] 06ED4E13216E83D78D1659907C48C7D2
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\bandoo.css --a---- 8308 bytes [12:30 31/05/2011] [12:30 31/05/2011] D98167EFDC45E8EC6F4769791A15CE36
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\bandoocode.js --a---- 24210 bytes [12:30 31/05/2011] [12:30 31/05/2011] E2B3734A723FB575F4168B48552793BE
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\bandoocode.js --a---- 30447 bytes [12:30 31/05/2011] [12:30 31/05/2011] 06ED4E13216E83D78D1659907C48C7D2
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\bandoo.css --a---- 8308 bytes [12:30 31/05/2011] [12:30 31/05/2011] D98167EFDC45E8EC6F4769791A15CE36
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\bandoocode.js --a---- 24210 bytes [12:30 31/05/2011] [12:30 31/05/2011] E2B3734A723FB575F4168B48552793BE
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\bandoocode.js --a---- 30447 bytes [12:30 31/05/2011] [12:30 31/05/2011] 06ED4E13216E83D78D1659907C48C7D2
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\bandoo.css --a---- 8308 bytes [12:30 31/05/2011] [12:30 31/05/2011] D98167EFDC45E8EC6F4769791A15CE36

Searching for "*Searchqu*"
C:\Documents and Settings\Cragdo\Favorites\MalWare Removal • View topic - Help!cant get rid of searchqu browser homepage.url --a---- 299 bytes [00:08 07/08/2011] [15:26 19/08/2011] 3BA485FD144302FCFE445FA8FBE1FFEA

Searching for "*iLivid*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
No files found.

Searching for "*trolltech*"
No files found.

========== folderfind ==========

Searching for "*Fun4IM*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchqu*"
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\searchqutoolbar d------ [08:47 04/08/2011]
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\searchqutoolbar d------ [08:47 04/08/2011]
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\searchqutoolbar d------ [08:47 04/08/2011]
C:\_OTL\MovedFiles\08192011_181607\C_Documents and Settings\Cragdo\Application Data\searchquband d------ [22:51 06/08/2011]
C:\_OTL\MovedFiles\08192011_181607\C_Documents and Settings\Cragdo\Application Data\searchqutoolbar d------ [17:16 19/08/2011]

Searching for "*iLivid*"
C:\_OTL\MovedFiles\08192011_181607\C_Documents and Settings\Cragdo\Local Settings\Application Data\Ilivid Player d------ [08:47 04/08/2011]

Searching for "*whitesmoke*"
No folders found.

Searching for "*datamngr*"
C:\Documents and Settings\Cragdo\AppData\LocalLow\DataMngr d------ [22:51 06/08/2011]

Searching for "*trolltech*"
No folders found.

========== Regfind ==========

Searching for "Fun4IM"
No data found.

Searching for "Bandoo"
No data found.

Searching for "Searchqu"
[HKEY_CURRENT_USER\Software\AVAST Software\WRC\RatingStorage\searchqu.com]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&appid=102&systemid=406&qu={searchTerms}&ft=json"
[HKEY_CURRENT_USER\Software\searchqutoolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\CurVer]
@="SearchQUIEHelper.UrlHelper.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\1.0]
@="SearchQUIEBHO 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&appid=102&systemid=406&qu={searchTerms}&ft=json"
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\AVAST Software\WRC\RatingStorage\searchqu.com]
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&appid=102&systemid=406&qu={searchTerms}&ft=json"
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\searchqutoolbar]

Searching for "iLivid"
[HKEY_CURRENT_USER\Software\ilivid]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files\iLivid]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files\iLivid]
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\ilivid]
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files\iLivid]
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files\iLivid]

Searching for "whitesmoke"
No data found.

Searching for "datamngr"
[HKEY_CURRENT_USER\Software\DataMngr_Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{04E08365-DB61-4DCE-9275-53D867193C02}]
"AppPath"="C:\PROGRA~1\WI371A~1\Datamngr\ToolBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}]
"AppPath"="C:\PROGRA~1\WI371A~1\Datamngr\ToolBar"
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\DataMngr_Toolbar]

Searching for "kelkoopartners"
No data found.

Searching for "trolltech"
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.3\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech]
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.3\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]

-= EOF =-
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 1:57 pm

I'm afraid I couldn't locate a combofix log. sorry about that.

Do you want me to run it again?

Thanks
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm

Re: IE8, Firefox and Google Chrome freeze

Unread postby Gary R » August 19th, 2011, 5:29 pm

Still work to do ....

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:Files
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\searchqutoolbar
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\searchqutoolbar
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\searchqutoolbar
C:\Documents and Settings\Cragdo\AppData\LocalLow\DataMngr
C:\PROGRA~1\WI371A~1\Datamngr\ToolBar

:Reg
[-HKEY_CURRENT_USER\Software\AVAST Software\WRC\RatingStorage\searchqu.com]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"=-
[-HKEY_CURRENT_USER\Software\searchqutoolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\1.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"=-
[-HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\AVAST Software\WRC\RatingStorage\searchqu.com]
[HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"=-
[-HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\searchqutoolbar]
[-HKEY_CURRENT_USER\Software\ilivid]
[-HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files\iLivid]
[-HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files\iLivid]
[-HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\ilivid]
[-HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files\iLivid]
[-HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files\iLivid]
[-HKEY_CURRENT_USER\Software\DataMngr_Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{04E08365-DB61-4DCE-9275-53D867193C02}]
"AppPath"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}]
"AppPath"=-
[-HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\DataMngr_Toolbar]
[-HKEY_CURRENT_USER\Software\Trolltech]
[-HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

No worry about the Combofix log, I only wanted to see what it had removed, if you don't have the log, no problem .... DO NOT RUN COMBOFIX AGAIN UNLESS I ASK YOU TO.

Next

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on: Image
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log in your next reply please.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)

Summary of the logs I need from you in your next post:
  • Latest OTL log
  • E-Set log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 8:06 pm

LAtest OTL log:

========== FILES ==========
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\js folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2 folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\com.djboxservice.dj.DJBox folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\js folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2 folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\com.djboxservice.dj.DJBox folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\js folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\images folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\css folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2 folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\com.djboxservice.dj.DJBox folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\pquvytyu.Surfing\searchqutoolbar folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\s3m9flsx.Umbraco\searchqutoolbar folder moved successfully.
C:\Documents and Settings\Craig\Application Data\Mozilla\Firefox\Profiles\tmenrw4q.default\searchqutoolbar folder moved successfully.
C:\Documents and Settings\Cragdo\AppData\LocalLow\DataMngr folder moved successfully.
File\Folder C:\PROGRA~1\WI371A~1\Datamngr\ToolBar not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\AVAST Software\WRC\RatingStorage\searchqu.com\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\\SuggestionsURL_JSON deleted successfully.
Registry key HKEY_CURRENT_USER\Software\searchqutoolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\1.0\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\\SuggestionsURL_JSON deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\AVAST Software\WRC\RatingStorage\searchqu.com\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\\SuggestionsURL_JSON not found.
Registry key HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\searchqutoolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\ilivid\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files\iLivid\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files\iLivid\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\ilivid\ not found.
Registry key HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files\iLivid\ not found.
Registry key HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files\iLivid\ not found.
Registry key HKEY_CURRENT_USER\Software\DataMngr_Toolbar\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{04E08365-DB61-4DCE-9275-53D867193C02}\\AppPath deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\\AppPath deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\DataMngr_Toolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\Trolltech\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1409082233-1767777339-682003330-1003\Software\Trolltech\ not found.

OTL by OldTimer - Version 3.2.26.5 log created on 08192011_230009
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm

Re: IE8, Firefox and Google Chrome freeze

Unread postby Cragdo » August 19th, 2011, 8:07 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=b904730ef883e84b97f1ed610ce637a7
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-08-19 11:59:50
# local_time=2011-08-20 12:59:50 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 50912057 50912057 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 286 286 0 0
# compatibility_mode=9217 16777214 75 62 582033 13389847 0 0
# scanned=229712
# found=1
# cleaned=0
# scan_time=5857
C:\Program Files\Web CEO\Cache\PageScanCache\{B5BA31D6-F2A4-4E9E-90AB-B29FE0F31DB0} HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
Cragdo
Active Member
 
Posts: 14
Joined: August 14th, 2011, 9:03 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 296 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware