Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Browsers/Win Explorer stop responding

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Browsers/Win Explorer stop responding

Unread postby billflyer » March 20th, 2014, 1:50 pm

I am getting a large number of "web page not responding" and browser not responding occurrences, in both IE and Firefox. Also occasional "Windows Explorer has Stopped Working" messages. This may not be related, but on bootup I am now getting "3rd Master Hard Disk Error; Press F1 to Continue." I have run the SpinrRite disk utility, Malwarebytes, Adaware, Spybot and CCCleaner. In checking my IE Add-Ons, I have found "PasswordBox Helper." The "Disable" button is greyed out. The program is not listed in my "Programs" list. Thanks for your help....

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16540 BrowserJavaVersion: 10.51.2
Run by Bill at 13:16:59 on 2014-03-20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3199.959 [GMT -4:00]
.
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Constant Guard Protection Suite\IDVault.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Security Suite\Engine\21.1.0.18\N360.exe
C:\Program Files\PasswordBox\pbbtnService.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Norton Security Suite\Engine\21.1.0.18\N360.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Eraser\Eraser.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Bill\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.usatoday.com/
uSearch Bar = Preserve
uURLSearchHooks: <No Name>: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - c:\program files\fromdoctopdf_65\bar\1.bin\65SrcAs.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - c:\program files\passwordbox\application\pbbtn.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\21.1.0.18\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\21.1.0.18\ips\IPSBHO.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll
BHO: Toolbar BHO: {a235e1e3-6296-4710-af39-104a7faa6c7c} - c:\program files\fromdoctopdf_65\bar\1.bin\65bar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Search Assistant BHO: {f236ca79-3123-4afb-9f74-e98117ad5625} - c:\program files\fromdoctopdf_65\bar\1.bin\65SrcAs.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll
TB: FromDocToPDF: {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - c:\program files\fromdoctopdf_65\bar\1.bin\65bar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\21.1.0.18\CoIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\bill\appdata\roaming\micros~1\windows\startm~1\programs\startup\minire~1.lnk - c:\users\bill\minireminder\MiniReminder.exe
StartupFolder: c:\users\bill\appdata\roaming\microsoft\windows\start menu\programs\startup\PowerReg Scheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\consta~1.lnk - c:\program files\constant guard protection suite\IDVault.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{DCFA4C77-51AB-4634-A61A-347C681EEA7A} : DHCPNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\17.3.0\ViProtocol.dll
LSA: Authentication Packages = msv1_0 relog_ap
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bill\appdata\roaming\mozilla\firefox\profiles\qyld9u17.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.usatoday.com/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\17.3.0\npsitesafety.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\fromdoctopdf_65\bar\1.bin\NP65Stub.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1501000.012\SymDS.sys [2013-11-29 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1501000.012\SymEFA.sys [2013-11-29 935512]
R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [2013-5-11 80104]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [2007-10-29 4064]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-8-24 37664]
R1 BHDrvx86;BHDrvx86;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\bashdefs\20140214.001\BHDrvx86.sys [2014-2-18 1098968]
R1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\n360\1501000.012\ccSetx86.sys [2013-11-29 127064]
R1 IDSVix86;IDSVix86;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\ipsdefs\20140319.001\IDSvix86.sys [2014-3-20 395992]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1501000.012\Ironx86.sys [2013-11-29 206936]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1501000.012\symtdiv.sys [2013-11-29 383576]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\adobe\elements 10 organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2013-5-11 21504]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-5-1 181544]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2010-10-27 145920]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files\hp\common\HPSupportSolutionsFrameworkService.exe [2014-2-5 47416]
R2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\lavasoft\ad-aware antivirus\ad-aware antivirus\11.1.5354.0\AdAwareService.exe [2014-1-23 651232]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\21.1.0.18\N360.exe [2013-11-29 264360]
R2 PasswordBox;PasswordBox;c:\program files\passwordbox\pbbtnService.exe [2013-11-1 67584]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2013-8-25 1153368]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files\common files\avg secure search\vtoolbarupdater\17.3.0\ToolbarUpdater.exe [2014-1-14 1772056]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-12-2 108120]
R3 keycrypt;keycrypt;c:\windows\system32\drivers\KeyCrypt32.sys [2013-5-11 24760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 HP DS Service;HP DS Service;c:\program files\hp\hpbdsservice\HPBDSService.exe [2010-10-27 13824]
S3 HPFXBULKLEDM;HPFXBULKLEDM;c:\windows\system32\drivers\hppcbulkio.sys [2013-10-7 20504]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-3-11 40776]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
S4 IDVaultSvc;CGPS Service;c:\program files\constant guard protection suite\IDVaultSvc.exe [2013-5-8 64040]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-1-18 383264]
.
=============== Created Last 30 ================
.
2014-03-19 00:45:57 -------- d-----w- c:\users\bill\appdata\local\Windows Live
2014-03-19 00:45:56 -------- d-----w- c:\program files\common files\Windows Live
2014-03-19 00:45:20 754688 ----a-w- c:\windows\system32\webservices.dll
2014-03-16 16:58:21 -------- d-----w- c:\users\bill\appdata\local\Roxio
2014-03-16 16:49:43 -------- d-----w- c:\windows\system32\DLA
2014-03-13 13:42:01 421376 ----a-w- c:\windows\system32\vbscript.dll
2014-03-13 13:42:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-03-13 13:42:01 149744 ----a-w- c:\program files\internet explorer\sqmapi.dll
2014-03-13 13:42:00 768512 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2014-03-13 13:42:00 194560 ----a-w- c:\program files\internet explorer\IEShims.dll
2014-03-12 20:43:02 -------- d-----w- c:\users\bill\appdata\local\HP
2014-03-12 17:40:48 187960 ----a-w- c:\windows\system32\hppscancoins32.dll
2014-03-12 17:40:18 -------- d-----w- C:\LJ_100_Color_M175_MFP
2014-03-12 15:33:51 -------- d-----w- c:\program files\CCleaner
2014-03-12 08:06:21 2050560 ----a-w- c:\windows\system32\win32k.sys
2014-03-12 08:06:20 505344 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 08:06:18 876032 ----a-w- c:\windows\system32\wer.dll
2014-03-12 08:06:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-12 00:29:36 -------- d-----w- c:\program files\common files\Lavasoft
2014-03-11 16:11:08 -------- d-----w- c:\users\bill\appdata\roaming\LavasoftStatistics
2014-03-11 15:53:13 -------- d-----w- c:\program files\Lavasoft
2014-03-11 15:22:05 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-03-09 16:31:07 -------- d-----w- c:\users\bill\appdata\local\LogMeIn Rescue Applet
2014-03-09 16:30:52 -------- d-----w- c:\users\bill\appdata\local\Deployment
2014-03-02 16:48:26 -------- d-----w- c:\program files\iPod
2014-03-02 16:48:25 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-02 16:48:25 -------- d-----w- c:\program files\iTunes
2014-02-26 15:53:56 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-02-26 15:53:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2014-02-26 15:15:32 -------- d-----w- c:\windows\Migration
.
==================== Find3M ====================
.
2014-03-11 21:58:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 21:58:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-23 05:47:19 1806848 ----a-w- c:\windows\system32\jscript9.dll
2014-02-23 05:40:18 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-02-23 05:39:28 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-23 05:38:08 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-02-13 12:46:44 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2014-01-25 01:10:18 499712 ----a-w- c:\windows\system32\msvcp71.dll
2014-01-25 01:10:18 348160 ----a-w- c:\windows\system32\msvcr71.dll
2014-01-17 21:24:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2014-01-17 21:24:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 13:18:20.90 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/20/2007 7:46:32 PM
System Uptime: 3/20/2014 11:55:32 AM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5LD2
Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz | Socket 775 | 2404/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 97.745 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 781.631 GiB free.
G: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0000
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter
PNP Device ID: ROOT\*6TO4MP\0000
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
2007 Microsoft Office system
32 Bit HP CIO Components Installer
Acronis True Image Home
Ad-Aware Antivirus
AdAwareInstaller
AdAwareUpdater
Adobe AIR
Adobe Community Help
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Photoshop Elements 10
Adobe Photoshop.com Inspiration Browser
Adobe Reader X (10.1.9)
Adobe Shockwave Player 12.0
Adobe Type Manager 4.0
Amazon Cloud Player
AntiLogger SDK version 1.5.6.849
AntimalwareEngine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics DiskDefrag
Bonjour
Browntech Image Plugin 1.98
Bullzip PDF Printer 10.1.0.1871
CCleaner
Constant Guard Protection Suite
ConverterLite 1.6.3
Coupon Printer for Windows
DivX Content Uploader
DivX Converter
DivX Setup
DivX Web Player
Elements 10 Organizer
Eraser 6.0.10.2620
Family Tree Maker 2006
Free FLV Converter V 7.6.0
FromDocToPDF Internet Explorer Toolbar
FTMVistaUpdater
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP FWUpdateEDO3
HP LaserJet 100 color MFP M175
HP LJ100 M175 HP Scan
HP Support Solutions Framework
HP Update
hpbDSService
hpbM175DSService
HPLaserJet100ColorMFPM175_HelpLearnCenter_SI
HPLJUT
hppLaserJetService
hppM175LaserJetService
InstanceFinder
iTunes
Java 7 Update 51
Java Auto Updater
LightScribe 1.8.15.1
LiveUpdate 3.2 (Symantec Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MiniReminder
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nikon Message Center
Nikon Transfer
Norton Security Suite
NVIDIA 3D Vision Driver 311.06
NVIDIA Control Panel 311.06
NVIDIA Display Control Panel
NVIDIA Graphics Driver 311.06
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
Picture Control Utility
PowerDVD
PSE10 STI Installer
PVSonyDll
Quicken 2013
QuickTime 7
Readiris Pro 12
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Seagate Manager Installer
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
Spybot - Search & Destroy
swMSM
ToolboxProxy
UBitMenu UK
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
ViewNX
Zinio Alert Messenger
Zinio Reader 4
.
==== End Of File ===========================
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm
Advertisement
Register to Remove

Re: Browsers/Win Explorer stop responding

Unread postby Gary R » March 21st, 2014, 2:19 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Browsers/Win Explorer stop responding

Unread postby Gary R » March 21st, 2014, 2:30 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi billflyer

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Vista, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


Please download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window, click ok to the prompt.
  • Please post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[R1].txt.

PLEASE DO NOT ATTEMPT TO "CLEAN" ANYTHING AT THIS STAGE.

Next ...

  • Download FRST to your Desktop.
  • Double click Frst.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

Next ...

Please download SystemLook from the link below and save it to your Desktop.

For 32 bit Systems

  • Double-click SystemLook.exe to run it.
  • Copy and paste the contents of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *babylon*
    *conduit*
    
    :folderfind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *babylon*
    *conduit*
    
    :Regfind
    Fun4IM
    Bandoo
    Searchnu
    Searchqu
    iLivid
    whitesmoke
    datamngr
    kelkoopartners
    trolltech
    babylon
    conduit
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan.
  • Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Summary of the logs I need from you in your next post:
  • AdwCleaner[R1].txt
  • FRST.txt
  • Addition.txt
  • SystemLook.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 21st, 2014, 11:00 am

# AdwCleaner v3.022 - Report created 21/03/2014 at 10:21:50
# Updated 13/03/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Bill - BILL-PC
# Running from : C:\Users\Bill\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater17.3.0

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\Ask.xml
File Found : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\safesearch.xml
Folder Found : C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\65ffxtbr@FromDocToPDF_65.com
Folder Found C:\Program Files\AVG SafeGuard toolbar
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\FromDocToPDF_65
Folder Found C:\Program Files\SearchProtect
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\Browser Manager
Folder Found C:\Users\Bill\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\Bill\AppData\Local\AVG Secure Search
Folder Found C:\Users\Bill\AppData\Local\FromDocToPDF_65
Folder Found C:\Users\Bill\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\Bill\AppData\LocalLow\boost_interprocess
Folder Found C:\Users\Bill\AppData\LocalLow\FromDocToPDF_65
Folder Found C:\Users\Bill\AppData\LocalLow\iac
Folder Found C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\FromDocToPDF_65
Folder Found C:\Users\Bill\AppData\Roaming\OpenCandy
Folder Found C:\Windows\system32\SearchProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\FromDocToPDF_65
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FromDocToPDF_65bar Uninstall Internet Explorer
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F236CA79-3123-4AFB-9F74-E98117AD5625}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F236CA79-3123-4AFB-9F74-E98117AD5625}
Key Found : HKCU\Software\SmartBar
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{017D68F2-19B3-41AE-9D8A-8B09DBD25479}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2BD4465D-669A-42E6-B449-636B0B10EBB8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3700B685-D795-4E17-9B78-73BCEE5D4086}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E6260AC-BC6F-44B4-942B-1568C367543A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{504B4AA9-9952-4490-B0E1-80A5321C35F7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{72D05120-DF65-4C27-921E-899B5267FEF2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A0CF6CB9-2276-4F30-B841-05A67067ACE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE84501A-2CB6-41D6-B3A7-9679BDBDFA0B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AFA196F4-80E5-47AD-B7BC-C671487D36FB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B7FD68F7-D28B-431E-9EE8-E45D915B7F17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD1D181E-C654-4CA5-9D09-B3648537FD7D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F236CA79-3123-4AFB-9F74-E98117AD5625}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F96EE2EF-FE15-4878-AECD-BC367F12C70F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ThirdPartyInstaller
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ThirdPartyInstaller.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.UrlAlertButton
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.UrlAlertButton.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.XMLSessionPlugin
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.XMLSessionPlugin.1
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2C9D27D8-C81E-4968-8026-E725E01650C1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BB1BA04-1B88-4690-9AD3-0D38412F5FF1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3EFEC319-72E8-42AA-AC38-8CF8A0661CDD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{542EAC56-BF4B-46A7-943E-0A4C2CBA34EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6191571E-F7EE-47C3-B229-2DFAC70DB5D2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74C02D12-FAEE-4834-80D2-5B7D2480AD61}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{840AE8AE-D547-433E-985C-6BF6C74F5084}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A85ACA7E-5CD2-461B-877A-994CCCCF491C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BF6FDBB8-7CD5-402D-AB4F-E4F13D3490C8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Found : HKLM\Software\FromDocToPDF_65
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{701F5C41-BB30-46DA-A56B-68784B0B762B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3B975A0-F679-444E-9D94-6D292FA53140}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D97143C2-4282-496B-BDC4-7EC852F1497C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F236CA79-3123-4AFB-9F74-E98117AD5625}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2BD4465D-669A-42E6-B449-636B0B10EBB8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Firefox
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Internet Explorer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@FromDocToPDF_65.com/Plugin
Key Found : HKLM\Software\SearchProtect
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16540


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\prefs.js ]

Line Found : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP4FDE508E-E38C-40C7-80F1-1288A0E3A346");
Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Found : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Found : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Found : user_pref("extensions.helperbar.Visibility", false);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":221359615,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221359616,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.firstKnownVersion", "5.71.2.65464");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=2F5F6DF8-8D56-4ED4-8C54-CEEC3A7188A8&n=77fdcab9&p2=^Y6^xdm003^YYA^us&si=CMTC-uOTgLsCFU7xOgodOEAA0[...]
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.hp.user.defined", true);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", "");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2013121209");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm003^YYA^us");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CMTC-uOTgLsCFU7xOgodOEAA0w");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "2F5F6DF8-8D56-4ED4-8C54-CEEC3A7188A8");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.isCompliantUninstallImplementation", true);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1395332974834");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.lastKnownVersion", "6.20.3.33692");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", false);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.searchHistory", "cum shots||||beatles washington dc");
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.toolbarCollapsed", true);
Line Found : user_pref("extensions.toolbar.mindspark._65Members_.weather.location", "01085");
Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");

*************************

AdwCleaner[R0].txt - [17658 octets] - [21/03/2014 10:21:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [17719 octets] ##########
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 21st, 2014, 11:01 am

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Bill (administrator) on BILL-PC on 21-03-2014 10:51:11
Running from C:\Users\Bill\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(White Sky, Inc.) C:\Program Files\Constant Guard Protection Suite\IDVault.exe
(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\21.1.0.18\N360.exe
(PasswordBox, Inc.) C:\Program Files\PasswordBox\pbbtnService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Bill\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Nikon Corporation) C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [MaxMenuMgr] - C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [] - [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: J - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {1af045ce-188d-11e3-a741-0017317cb150} - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {276f0f5b-bda8-11e2-bad6-0017317cb150} - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {86f3298b-2f7b-11e3-97d9-0017317cb150} - J:\Autorun.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1004\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MiniReminder.lnk
ShortcutTarget: MiniReminder.lnk -> C:\Users\Bill\MiniReminder\MiniReminder.exe ()
Startup: C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.usatoday.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
URLSearchHook: HKCU - (No Name) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
StartMenuInternet: IEXPLORE.EXE -
SearchScopes: HKLM - {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^Y6^xdm003^YYA^us&si=CMTC-uOTgLsCFU7xOgodOEAA0w&ptb=2F5F6DF8-8D56-4ED4-8C54-CEEC3A7188A8&ind=2013112509&n=77fda8bd&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx? ... 0E3A346&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=15527&prt=360&chn=S1122&geo=US&ver=20&locale=en_US&tpr=111
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO: Toolbar BHO - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Search Assistant BHO - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - FromDocToPDF - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default
FF NewTab: hxxp://search.conduit.com/?ctid=CT33222 ... 88A0E3A346
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.usatoday.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @FromDocToPDF_65.com/Plugin - C:\Program Files\FromDocToPDF_65\bar\1.bin\NP65Stub.dll (MindSpark)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2910 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: FromDocToPDF - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\65ffxtbr@FromDocToPDF_65.com [2014-03-13]
FF Extension: Autofill Forms - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\autofillForms@blueimp.net.xpi [2014-03-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.101
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.101 [2014-01-14]
FF HKLM\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files\PasswordBox\Firefox [2013-11-20]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-01]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

========================== Services (Whitelisted) =================

S4 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288 2007-09-14] (Acronis)
R2 AdobeActiveFileMonitor10.0; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [181544 2009-05-01] (Seagate Technology LLC)
S3 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
S4 IDVaultSvc; C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe [64040 2013-05-08] (White Sky, Inc.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [651232 2014-01-23] ()
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2541248 2006-10-31] (Symantec Corporation)
R2 N360; C:\Program Files\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)
R2 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [167936 2005-08-08] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S4 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [492600 2007-09-14] ()
R2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1772056 2014-01-14] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R1 AntiLog32; C:\Windows\system32\drivers\AntiLog32.sys [80104 2013-05-11] (Zemana Ltd.)
R1 ATMhelpr; C:\Windows\system32\Drivers\ATMhelpr.sys [4064 1997-06-17] (Adobe Systems Incorporated)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-20] (AVG Technologies)
R1 BHDrvx86; C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2014-01-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1501000.012\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-30] (Symantec Corporation)
S3 HPFXBULKLEDM; C:\Windows\System32\drivers\hppcbulkio.sys [20504 2011-10-10] (Hewlett Packard)
R1 IDSVix86; C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140320.001\IDSvix86.sys [395992 2014-03-05] (Symantec Corporation)
R0 iteatapi; C:\Windows\System32\drivers\iteatapi.sys [35608 2008-05-14] (ITE Tech. Inc.)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt32.sys [24760 2013-03-07] (Zemana Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-03-11] (Malwarebytes Corporation)
R2 MCSTRM; C:\Windows\system32\Drivers\MCSTRM.sys [8413 2007-04-21] (RealNetworks, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NAVENG; C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140320.025\NAVENG.SYS [93272 2013-11-30] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140320.025\NAVEX15.SYS [1612376 2013-11-30] (Symantec Corporation)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360\1501000.012\SRTSP.SYS [651352 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1501000.012\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1501000.012\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1501000.012\SYMEFA.SYS [935512 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-11-29] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [63576 2013-09-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1501000.012\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1501000.012\SYMTDIV.SYS [383576 2013-09-25] (Symantec Corporation)
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [368736 2007-09-30] (Acronis)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2007-09-30] (Acronis)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [340624 2013-07-17] (BitDefender S.R.L.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-21 10:51 - 2014-03-21 10:51 - 00023302 _____ () C:\Users\Bill\Desktop\FRST.txt
2014-03-21 10:51 - 2014-03-21 10:51 - 00000000 ____D () C:\FRST
2014-03-21 10:49 - 2014-03-21 10:49 - 01145856 _____ (Farbar) C:\Users\Bill\Desktop\FRST.exe
2014-03-21 10:48 - 2014-03-21 10:22 - 00017800 _____ () C:\Users\Bill\Desktop\AdwCleaner[R0].txt
2014-03-21 10:21 - 2014-03-21 10:22 - 00000000 ____D () C:\AdwCleaner
2014-03-21 10:20 - 2014-03-21 10:20 - 01950720 _____ () C:\Users\Bill\Desktop\adwcleaner.exe
2014-03-21 10:18 - 2014-03-21 10:18 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BILL-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-bit).dat
2014-03-21 10:17 - 2014-03-21 10:17 - 00000000 ____D () C:\RegBackup
2014-03-21 10:16 - 2014-03-21 10:16 - 00002016 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-03-21 10:15 - 2014-03-21 10:15 - 03944112 _____ () C:\Users\Bill\Downloads\tweaking.com_registry_backup_setup.exe
2014-03-21 10:15 - 2014-03-21 10:15 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-03-20 11:20 - 2014-03-20 11:20 - 00002892 _____ () C:\Users\Bill\Documents\cc_20140320_112011.reg
2014-03-20 09:42 - 2014-03-20 09:43 - 00030162 _____ () C:\Users\Bill\Documents\cc_20140320_094255.reg
2014-03-18 20:45 - 2014-03-18 20:45 - 00000000 ____D () C:\Users\Bill\AppData\Local\Windows Live
2014-03-18 20:45 - 2014-03-18 20:45 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-03-18 20:45 - 2009-08-04 04:02 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-03-18 11:12 - 2014-03-18 16:20 - 00000000 ____D () C:\Users\Bill\Downloads\SpinRite and burncdcc utility
2014-03-16 12:58 - 2014-03-16 12:58 - 00000000 ____D () C:\Users\Bill\AppData\Local\Roxio
2014-03-16 12:49 - 2014-03-16 19:38 - 00000000 ____D () C:\Windows\system32\DLA
2014-03-16 12:49 - 2014-03-16 13:23 - 00000228 _____ () C:\Windows\wininit.ini
2014-03-16 12:19 - 2014-03-16 12:19 - 00000000 ____D () C:\Users\Bill\Documents\CyberLink
2014-03-13 09:42 - 2014-02-23 01:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 09:42 - 2014-02-23 01:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-13 09:42 - 2014-02-23 01:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 09:42 - 2014-02-23 01:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-13 09:42 - 2014-02-23 01:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 09:41 - 2014-02-23 01:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 09:41 - 2014-02-23 01:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 09:41 - 2014-02-23 01:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 09:41 - 2014-02-23 01:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 09:41 - 2014-02-23 01:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 09:41 - 2014-02-23 01:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 09:41 - 2014-02-23 01:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-13 09:41 - 2014-02-23 01:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 09:41 - 2014-02-23 01:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 09:41 - 2014-02-23 01:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-13 09:41 - 2014-02-23 01:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 16:43 - 2014-03-12 16:43 - 00000000 ____D () C:\Users\Bill\AppData\Local\HP
2014-03-12 13:46 - 2014-03-12 13:46 - 00000000 ____D () C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-03-12 13:40 - 2014-03-12 13:40 - 00000000 ____D () C:\LJ_100_Color_M175_MFP
2014-03-12 13:40 - 2011-05-23 15:33 - 00187960 _____ (Hewlett Packard) C:\Windows\system32\hppscancoins32.dll
2014-03-12 13:40 - 2011-05-23 15:33 - 00003208 _____ () C:\Windows\system32\hppls100.spf
2014-03-12 11:38 - 2014-03-12 11:38 - 00293552 _____ () C:\Users\Bill\Documents\cc_20140312_113841.reg
2014-03-12 11:33 - 2014-03-12 11:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-12 11:32 - 2014-03-12 11:32 - 04429440 _____ (Piriform Ltd) C:\Users\Bill\Downloads\ccsetup404.exe
2014-03-12 10:50 - 2014-03-12 10:51 - 00000075 _____ () C:\Users\Bill\Documents\READ ME.txt
2014-03-12 10:49 - 2014-03-12 10:49 - 00000081 _____ () C:\Users\Bill\Documents\winmail.fol
2014-03-12 10:47 - 2014-03-12 10:47 - 00002855 _____ () C:\Users\Bill\Documents\EmailAddysMarch12_2014.csv
2014-03-12 04:06 - 2014-02-07 06:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 04:06 - 2014-02-03 06:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 04:06 - 2014-01-30 03:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 04:06 - 2013-11-12 20:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-11 20:29 - 2014-03-11 20:29 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-11 12:11 - 2014-03-11 12:11 - 00000000 ____D () C:\Users\Bill\AppData\Roaming\LavasoftStatistics
2014-03-11 11:53 - 2014-03-11 20:30 - 00000000 ____D () C:\Program Files\Lavasoft
2014-03-11 11:49 - 2014-03-11 11:49 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-11 11:48 - 2014-03-11 11:48 - 01727624 _____ () C:\Users\Bill\Downloads\Adaware_Installer.exe
2014-03-11 11:22 - 2014-03-11 11:22 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-03-09 12:31 - 2014-03-10 10:05 - 00000000 ____D () C:\Users\Bill\AppData\Local\LogMeIn Rescue Applet
2014-03-09 12:30 - 2014-03-09 12:31 - 00000000 ____D () C:\Users\Bill\AppData\Local\Deployment
2014-03-09 12:09 - 2014-03-09 12:09 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-03-06 15:41 - 2014-03-06 15:41 - 00001910 _____ () C:\Users\Bill\Desktop\Solitaire.lnk
2014-03-02 12:49 - 2014-03-02 12:49 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 12:48 - 2014-03-02 12:49 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-02 12:48 - 2014-03-02 12:49 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 12:48 - 2014-03-02 12:48 - 00000000 ____D () C:\Program Files\iPod
2014-02-26 11:53 - 2014-02-26 11:53 - 00000000 ____D () C:\Program Files\QuickTime
2014-02-22 10:55 - 2014-02-22 10:55 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-03-21 10:51 - 2014-03-21 10:51 - 00023302 _____ () C:\Users\Bill\Desktop\FRST.txt
2014-03-21 10:51 - 2014-03-21 10:51 - 00000000 ____D () C:\FRST
2014-03-21 10:49 - 2014-03-21 10:49 - 01145856 _____ (Farbar) C:\Users\Bill\Desktop\FRST.exe
2014-03-21 10:32 - 2013-07-04 21:23 - 00000000 ____D () C:\Program Files\Eraser
2014-03-21 10:32 - 2013-05-11 22:07 - 00000000 ____D () C:\Program Files\Constant Guard Protection Suite
2014-03-21 10:22 - 2014-03-21 10:48 - 00017800 _____ () C:\Users\Bill\Desktop\AdwCleaner[R0].txt
2014-03-21 10:22 - 2014-03-21 10:21 - 00000000 ____D () C:\AdwCleaner
2014-03-21 10:21 - 2013-06-06 21:26 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-21 10:20 - 2014-03-21 10:20 - 01950720 _____ () C:\Users\Bill\Desktop\adwcleaner.exe
2014-03-21 10:18 - 2014-03-21 10:18 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BILL-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-bit).dat
2014-03-21 10:17 - 2014-03-21 10:17 - 00000000 ____D () C:\RegBackup
2014-03-21 10:16 - 2014-03-21 10:16 - 00002016 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-03-21 10:15 - 2014-03-21 10:15 - 03944112 _____ () C:\Users\Bill\Downloads\tweaking.com_registry_backup_setup.exe
2014-03-21 10:15 - 2014-03-21 10:15 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-03-21 09:58 - 2013-12-12 17:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-21 09:38 - 2013-05-11 22:08 - 00000000 ____D () C:\Users\Bill\AppData\Roaming\ID Vault
2014-03-21 09:37 - 2006-11-02 06:33 - 00771538 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-21 09:36 - 2006-11-02 08:52 - 01829578 _____ () C:\Windows\WindowsUpdate.log
2014-03-21 09:31 - 2013-06-06 21:26 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-21 09:31 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-21 09:31 - 2006-11-02 08:47 - 00005392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-21 09:31 - 2006-11-02 08:47 - 00005392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 23:34 - 2006-11-02 09:01 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-20 16:12 - 2013-08-08 18:13 - 00000000 ____D () C:\Users\Bill\AppData\Local\CrashDumps
2014-03-20 13:12 - 2007-04-20 23:15 - 00000000 ____D () C:\Users\Bill\Documents\MISCELLANEOUS
2014-03-20 12:46 - 2007-04-20 18:05 - 00002627 _____ () C:\Users\Bill\Desktop\Word.lnk
2014-03-20 11:20 - 2014-03-20 11:20 - 00002892 _____ () C:\Users\Bill\Documents\cc_20140320_112011.reg
2014-03-20 10:59 - 2007-04-21 21:28 - 00000000 ____D () C:\Users\Bill\AppData\Local\Adobe
2014-03-20 09:43 - 2014-03-20 09:42 - 00030162 _____ () C:\Users\Bill\Documents\cc_20140320_094255.reg
2014-03-18 23:33 - 2013-05-11 22:09 - 00000000 ____D () C:\Users\Bill\AppData\Local\ID Vault
2014-03-18 22:21 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
2014-03-18 20:45 - 2014-03-18 20:45 - 00000000 ____D () C:\Users\Bill\AppData\Local\Windows Live
2014-03-18 20:45 - 2014-03-18 20:45 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-03-18 20:44 - 2013-07-24 17:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 20:40 - 2006-11-02 06:24 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-18 20:38 - 2007-04-20 16:52 - 00000000 ___RD () C:\Users\Bill
2014-03-18 16:20 - 2014-03-18 11:12 - 00000000 ____D () C:\Users\Bill\Downloads\SpinRite and burncdcc utility
2014-03-18 14:16 - 2013-11-06 14:02 - 00000460 _____ () C:\Users\Bill\Downloads\READ ME.txt
2014-03-16 19:38 - 2014-03-16 12:49 - 00000000 ____D () C:\Windows\system32\DLA
2014-03-16 19:38 - 2006-11-02 08:47 - 00472272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-16 15:36 - 2007-04-21 13:21 - 00099840 _____ () C:\Users\Bill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-16 15:31 - 2007-04-20 16:52 - 00100656 _____ () C:\Users\Bill\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-16 14:02 - 2007-06-21 20:55 - 00000000 ____D () C:\Program Files\Roxio
2014-03-16 14:02 - 2007-06-21 20:54 - 00000000 ____D () C:\Program Files\Common Files\Roxio Shared
2014-03-16 14:01 - 2007-08-02 19:41 - 00000000 ____D () C:\ProgramData\Roxio
2014-03-16 13:36 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-16 13:23 - 2014-03-16 12:49 - 00000228 _____ () C:\Windows\wininit.ini
2014-03-16 13:23 - 2007-06-21 20:54 - 00001858 _____ () C:\Windows\system32\ROXECDC6Inst.log
2014-03-16 12:58 - 2014-03-16 12:58 - 00000000 ____D () C:\Users\Bill\AppData\Local\Roxio
2014-03-16 12:58 - 2007-06-14 23:29 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-16 12:19 - 2014-03-16 12:19 - 00000000 ____D () C:\Users\Bill\Documents\CyberLink
2014-03-16 12:17 - 2007-06-14 23:29 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-03-15 13:25 - 2007-04-20 18:05 - 00002585 _____ () C:\Users\Bill\Desktop\Excel.lnk
2014-03-15 10:27 - 2013-12-10 10:59 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 09:55 - 2013-11-17 13:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 09:43 - 2007-04-20 16:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 16:43 - 2014-03-12 16:43 - 00000000 ____D () C:\Users\Bill\AppData\Local\HP
2014-03-12 13:47 - 2013-10-07 14:30 - 00000104 _____ () C:\Windows\system32\msiexec.log
2014-03-12 13:47 - 2013-10-07 14:21 - 00000000 ____D () C:\Program Files\HP
2014-03-12 13:47 - 2006-11-02 08:37 - 00000000 ____D () C:\Windows\twain_32
2014-03-12 13:46 - 2014-03-12 13:46 - 00000000 ____D () C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-03-12 13:40 - 2014-03-12 13:40 - 00000000 ____D () C:\LJ_100_Color_M175_MFP
2014-03-12 11:39 - 2013-09-01 10:15 - 00000000 ___RD () C:\Users\Bill\Desktop\Anti Virus
2014-03-12 11:38 - 2014-03-12 11:38 - 00293552 _____ () C:\Users\Bill\Documents\cc_20140312_113841.reg
2014-03-12 11:37 - 2007-04-20 20:41 - 00000000 ____D () C:\Windows\Panther
2014-03-12 11:33 - 2014-03-12 11:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-12 11:32 - 2014-03-12 11:32 - 04429440 _____ (Piriform Ltd) C:\Users\Bill\Downloads\ccsetup404.exe
2014-03-12 10:51 - 2014-03-12 10:50 - 00000075 _____ () C:\Users\Bill\Documents\READ ME.txt
2014-03-12 10:49 - 2014-03-12 10:49 - 00000081 _____ () C:\Users\Bill\Documents\winmail.fol
2014-03-12 10:47 - 2014-03-12 10:47 - 00002855 _____ () C:\Users\Bill\Documents\EmailAddysMarch12_2014.csv
2014-03-11 20:38 - 2007-05-25 23:10 - 00000000 ____D () C:\Users\Bill\AppData\Roaming\Lavasoft
2014-03-11 20:30 - 2014-03-11 11:53 - 00000000 ____D () C:\Program Files\Lavasoft
2014-03-11 20:29 - 2014-03-11 20:29 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-11 17:58 - 2013-12-12 17:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-11 17:58 - 2013-12-12 17:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 13:29 - 2013-11-20 21:40 - 00000000 ____D () C:\Program Files\PasswordBox
2014-03-11 12:11 - 2014-03-11 12:11 - 00000000 ____D () C:\Users\Bill\AppData\Roaming\LavasoftStatistics
2014-03-11 11:49 - 2014-03-11 11:49 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-11 11:48 - 2014-03-11 11:48 - 01727624 _____ () C:\Users\Bill\Downloads\Adaware_Installer.exe
2014-03-11 11:22 - 2014-03-11 11:22 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-03-10 10:05 - 2014-03-09 12:31 - 00000000 ____D () C:\Users\Bill\AppData\Local\LogMeIn Rescue Applet
2014-03-09 14:19 - 2013-12-23 14:50 - 00000000 ____D () C:\Users\Bill\Documents\INVESTING
2014-03-09 12:31 - 2014-03-09 12:30 - 00000000 ____D () C:\Users\Bill\AppData\Local\Deployment
2014-03-09 12:30 - 2007-04-21 13:51 - 00000000 ____D () C:\Users\Bill\AppData\Local\Apps\2.0
2014-03-09 12:09 - 2014-03-09 12:09 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-03-06 15:41 - 2014-03-06 15:41 - 00001910 _____ () C:\Users\Bill\Desktop\Solitaire.lnk
2014-03-06 14:33 - 2013-05-11 21:51 - 00000000 ____D () C:\ProgramData\DivX
2014-03-06 14:33 - 2007-04-21 13:54 - 00000000 ____D () C:\Program Files\DivX
2014-03-02 12:49 - 2014-03-02 12:49 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 12:49 - 2014-03-02 12:48 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-02 12:49 - 2014-03-02 12:48 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 12:48 - 2014-03-02 12:48 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 12:48 - 2007-07-19 20:18 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-02 12:43 - 2007-07-19 20:18 - 00000000 ____D () C:\ProgramData\Apple
2014-02-26 11:53 - 2014-02-26 11:53 - 00000000 ____D () C:\Program Files\QuickTime
2014-02-24 13:26 - 2013-05-11 21:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-23 01:50 - 2014-03-13 09:41 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 01:47 - 2014-03-13 09:41 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 01:43 - 2014-03-13 09:41 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 01:41 - 2014-03-13 09:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 01:40 - 2014-03-13 09:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 01:39 - 2014-03-13 09:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 01:38 - 2014-03-13 09:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 01:38 - 2014-03-13 09:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 01:38 - 2014-03-13 09:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 01:37 - 2014-03-13 09:42 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 01:37 - 2014-03-13 09:41 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 01:37 - 2014-03-13 09:41 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 01:37 - 2014-03-13 09:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 01:36 - 2014-03-13 09:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 01:36 - 2014-03-13 09:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 01:35 - 2014-03-13 09:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-22 15:25 - 2007-04-21 13:46 - 00000000 ____D () C:\Users\Bill\AppData\Local\Google
2014-02-22 10:55 - 2014-02-22 10:55 - 00000000 ____D () C:\Program Files\Mozilla Firefox

Files to move or delete:
====================
C:\Users\Bill\AppData\Roaming\desktop.ini
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-21 09:37

==================== End Of Log ============================
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 21st, 2014, 11:02 am

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Bill at 2014-03-21 10:51:53
Running from C:\Users\Bill\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Norton Security Suite (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
32 Bit HP CIO Components Installer (Version: 8.1.1 - Hewlett-Packard) Hidden
Acronis True Image Home (HKLM\...\{E5343B27-55DF-40BD-9FCF-A643C1331E8A}) (Version: 11.0.8027 - Acronis)
Ad-Aware Antivirus (HKLM\...\{17E73768-9F21-4334-ABE6-CD131031564C}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (Version: 3.07 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Adobe Type Manager 4.0 (HKLM\...\Adobe Type Manager 4.0) (Version: - )
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.2.0.399 - Amazon Services LLC)
AntiLogger SDK version 1.5.6.849 (HKLM\...\{4D46DE30-49FE-4043-99F7-D7E8C06175E0}_is1) (Version: 1.5.6.849 - Zemana Ltd.)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.4.2.0 - Auslogics Labs Pty Ltd)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browntech Image Plugin 1.98 (HKLM\...\{68658FCB-01BB-4980-A7C3-6ADB1E4E0C66}) (Version: 1.98.0000 - BrownTech, Inc.)
Bullzip PDF Printer 10.1.0.1871 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.1.0.1871 - Bullzip)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Constant Guard Protection Suite (HKLM\...\ID Vault) (Version: 1.13.506.3 - Comcast)
ConverterLite 1.6.3 (HKLM\...\ConverterLite) (Version: 1.6.3 - ConverterLite)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated) <==== ATTENTION
DivX Content Uploader (HKLM\...\DivX Content Uploader) (Version: 1.2.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.2.1 - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.3.1 - DivX,Inc.)
Elements 10 Organizer (Version: 10.0 - Adobe Systems Incorporated) Hidden
Eraser 6.0.10.2620 (HKLM\...\{A45C5EC7-F13E-4414-99BE-47373935C0FE}) (Version: 6.0.2620 - The Eraser Project)
Family Tree Maker 2006 (HKLM\...\{F2F4C144-7D1A-47C4-9D53-395A57B0CD64}) (Version: - )
Free FLV Converter V 7.6.0 (HKLM\...\Free FLV Converter_is1) (Version: 7.6.0.0 - Koyote Soft)
FromDocToPDF Internet Explorer Toolbar (HKLM\...\FromDocToPDF_65bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network)
FTMVistaUpdater (HKLM\...\{EE295D30-A10C-44F6-B14C-05E0D99429E4}) (Version: 1.0.0 - Family Tree Maker)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
HP FWUpdateEDO3 (HKLM\...\{A82D0C46-EBDF-4B27-A731-D06EF2056E81}) (Version: 1.0.0.0 - Hewlett-Packard Company)
HP LaserJet 100 color MFP M175 (HKLM\...\{965D0289-10E1-45ec-B11F-A60AC9AE8D4D}) (Version: - Hewlett-Packard)
HP LJ100 M175 HP Scan (Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Support Solutions Framework (HKLM\...\{86FD8326-909D-45F5-BB61-0619D0D31293}) (Version: 11.50.0011 - Hewlett-Packard Company)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
hpbDSService (Version: 001.001.05133 - Hewlett-Packard) Hidden
hpbM175DSService (Version: 001.001.05133 - Hewlett-Packard) Hidden
HPLaserJet100ColorMFPM175_HelpLearnCenter_SI (HKLM\...\{19542156-285B-458C-994D-2A21889001DF}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUT (Version: 1.00.0012 - HP) Hidden
hppLaserJetService (Version: 002.015.00602 - Hewlett-Packard) Hidden
hppM175LaserJetService (Version: 001.014.00480 - Hewlett-Packard) Hidden
InstanceFinder (Version: 1.00.0001 - HP) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LightScribe 1.8.15.1 (Version: 1.8.15.1 - http://www.lightscribe.com) Hidden
LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.26 - Symantec Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniReminder (HKCU\...\MiniReminder) (Version: - )
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.1 - Nikon)
Norton Security Suite (HKLM\...\N360) (Version: 21.1.0.18 - Symantec Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9621 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.2 - Nikon)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.1815.0 - CyberLink Corporation)
PSE10 STI Installer (Version: 10.0 - Adobe Systems Incorporated) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quicken 2013 (HKLM\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Readiris Pro 12 (HKLM\...\{3AC26580-A695-4134-84AE-5121B3AAE545}) (Version: 12.00.5965 - I.R.I.S.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version: - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Seagate Manager Installer (HKLM\...\InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}) (Version: 2.01.0109 - Seagate)
Seagate Manager Installer (Version: 2.01.0109 - Seagate) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
ToolboxProxy (Version: 1.00.0001 - HP) Hidden
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.7.0 - Tweaking.com)
UBitMenu UK (HKLM\...\{C8748FFB-1713-4e95-B3DF-4F1622D96F93}_is1) (Version: 01.04 - UBit Schweiz AG)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.1.1 - Nikon)
Zinio Alert Messenger (HKLM\...\ZinioAlertMessenger.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2570 - Zinio LLC)
Zinio Alert Messenger (Version: 4.0.2570 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.2.3972 - Zinio LLC)
Zinio Reader 4 (Version: 4.2.3972 - Zinio LLC) Hidden

==================== Restore Points =========================

11-03-2014 23:15:16 AA11
12-03-2014 00:28:57 AA11
12-03-2014 17:42:01 Device Driver Package Install: HP Printers
12-03-2014 17:43:11 Device Driver Package Install: Hewlett-Packard Imaging devices
13-03-2014 13:38:45 Windows Update
14-03-2014 18:52:28 Scheduled Checkpoint
16-03-2014 16:11:38 Removed Roxio Easy CD and DVD Burning
16-03-2014 16:44:00 Installed Roxio Easy CD and DVD Burning
16-03-2014 17:04:57 Removed Roxio Easy CD and DVD Burning
16-03-2014 17:18:11 Installed Roxio Easy CD and DVD Burning
16-03-2014 17:25:38 Installed Driver Manager.
16-03-2014 17:36:07 Removed Driver Manager.
16-03-2014 17:56:28 Removed Roxio Easy CD and DVD Burning
18-03-2014 18:10:19 Adobe Shockwave Player Installation
19-03-2014 00:37:12 Windows Update
20-03-2014 15:01:15 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 06:23 - 2013-11-21 10:19 - 00450597 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {009F046B-920C-40BB-A71E-284404F0AACC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {033A0748-A785-4EF7-BFAD-ED67F6B5460B} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Bill => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {0902AEAD-B35E-47BC-AD7F-6F2904280EA9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2625522233-1861614664-436202598-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {264030D0-DA83-4AED-8B36-1DD1ECAF1D6C} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation)
Task: {273D3EFA-61F9-4CB9-A2C0-69192E994220} - System32\Tasks\Microsoft\Windows\RestartManager\{C053A26D-0130-4985-A9AE-C58085722270} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {2CB88EFB-342D-485C-98F5-93730EE6FCC6} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {40FFDF55-5871-4844-893F-65909876721E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2625522233-1861614664-436202598-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {410823F0-4A73-4CD5-885B-E309E7CAB2AF} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2625522233-1861614664-436202598-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {51ED7EF2-E82A-4688-967F-5571F1855F74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-06] (Google Inc.)
Task: {66F6DA08-7608-481F-8E10-77594291DD1C} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {68C0DFDC-C722-4214-BBF1-0CC64A813105} - System32\Tasks\AdobeAAMUpdater-1.0-Bill-PC-Bill => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {6AD8F502-3414-4BAF-89BB-E4FB5EE1BFE5} - System32\Tasks\Microsoft\Windows\RestartManager\{CF54DCBB-C37A-4255-A103-059D651E5F46} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {8BFC6E5F-190F-4584-9B97-DD057A0A0C3E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2625522233-1861614664-436202598-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {97239E3F-43D4-467C-BE37-F29421E1705B} - System32\Tasks\Microsoft\Windows\RestartManager\{75AFB30F-B8B4-406c-B8B6-D97DA1E667D4} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {A59B0D83-40E4-45DB-B4A2-627E1ADE5822} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {AD58386B-193C-4059-B789-EA561D340652} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {B34444E0-9435-4665-8F0F-0596C1E8F395} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-06] (Google Inc.)
Task: {B801A682-5937-4E74-AF50-3DBAA5B3DBFC} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {B811A62D-5FE6-4B8F-8401-C961FED44E02} - System32\Tasks\Microsoft\Windows\RestartManager\{F6D3B83F-AEEF-40b0-8BE7-474FCBF56B74} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {D63A58A2-4C88-4D72-AFA9-2895FC64EBC6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E2A3024D-C89E-4A36-A6BE-45FFD726A927} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2013-05-11] ()
Task: {E52C41FA-91E5-447F-89EE-948CD5518FCA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2625522233-1861614664-436202598-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E93D5036-C928-4A18-BEF9-7694C85587B0} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {FE24CA9F-A8BF-44D4-9830-762B9D736F63} - System32\Tasks\Microsoft\Windows\RestartManager\{0BA7CCF7-A5F8-4523-86BF-E06E1BC9D0E9} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-23 16:32 - 2014-01-23 16:32 - 02084720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareShellExtension.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00541008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 01928008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00107904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00022392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-08 19:06 - 2013-05-08 18:50 - 00548488 _____ () C:\Program Files\Constant Guard Protection Suite\sqlite3.dll
2013-05-08 19:06 - 2013-05-08 19:07 - 00104488 _____ () C:\Program Files\Constant Guard Protection Suite\IdVaultCore.XmlSerializers.dll
2013-05-08 19:06 - 2013-05-08 19:07 - 00014888 _____ () C:\Program Files\Constant Guard Protection Suite\IDVault.XmlSerializers.dll
2014-01-23 16:26 - 2014-01-23 16:26 - 00651232 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:33 - 2014-01-23 16:33 - 00087928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00030072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00048512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 03053416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00131920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00638328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00477544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00244088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00119656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00087384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00105304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00228728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00170376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00342376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00210280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00244592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00174960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00367472 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00502112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00030584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00268656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00274808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00190824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00181600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00105320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00472944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 01858408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00223088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00513392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00422752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00148808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00122704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00298840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00241504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00565640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2013-11-01 16:11 - 2013-11-01 16:11 - 00090624 _____ () C:\Program Files\PasswordBox\libwebsocketswin32.dll
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-01-14 18:21 - 2014-01-14 18:18 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
2014-01-14 18:21 - 2014-01-14 18:18 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
2013-12-16 16:56 - 2013-12-12 15:56 - 03145536 _____ () C:\Users\Bill\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DatamngrCoordinator => 2
MSCONFIG\Services: Diskeeper => 2
MSCONFIG\Services: IDVaultSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TryAndDecideService => 2
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"

==================== Faulty Device Manager Devices =============

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2014 09:31:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/21/2014 09:31:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/20/2014 09:48:32 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16540, time stamp 0x5309896b, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x1973aef5,
process id 0x187e8, application start time 0xiexplore.exe0.

Error: (03/20/2014 04:12:29 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerPlugin_12_0_0_77.exe, version 12.0.0.77, time stamp 0x5314f5f7, faulting module ShimEng.dll_unloaded, version 0.0.0.0, time stamp 0x4549bdb7, exception code 0xc0000005, fault offset 0x5d3c4618,
process id 0x15a78, application start time 0xFlashPlayerPlugin_12_0_0_77.exe0.

Error: (03/20/2014 00:33:24 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 3984
Start Time: 01cf445966e80727
Termination Time: 20762

Error: (03/20/2014 00:28:00 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16540 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 2e14
Start Time: 01cf4458b48f642b
Termination Time: 60000

Error: (03/20/2014 11:01:26 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service stllssvr since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (03/18/2014 11:33:21 PM) (Source: Application Hang) (User: )
Description: The program explorer.exe version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 92d4
Start Time: 01cf4323dacd4ab5
Termination Time: 0

Error: (03/18/2014 11:32:29 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 220
Start Time: 01cf4317cef38f73
Termination Time: 15

Error: (03/18/2014 04:38:02 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerPlugin_12_0_0_77.exe, version 12.0.0.77, time stamp 0x5314f5f7, faulting module ShimEng.dll_unloaded, version 0.0.0.0, time stamp 0x4549bdb7, exception code 0xc0000005, fault offset 0x5ce34618,
process id 0x10304, application start time 0xFlashPlayerPlugin_12_0_0_77.exe0.


System errors:
=============
Error: (03/21/2014 09:29:17 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/20/2014 11:55:42 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/20/2014 09:24:01 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/18/2014 10:04:15 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/18/2014 02:07:31 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service%%1053

Error: (03/18/2014 02:07:31 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player Network Sharing Service

Error: (03/18/2014 02:05:48 PM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer Family Tree Maker Printer with shared resource name Family Tree Maker Printer. Error 2114. The printer cannot be used by others on the network.

Error: (03/18/2014 02:05:48 PM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer Quicken PDF Printer with shared resource name Quicken PDF Printer. Error 2114. The printer cannot be used by others on the network.

Error: (03/18/2014 02:03:30 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description:

Error: (03/18/2014 09:39:41 AM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer Family Tree Maker Printer with shared resource name Family Tree Maker Printer. Error 2114. The printer cannot be used by others on the network.


Microsoft Office Sessions:
=========================
Error: (03/02/2014 00:38:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/23/2013 07:07:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2014-03-21 10:51:38.518
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-03-21 10:51:38.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-03-21 10:51:38.205
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-03-21 10:51:38.048
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-03-21 10:51:33.773
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-21 10:51:33.616
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-21 10:51:33.429
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-21 10:51:33.257
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-16 15:33:28.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Security Suite\Engine\21.1.0.18\asOEHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-16 15:33:28.531
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Security Suite\Engine\21.1.0.18\asOEHook.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 60%
Total physical RAM: 3198.5 MB
Available physical RAM: 1257.04 MB
Total Pagefile: 6620.15 MB
Available Pagefile: 4803.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1884.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:97.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (FreeAgent Drive) (Fixed) (Total:931.51 GB) (Free:781.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 9A2ADE89)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 467C2F9E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 21st, 2014, 11:02 am

SystemLook 04.09.10 by jpshortstuff
Log created at 10:56 on 21/03/2014 by Bill
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Searchqu*"
No files found.

Searching for "*iLivid*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*babylon*"
No files found.

Searching for "*conduit*"
C:\Program Files\Common Files\Apple\Mobile Device Support\iSyncConduit.dll --a---- 1322368 bytes [21:50 12/02/2014] [21:50 12/02/2014] 5A2B082A760722E08042E3892D07690E
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect.zip --a---- 530 bytes [05:28 16/02/2014] [05:28 16/02/2014] 3B8577EC88A5528523A4203EAA32241D
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect1.zip --a---- 548 bytes [05:28 16/02/2014] [05:28 16/02/2014] 9A0B131C3F91F1C31B7D3BF7245EAC07
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect10.zip --a---- 345 bytes [05:28 16/02/2014] [05:28 16/02/2014] 0143538AB0F3BE11D1F52A2B31EDB60D
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect11.zip --a---- 342 bytes [05:28 16/02/2014] [05:28 16/02/2014] 604D60BD6DEE70A2F8A7CEB565CC283E
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect12.zip --a---- 2981593 bytes [05:28 16/02/2014] [05:28 16/02/2014] E08EA095A00C809424DB3A0EE939DA61
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect13.zip --a---- 2981658 bytes [05:28 16/02/2014] [05:28 16/02/2014] 32604A126377312702211F65A04CF07B
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect14.zip --a---- 2981654 bytes [05:28 16/02/2014] [05:28 16/02/2014] F974F7D24AC2F16145DCFB1EC441D209
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect15.zip --a---- 2361052 bytes [05:28 16/02/2014] [05:28 16/02/2014] 8A32728B8EE2C0CEC91AC5F1D3C5EAD3
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect16.zip --a---- 2361119 bytes [05:28 16/02/2014] [05:28 16/02/2014] 77657B5F994891A383B94F60B1CDD5E9
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect17.zip --a---- 2361115 bytes [05:28 16/02/2014] [05:28 16/02/2014] 3FDFB805A132BC4FF592FEDCA87D2269
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect18.zip --a---- 4529874 bytes [05:28 16/02/2014] [05:28 16/02/2014] 086D7DBDDC61C182433C79BC851C57D7
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect19.zip --a---- 4529965 bytes [05:28 16/02/2014] [05:28 16/02/2014] 562D76B1FD51624ED44F6AF88390888D
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect2.zip --a---- 346 bytes [05:28 16/02/2014] [05:28 16/02/2014] 5DFC85A6A843E841B6F8266142ED1792
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect20.zip --a---- 4529958 bytes [05:28 16/02/2014] [05:28 16/02/2014] D21C20D2086D8E7BB5155DC3A10313B4
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect21.zip --a---- 527 bytes [05:28 16/02/2014] [05:28 16/02/2014] 8917736AE208C852E351EABA7D085305
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect22.zip --a---- 548 bytes [05:28 16/02/2014] [05:28 16/02/2014] E76BF62EC38AADB620CDCE0E828D77AD
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect23.zip --a---- 2981594 bytes [05:28 16/02/2014] [05:28 16/02/2014] 3D77E4C22817A9C274A85D2A904DE572
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect24.zip --a---- 2981660 bytes [05:28 16/02/2014] [05:28 16/02/2014] 05E7FAE391ABB1FF2445199565FE8232
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect25.zip --a---- 2981654 bytes [05:28 16/02/2014] [05:28 16/02/2014] 8D720F09D839E4054FD7335FEA07711C
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect26.zip --a---- 2361052 bytes [05:28 16/02/2014] [05:28 16/02/2014] 33029EAC1D88F186CFEBC8278CD3D496
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect27.zip --a---- 2361120 bytes [05:28 16/02/2014] [05:28 16/02/2014] 7E3F4D54443884CECA8D06EF3D4B328B
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect28.zip --a---- 2361116 bytes [05:28 16/02/2014] [05:28 16/02/2014] 205A220EFDE42A2A3006B73499FE8350
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect29.zip --a---- 4529874 bytes [05:28 16/02/2014] [05:28 16/02/2014] 333973F1F246274225EB88715F1F8183
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect3.zip --a---- 37644 bytes [05:28 16/02/2014] [05:28 16/02/2014] DC56856C8FEE96D7124EDE896DFF104A
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect30.zip --a---- 4529962 bytes [05:28 16/02/2014] [05:28 16/02/2014] FE672647E5C374607DD3FAEB287AD32D
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect31.zip --a---- 4529959 bytes [05:28 16/02/2014] [05:28 16/02/2014] 75DB531DA66AD08F16F1E1BB0924AE2C
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect32.zip --a---- 526 bytes [14:47 16/02/2014] [14:47 16/02/2014] 05B01AB14457CC3B6B6B3DC234983878
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect33.zip --a---- 547 bytes [14:47 16/02/2014] [14:47 16/02/2014] 623AFFDC6A42AB309CCDF1AEA6D039F5
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect34.zip --a---- 2981594 bytes [14:47 16/02/2014] [14:47 16/02/2014] B1598336E7A0FF737DFE4A120E7D206C
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect35.zip --a---- 2981656 bytes [14:47 16/02/2014] [14:47 16/02/2014] BFF9451C523898BD616203C0D55A1B8F
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect36.zip --a---- 2981654 bytes [14:47 16/02/2014] [14:47 16/02/2014] 5F18B851C1166523392DB0A2CC42A3F9
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect37.zip --a---- 2361051 bytes [14:47 16/02/2014] [14:47 16/02/2014] 43A49067D1F7769C8F8D680E15E421B0
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect38.zip --a---- 2361120 bytes [14:47 16/02/2014] [14:47 16/02/2014] D56FEE9987F72E82ABFADB85C9D694F6
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect39.zip --a---- 2361116 bytes [14:47 16/02/2014] [14:47 16/02/2014] 5BBD6DE4BAFD15557ADBFC1F1FCFAA38
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect4.zip --a---- 1081 bytes [05:28 16/02/2014] [05:28 16/02/2014] 5598241AB2DD0324E48A1FB9F2D95FAD
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect40.zip --a---- 4529874 bytes [14:47 16/02/2014] [14:47 16/02/2014] 1FB3C812F72487E45CD435A2CC1ABFF4
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect41.zip --a---- 4529960 bytes [14:47 16/02/2014] [14:47 16/02/2014] B91A77B645670F1EF18E102A01C3E6DC
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect42.zip --a---- 4529958 bytes [14:47 16/02/2014] [14:47 16/02/2014] B2543FA73855E5E35B33BE50198B9FCC
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect43.zip --a---- 530 bytes [13:36 12/03/2014] [13:36 12/03/2014] 0091C30A1333564C083EBB696CCC7BA3
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect44.zip --a---- 547 bytes [13:36 12/03/2014] [13:36 12/03/2014] FB42229ABB57CB03AB86F56192A89B6E
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect45.zip --a---- 326 bytes [13:36 12/03/2014] [13:36 12/03/2014] F4AA2E04587271E25C6ABD49B509800A
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect46.zip --a---- 320 bytes [13:36 12/03/2014] [13:36 12/03/2014] 28D0D5555CCA6EB2BD1692B48ADD7DF3
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect47.zip --a---- 324 bytes [13:36 12/03/2014] [13:36 12/03/2014] 852E171D3872C0CE84487B9CA92537DC
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect48.zip --a---- 319 bytes [13:36 12/03/2014] [13:36 12/03/2014] 01C6EB3017346BDDD55583395B9D86EC
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect49.zip --a---- 321 bytes [13:36 12/03/2014] [13:36 12/03/2014] 52E68BDBFB98BE1D7FCB3B07686EE292
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect5.zip --a---- 2208 bytes [05:28 16/02/2014] [05:28 16/02/2014] C23A35CFED971545675DDBBE23961F40
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect50.zip --a---- 319 bytes [13:36 12/03/2014] [13:36 12/03/2014] 4282474FE037573CF1EBA1EA3B3280C3
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect6.zip --a---- 343 bytes [05:28 16/02/2014] [05:28 16/02/2014] 861E836783815014CE24D1494D0E8594
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect7.zip --a---- 6469 bytes [05:28 16/02/2014] [05:28 16/02/2014] CB1E3C0D79CB9A9D73A48E2D6B2E31CF
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect8.zip --a---- 345 bytes [05:28 16/02/2014] [05:28 16/02/2014] D4B8D51E1251F3BBDF55C54CE6DFB5DE
C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect9.zip --a---- 344 bytes [05:28 16/02/2014] [05:28 16/02/2014] F272387C921CB80D72F07AC28534DD21
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect.zip --a---- 530 bytes [05:28 16/02/2014] [05:28 16/02/2014] 3B8577EC88A5528523A4203EAA32241D
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect1.zip --a---- 548 bytes [05:28 16/02/2014] [05:28 16/02/2014] 9A0B131C3F91F1C31B7D3BF7245EAC07
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect10.zip --a---- 345 bytes [05:28 16/02/2014] [05:28 16/02/2014] 0143538AB0F3BE11D1F52A2B31EDB60D
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect11.zip --a---- 342 bytes [05:28 16/02/2014] [05:28 16/02/2014] 604D60BD6DEE70A2F8A7CEB565CC283E
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect12.zip --a---- 2981593 bytes [05:28 16/02/2014] [05:28 16/02/2014] E08EA095A00C809424DB3A0EE939DA61
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect13.zip --a---- 2981658 bytes [05:28 16/02/2014] [05:28 16/02/2014] 32604A126377312702211F65A04CF07B
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect14.zip --a---- 2981654 bytes [05:28 16/02/2014] [05:28 16/02/2014] F974F7D24AC2F16145DCFB1EC441D209
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect15.zip --a---- 2361052 bytes [05:28 16/02/2014] [05:28 16/02/2014] 8A32728B8EE2C0CEC91AC5F1D3C5EAD3
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect16.zip --a---- 2361119 bytes [05:28 16/02/2014] [05:28 16/02/2014] 77657B5F994891A383B94F60B1CDD5E9
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect17.zip --a---- 2361115 bytes [05:28 16/02/2014] [05:28 16/02/2014] 3FDFB805A132BC4FF592FEDCA87D2269
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect18.zip --a---- 4529874 bytes [05:28 16/02/2014] [05:28 16/02/2014] 086D7DBDDC61C182433C79BC851C57D7
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect19.zip --a---- 4529965 bytes [05:28 16/02/2014] [05:28 16/02/2014] 562D76B1FD51624ED44F6AF88390888D
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect2.zip --a---- 346 bytes [05:28 16/02/2014] [05:28 16/02/2014] 5DFC85A6A843E841B6F8266142ED1792
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect20.zip --a---- 4529958 bytes [05:28 16/02/2014] [05:28 16/02/2014] D21C20D2086D8E7BB5155DC3A10313B4
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect21.zip --a---- 527 bytes [05:28 16/02/2014] [05:28 16/02/2014] 8917736AE208C852E351EABA7D085305
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect22.zip --a---- 548 bytes [05:28 16/02/2014] [05:28 16/02/2014] E76BF62EC38AADB620CDCE0E828D77AD
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect23.zip --a---- 2981594 bytes [05:28 16/02/2014] [05:28 16/02/2014] 3D77E4C22817A9C274A85D2A904DE572
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect24.zip --a---- 2981660 bytes [05:28 16/02/2014] [05:28 16/02/2014] 05E7FAE391ABB1FF2445199565FE8232
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect25.zip --a---- 2981654 bytes [05:28 16/02/2014] [05:28 16/02/2014] 8D720F09D839E4054FD7335FEA07711C
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect26.zip --a---- 2361052 bytes [05:28 16/02/2014] [05:28 16/02/2014] 33029EAC1D88F186CFEBC8278CD3D496
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect27.zip --a---- 2361120 bytes [05:28 16/02/2014] [05:28 16/02/2014] 7E3F4D54443884CECA8D06EF3D4B328B
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect28.zip --a---- 2361116 bytes [05:28 16/02/2014] [05:28 16/02/2014] 205A220EFDE42A2A3006B73499FE8350
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect29.zip --a---- 4529874 bytes [05:28 16/02/2014] [05:28 16/02/2014] 333973F1F246274225EB88715F1F8183
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect3.zip --a---- 37644 bytes [05:28 16/02/2014] [05:28 16/02/2014] DC56856C8FEE96D7124EDE896DFF104A
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect30.zip --a---- 4529962 bytes [05:28 16/02/2014] [05:28 16/02/2014] FE672647E5C374607DD3FAEB287AD32D
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect31.zip --a---- 4529959 bytes [05:28 16/02/2014] [05:28 16/02/2014] 75DB531DA66AD08F16F1E1BB0924AE2C
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect32.zip --a---- 526 bytes [14:47 16/02/2014] [14:47 16/02/2014] 05B01AB14457CC3B6B6B3DC234983878
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect33.zip --a---- 547 bytes [14:47 16/02/2014] [14:47 16/02/2014] 623AFFDC6A42AB309CCDF1AEA6D039F5
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect34.zip --a---- 2981594 bytes [14:47 16/02/2014] [14:47 16/02/2014] B1598336E7A0FF737DFE4A120E7D206C
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect35.zip --a---- 2981656 bytes [14:47 16/02/2014] [14:47 16/02/2014] BFF9451C523898BD616203C0D55A1B8F
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect36.zip --a---- 2981654 bytes [14:47 16/02/2014] [14:47 16/02/2014] 5F18B851C1166523392DB0A2CC42A3F9
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect37.zip --a---- 2361051 bytes [14:47 16/02/2014] [14:47 16/02/2014] 43A49067D1F7769C8F8D680E15E421B0
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect38.zip --a---- 2361120 bytes [14:47 16/02/2014] [14:47 16/02/2014] D56FEE9987F72E82ABFADB85C9D694F6
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect39.zip --a---- 2361116 bytes [14:47 16/02/2014] [14:47 16/02/2014] 5BBD6DE4BAFD15557ADBFC1F1FCFAA38
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect4.zip --a---- 1081 bytes [05:28 16/02/2014] [05:28 16/02/2014] 5598241AB2DD0324E48A1FB9F2D95FAD
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect40.zip --a---- 4529874 bytes [14:47 16/02/2014] [14:47 16/02/2014] 1FB3C812F72487E45CD435A2CC1ABFF4
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect41.zip --a---- 4529960 bytes [14:47 16/02/2014] [14:47 16/02/2014] B91A77B645670F1EF18E102A01C3E6DC
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect42.zip --a---- 4529958 bytes [14:47 16/02/2014] [14:47 16/02/2014] B2543FA73855E5E35B33BE50198B9FCC
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect43.zip --a---- 530 bytes [13:36 12/03/2014] [13:36 12/03/2014] 0091C30A1333564C083EBB696CCC7BA3
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect44.zip --a---- 547 bytes [13:36 12/03/2014] [13:36 12/03/2014] FB42229ABB57CB03AB86F56192A89B6E
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect45.zip --a---- 326 bytes [13:36 12/03/2014] [13:36 12/03/2014] F4AA2E04587271E25C6ABD49B509800A
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect46.zip --a---- 320 bytes [13:36 12/03/2014] [13:36 12/03/2014] 28D0D5555CCA6EB2BD1692B48ADD7DF3
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect47.zip --a---- 324 bytes [13:36 12/03/2014] [13:36 12/03/2014] 852E171D3872C0CE84487B9CA92537DC
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect48.zip --a---- 319 bytes [13:36 12/03/2014] [13:36 12/03/2014] 01C6EB3017346BDDD55583395B9D86EC
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect49.zip --a---- 321 bytes [13:36 12/03/2014] [13:36 12/03/2014] 52E68BDBFB98BE1D7FCB3B07686EE292
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect5.zip --a---- 2208 bytes [05:28 16/02/2014] [05:28 16/02/2014] C23A35CFED971545675DDBBE23961F40
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect50.zip --a---- 319 bytes [13:36 12/03/2014] [13:36 12/03/2014] 4282474FE037573CF1EBA1EA3B3280C3
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect6.zip --a---- 343 bytes [05:28 16/02/2014] [05:28 16/02/2014] 861E836783815014CE24D1494D0E8594
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect7.zip --a---- 6469 bytes [05:28 16/02/2014] [05:28 16/02/2014] CB1E3C0D79CB9A9D73A48E2D6B2E31CF
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect8.zip --a---- 345 bytes [05:28 16/02/2014] [05:28 16/02/2014] D4B8D51E1251F3BBDF55C54CE6DFB5DE
C:\Users\All Users\Spybot - Search & Destroy\Recovery\ConduitSearchProtect9.zip --a---- 344 bytes [05:28 16/02/2014] [05:28 16/02/2014] F272387C921CB80D72F07AC28534DD21
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L7967K8A\conduititc-medium-webfont[1].woff --a---- 26332 bytes [02:22 21/03/2014] [02:22 21/03/2014] D2A97F3EC37E823D54B773574AA1E05A
C:\Users\Bill\AppData\Local\VirtualStore\Program Files\Common Files\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\PhoneConduit.plist --a---- 11338 bytes [22:49 09/07/2007] [22:49 09/07/2007] 91DEF61D13E01E7EAFFE528B7D2FDF04

========== folderfind ==========

Searching for "*Fun4IM*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*iLivid*"
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm

Re: Browsers/Win Explorer stop responding

Unread postby Gary R » March 21st, 2014, 2:08 pm

OK, seems there's quite a few things in need of attention.

First ....

You have two anti-virus programs installed ...

Ad-Aware Antivirus
Norton Security Suite


... this is a recipe for disaster as they will conflict with each other and give less not more protection.

Please go to Control Panel > Programs > Uninstall a program and Uninstall one of them at once (your choice as to which).

If you choose to remove Norton, do not use the inbuilt uninstaller as it's not very good, instead use the following tool which does a better job ... ftp://ftp.symantec.com/public/english_u ... l_Tool.exe

Reboot your computer once you've uninstalled one of your AV programs.

Next ...

  • Double click AdwCleaner.exe to run it.
  • Click Scan and allow the scan to finish.
  • Now click Clean to remove the items found.
  • Click OK to the prompt.
  • The tool will run & your computer will be rebooted automatically. A logfile will open after the restart.
  • Post the contents of the logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[s1].txt.

Next ...

  • Click Start
  • Type notepad.exe in the search programs and files box and clcik Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad. (do not include Code: Select all)
Code: Select all
C:\Users\Bill\AppData\Roaming\desktop.ini
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: J - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {1af045ce-188d-11e3-a741-0017317cb150} - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {276f0f5b-bda8-11e2-bad6-0017317cb150} - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {86f3298b-2f7b-11e3-97d9-0017317cb150} - J:\Autorun.exe
URLSearchHook: HKCU - (No Name) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
StartMenuInternet: IEXPLORE.EXE -
SearchScopes: HKLM - {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2= ^Y6^xdm003^YYA^us&si=CMTC-uOTgLsCFU7xOgodOEAA0w&ptb=2F5F6DF8-8D56-4ED4-8C54-CEEC3A7188A8&ind=2013112509&n=77fda8bd&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx? ... 0E3A346&q= {searchTerms}&SSPV=
SearchScopes: HKCU - {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q= {SEARCHTERMS}&o=15527&prt=360&chn=S1122&geo=US&ver=20&locale=en_US&tpr=111
BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO: Toolbar BHO - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
BHO: Search Assistant BHO - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - FromDocToPDF - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF NewTab: hxxp://search.conduit.com/?ctid=CT33222 ... 88A0E3A346
FF SearchEngineOrder.1: Ask.com
FF Plugin: @FromDocToPDF_65.com/Plugin - C:\Program Files\FromDocToPDF_65\bar\1.bin\NP65Stub.dll (MindSpark)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: FromDocToPDF - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\65ffxtbr@FromDocToPDF_65.com [2014-03-13]
FF Extension: Autofill Forms - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\autofillForms@blueimp.net.xpi [2014-03-13]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.101
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.101 [2014-01-14]
R2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1772056 2014-01-14] (AVG Secure Search)

    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe.

Next ...

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.

Summary of the logs I need from you in your next post:
  • AdwCleaner[s1].txt
  • Fixlog.txt
  • ESET.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 21st, 2014, 11:32 pm

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Bill at 2014-03-21 15:17:21 Run:1
Running from C:\Users\Bill\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\Bill\AppData\Roaming\desktop.ini
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: J - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {1af045ce-188d-11e3-a741-0017317cb150} - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {276f0f5b-bda8-11e2-bad6-0017317cb150} - J:\IronKey.exe
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\...\MountPoints2: {86f3298b-2f7b-11e3-97d9-0017317cb150} - J:\Autorun.exe
URLSearchHook: HKCU - (No Name) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
StartMenuInternet: IEXPLORE.EXE -
SearchScopes: HKLM - {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2= ^Y6^xdm003^YYA^us&si=CMTC-uOTgLsCFU7xOgodOEAA0w&ptb=2F5F6DF8-8D56-4ED4-8C54-CEEC3A7188A8&ind=2013112509&n=77fda8bd&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx? ... 0E3A346&q= {searchTerms}&SSPV=
SearchScopes: HKCU - {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q= {SEARCHTERMS}&o=15527&prt=360&chn=S1122&geo=US&ver=20&locale=en_US&tpr=111
BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO: Toolbar BHO - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
BHO: Search Assistant BHO - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - FromDocToPDF - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF NewTab: hxxp://search.conduit.com/?ctid=CT33222 ... 88A0E3A346
FF SearchEngineOrder.1: Ask.com
FF Plugin: @FromDocToPDF_65.com/Plugin - C:\Program Files\FromDocToPDF_65\bar\1.bin\NP65Stub.dll (MindSpark)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: FromDocToPDF - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\65ffxtbr@FromDocToPDF_65.com [2014-03-13]
FF Extension: Autofill Forms - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\autofillForms@blueimp.net.xpi [2014-03-13]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.101
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.101 [2014-01-14]
R2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1772056 2014-01-14] (AVG Secure Search)

*****************

C:\Users\Bill\AppData\Roaming\desktop.ini => Moved successfully.
C:\ProgramData\PKP_DLdu.DAT => Moved successfully.
C:\ProgramData\PKP_DLdw.DAT => Moved successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2625522233-1861614664-436202598-1000 => Key not found.
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1af045ce-188d-11e3-a741-0017317cb150} => Key deleted successfully.
HKCR\CLSID\{1af045ce-188d-11e3-a741-0017317cb150} => Key not found.
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{276f0f5b-bda8-11e2-bad6-0017317cb150} => Key deleted successfully.
HKCR\CLSID\{276f0f5b-bda8-11e2-bad6-0017317cb150} => Key not found.
HKU\S-1-5-21-2625522233-1861614664-436202598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86f3298b-2f7b-11e3-97d9-0017317cb150} => Key deleted successfully.
HKCR\CLSID\{86f3298b-2f7b-11e3-97d9-0017317cb150} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4c60e5ab-5c68-4c59-abaa-885010b24b32} => Value deleted successfully.
HKCR\CLSID\{4c60e5ab-5c68-4c59-abaa-885010b24b32} => Key deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKCR\Wow6432Node\CLSID\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCR\Wow6432Node\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKCR\Wow6432Node\CLSID\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found.
HKCR\Wow6432Node\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a235e1e3-6296-4710-af39-104a7faa6c7c} => Key not found.
HKCR\CLSID\{a235e1e3-6296-4710-af39-104a7faa6c7c} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f236ca79-3123-4afb-9f74-e98117ad5625} => Key not found.
HKCR\CLSID\{f236ca79-3123-4afb-9f74-e98117ad5625} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} => Value not found.
HKCR\CLSID\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value not found.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key not found.
Firefox newtab deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
HKLM\Software\MozillaPlugins\@FromDocToPDF_65.com/Plugin => Key not found.
C:\Program Files\FromDocToPDF_65\bar\1.bin\NP65Stub.dll not found.
"C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\Ask.xml" => not found.
"C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\safesearch.xml" => not found.
"C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml" => not found.
C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\65ffxtbr@FromDocToPDF_65.com => not found.
C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\autofillForms@blueimp.net.xpi => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\avg@toolbar => Value not found.
C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.101 => not found.
vToolbarUpdater17.3.0 => Service not found.

==== End of Fixlog ====
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm

Re: Browsers/Win Explorer stop responding

Unread postby Gary R » March 22nd, 2014, 10:48 am

I don't see the ADWCleaner log or the e-set log that I asked for.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 22nd, 2014, 10:53 am

# AdwCleaner v3.022 - Report created 21/03/2014 at 14:54:58
# Updated 13/03/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Bill - BILL-PC
# Running from : C:\Users\Bill\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater17.3.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\FromDocToPDF_65
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\system32\SearchProtect
[!] Folder Deleted : C:\Users\Bill\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Bill\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Bill\AppData\Local\FromDocToPDF_65
Folder Deleted : C:\Users\Bill\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Bill\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Bill\AppData\LocalLow\FromDocToPDF_65
Folder Deleted : C:\Users\Bill\AppData\LocalLow\iac
Folder Deleted : C:\Users\Bill\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\FromDocToPDF_65
Folder Deleted : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\Extensions\65ffxtbr@FromDocToPDF_65.com
Folder Deleted : C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\searchplugins\safesearch.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@FromDocToPDF_65.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{017D68F2-19B3-41AE-9D8A-8B09DBD25479}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2BD4465D-669A-42E6-B449-636B0B10EBB8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3700B685-D795-4E17-9B78-73BCEE5D4086}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E6260AC-BC6F-44B4-942B-1568C367543A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{504B4AA9-9952-4490-B0E1-80A5321C35F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{72D05120-DF65-4C27-921E-899B5267FEF2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0CF6CB9-2276-4F30-B841-05A67067ACE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE84501A-2CB6-41D6-B3A7-9679BDBDFA0B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AFA196F4-80E5-47AD-B7BC-C671487D36FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B7FD68F7-D28B-431E-9EE8-E45D915B7F17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD1D181E-C654-4CA5-9D09-B3648537FD7D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F236CA79-3123-4AFB-9F74-E98117AD5625}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F96EE2EF-FE15-4878-AECD-BC367F12C70F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2C9D27D8-C81E-4968-8026-E725E01650C1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BB1BA04-1B88-4690-9AD3-0D38412F5FF1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EFEC319-72E8-42AA-AC38-8CF8A0661CDD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{542EAC56-BF4B-46A7-943E-0A4C2CBA34EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6191571E-F7EE-47C3-B229-2DFAC70DB5D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74C02D12-FAEE-4834-80D2-5B7D2480AD61}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{840AE8AE-D547-433E-985C-6BF6C74F5084}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A85ACA7E-5CD2-461B-877A-994CCCCF491C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BF6FDBB8-7CD5-402D-AB4F-E4F13D3490C8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F236CA79-3123-4AFB-9F74-E98117AD5625}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F236CA79-3123-4AFB-9F74-E98117AD5625}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A235E1E3-6296-4710-AF39-104A7FAA6C7C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F236CA79-3123-4AFB-9F74-E98117AD5625}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2BD4465D-669A-42E6-B449-636B0B10EBB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{701F5C41-BB30-46DA-A56B-68784B0B762B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3B975A0-F679-444E-9D94-6D292FA53140}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D97143C2-4282-496B-BDC4-7EC852F1497C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\FromDocToPDF_65
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\FromDocToPDF_65
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Firefox
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Internet Explorer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FromDocToPDF_65bar Uninstall Internet Explorer

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16540


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP4FDE508E-E38C-40C7-80F1-1288A0E3A346");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":221359615,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221359616,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.firstKnownVersion", "5.71.2.65464");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=2F5F6DF8-8D56-4ED4-8C54-CEEC3A7188A8&n=77fdcab9&p2=^Y6^xdm003^YYA^us&si=CMTC-uOTgLsCFU7xOgodOEAA0[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.hp.user.defined", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2013121209");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm003^YYA^us");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CMTC-uOTgLsCFU7xOgodOEAA0w");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "2F5F6DF8-8D56-4ED4-8C54-CEEC3A7188A8");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.isCompliantUninstallImplementation", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1395332974834");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.lastKnownVersion", "6.20.3.33692");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.searchHistory", "cum shots||||beatles washington dc");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.toolbarCollapsed", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.weather.location", "01085");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");

*************************

AdwCleaner[R0].txt - [17800 octets] - [21/03/2014 10:21:50]
AdwCleaner[R1].txt - [17861 octets] - [21/03/2014 14:53:52]
AdwCleaner[S0].txt - [18217 octets] - [21/03/2014 14:54:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18278 octets] ##########
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 22nd, 2014, 10:54 am

C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65auxstb.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll.vir a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65bprtct.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65datact.dll.vir a variant of Win32/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65htmlmu.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65ieovr.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65impipe.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65Plugin.dll.vir probably a variant of Win32/Toolbar.MyWebSearch potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65reghk.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65skin.dll.vir a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65skplay.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\AppIntegrator64.exe.vir Win64/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\AppIntegratorStub64.dll.vir Win64/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\CREXT.DLL.vir a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\Hpg64.dll.vir Win64/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\NP65Stub.dll.vir Win32/Toolbar.MyWebSearch.T potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\T8HTML.DLL.vir probably a variant of Win32/Toolbar.MyWebSearch.F potentially unwanted application
C:\Program Files\Free FLV Converter\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
C:\Users\Bill\Downloads\ccsetup404.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Bill\Downloads\disk-defrag-setup.exe a variant of Win32/OpenCandy.A potentially unsafe application
F:\Seagate Backup\BILL-PC\C\Program Files\RegDefense\RDFNSAnalyzers.dll a variant of Win32/Adware.RegDefense application
F:\Seagate Backup\BILL-PC\C\Program Files\RegDefense\RDFNSSilentRemover.exe a variant of Win32/Adware.RegDefense application
F:\Seagate Backup\BILL-PC\C\Users\Bill\Downloads\ccsetup313.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
F:\Seagate Backup\BILL-PC\History\Level2\C\Users\Bill\AppData\Roaming\Uniblue\RegistryBooster\_temp\ub.exe a variant of Win32/RegistryBooster potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\C\Users\Bill\Downloads\ccsetup404.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\Seagate Backup\BILL-PC (1)\C\Users\Bill\Downloads\disk-defrag-setup.exe a variant of Win32/OpenCandy.A potentially unsafe application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0016df SWF/TrojanDownloader.Iframe.AF trojan
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001cd2 SWF/TrojanDownloader.Iframe.AF trojan
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001e5f SWF/TrojanDownloader.Iframe.AF trojan
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\LocalLow\FromDocToPDF_65EI\Installr\Cache\003B9480.exe a variant of Win32/Toolbar.MyWebSearch.O potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF10.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF11.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF12.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF13.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF14.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF15.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF16.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF17.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF18.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF19.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF2.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF20.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF21.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF22.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF4.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF5.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF6.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF7.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF8.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF9.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\OpenCandy\B1AD7D5550E84A82BF6861C2D99FCB90\sp-downloader.exe Win32/Toolbar.Conduit.R potentially unwanted application
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 22nd, 2014, 10:55 am

Sorry
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm

Re: Browsers/Win Explorer stop responding

Unread postby Gary R » March 22nd, 2014, 11:11 am

  • Click Start
  • Type notepad.exe in the search programs and files box and clcik Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad. (don't include Code: Select all)
Code: Select all
C:\Program Files\Free FLV Converter\Helper.dll
C:\Users\Bill\Downloads\ccsetup404.exe
C:\Users\Bill\Downloads\disk-defrag-setup.exe

    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe.

Your e-set log shows that your backup files are "contaminated" ...
F:\Seagate Backup\BILL-PC\C\Program Files\RegDefense\RDFNSAnalyzers.dll a variant of Win32/Adware.RegDefense application
F:\Seagate Backup\BILL-PC\C\Program Files\RegDefense\RDFNSSilentRemover.exe a variant of Win32/Adware.RegDefense application
F:\Seagate Backup\BILL-PC\C\Users\Bill\Downloads\ccsetup313.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
F:\Seagate Backup\BILL-PC\History\Level2\C\Users\Bill\AppData\Roaming\Uniblue\RegistryBooster\_temp\ub.exe a variant of Win32/RegistryBooster potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\C\Users\Bill\Downloads\ccsetup404.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\Seagate Backup\BILL-PC (1)\C\Users\Bill\Downloads\disk-defrag-setup.exe a variant of Win32/OpenCandy.A potentially unsafe application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0016df SWF/TrojanDownloader.Iframe.AF trojan
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001cd2 SWF/TrojanDownloader.Iframe.AF trojan
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001e5f SWF/TrojanDownloader.Iframe.AF trojan
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\LocalLow\FromDocToPDF_65EI\Installr\Cache\003B9480.exe a variant of Win32/Toolbar.MyWebSearch.O potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF10.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF11.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF12.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF13.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF14.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF15.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF16.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF17.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF18.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF19.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF2.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF20.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF21.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF22.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF4.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF5.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF6.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF7.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF8.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{14DE05CA-6843-20F8-D75A-F976D600D734}\components\DatamngrHlpFF9.dll a variant of Win32/Toolbar.SearchSuite.K potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\qyld9u17.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application
F:\Seagate Backup\BILL-PC (1)\History\Level2\C\Users\Bill\AppData\Roaming\OpenCandy\B1AD7D5550E84A82BF6861C2D99FCB90\sp-downloader.exe Win32/Toolbar.Conduit.R potentially unwanted application


.... so I would delete those backups if I were you, otherwise if you were to restore to them at some time in the future you would re-infect your computer.

We can remove them using FRST if you wish, but it's probably better/quicker just to delete the relevant backups using the associated seagate backup utility.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Browsers/Win Explorer stop responding

Unread postby billflyer » March 22nd, 2014, 11:17 am

Okay. I can deal with the backups. Do you see any other issues?
billflyer
Active Member
 
Posts: 13
Joined: March 20th, 2014, 1:11 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 294 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware