Internet Browsers unresponsive or acting up

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Internet Browsers unresponsive or acting up

Post by siouxlini on Fri 07 Feb 2014, 8:28 am

Internet Browsers unresponsive or acting up

My internet browsers have started acting up.  Internet Explorer is completely unresponsive and will not open any internet page, link or even pull-down menus in the program (so I cannot tell you version number but is currently updated).  Google Chrome and Mozilla work but with every click opens up windows and pop-up ads.

I appreciate any help with this issue.

You all do a great job and can't thank you enough for your service!

Mark

Malwarebytes Anti-Malware 1.75.0.1300
[You must be registered and logged in to see this link.]

Database version: v2014.02.04.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Mark :: MARK-PC [administrator]

2/4/2014 6:44:34 AM
mbam-log-2014-02-04 (06-44-34).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 586377
Time elapsed: 1 hour(s), 49 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\Mark\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.

Registry Keys Detected: 15
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411591171} (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440444594471} (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550455595571} (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0045971.BHO.1 (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591171} (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0045971.BHO (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0045971.Sandbox (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0045971.Sandbox.1 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\Software\InstalledBrowserExtensions\installdaddy (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HDvid Codec V6.0 (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Mark\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (http://search.conduit.com/?ctid=CT3321733&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP90EB5BE7-9E41-494F-80D9-23C824114470&SSPV=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 23
C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0 (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.

Files Detected: 125
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Users\Mark\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-bho.dll (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-bg.exe (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-bho64.dll (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-buttonutil.exe (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-buttonutil64.exe (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-chromeinstaller.exe (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-codedownloader.exe (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-enabler.exe (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-firefoxinstaller.exe (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-updater.exe (PUP.Optional.HDvidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SXFDR47\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\55092ZRJ\spstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\nsfBA35.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\nsfE0E9.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\nspB40B.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\nspB718.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\nspDCE2.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\nszE472.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\setupA9_.exe (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\spstub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\verifier.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Local\Temp\nsk7E4B\SpSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Mark\Downloads\HDvid-codec-Chrome.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-~[Filtered JS Events]~.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\HDvid Codec V6.0-chromeinstaller.job (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\HDvid Codec V6.0-codedownloader.job (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\HDvid Codec V6.0-enabler.job (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\HDvid Codec V6.0-firefoxinstaller.job (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\HDvid Codec V6.0-updater.job (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\45971.crx (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\45971.xpi (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\background.html (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-buttonutil.dll (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-buttonutil64.dll (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-helper.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0.ico (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\Installer.log (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\Uninstall.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HDvid Codec V6.0\utils.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\b.bmp (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\finish.bmp (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\FinishHDVID.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\HDVidCodec.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\hdvidextsetup.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\hdvid_temp.bmp (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\stage2 (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\uninst.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Mark\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.

(end)


# AdwCleaner v3.018 - Report created 04/02/2014 at 16:08:31
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mark - MARK-PC
# Running from : C:\Users\Mark\Downloads\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater17.0.12

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Mark\AppData\Local\Searchprotect
Folder Deleted : C:\Users\Mark\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\Extensions\anttoolbar@ant.com
File Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033343391}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055345591}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596671}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055345591}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3321733&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP90EB5BE7-9E41-494F-80D9-23C824114470");
Line Deleted : user_pref("extensions.crossrider.bic", "1381484d6bc51124547407529c4a4adb");

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6555 octets] - [04/02/2014 16:07:46]
AdwCleaner[S0].txt - [6175 octets] - [04/02/2014 16:08:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6235 octets] ##########


Results of screen317's Security Check version 0.99.79
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2014
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 5.0
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.1
Java(TM) 6 Update 35
Java 7 Update 51
Adobe Flash Player 11.9.900.170
Adobe Reader 10.1.9 Adobe Reader out of Date!
Mozilla Firefox (26.0)
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.107
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
AVG avgwdsvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Fri 07 Feb 2014, 10:28 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

  • Be sure to print out and follow the instructions provided on that same page for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.


Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Fri 07 Feb 2014, 12:07 pm

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
[You must be registered and logged in to see this link.]

Database version: v2014.02.06.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Mark :: MARK-PC [administrator]

2/6/2014 7:37:00 PM
mbar-log-2014-02-06 (19-37-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 287043
Time elapsed: 21 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Fri 07 Feb 2014, 1:07 pm

Are the browsers still acting up?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.

  • Leave the check mark next to Remove found threats.

•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Sat 08 Feb 2014, 4:09 am

There were no Threats found

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=88716705d3b63046ae2a33c24b5fea90
# engine=16976
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-07 07:15:45
# local_time=2014-02-07 02:15:45 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 17192997 143300795 0 0
# scanned=360701
# found=0
# cleaned=0
# scan_time=11226

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Sat 08 Feb 2014, 5:47 am

How's your computer working now?

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Sat 08 Feb 2014, 8:05 am

IE is still unresponsive. I'm not getting as many pop-ups that I was getting before with google chrome and Mozilla

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Sat 08 Feb 2014, 8:06 am

I forgot to mention the first thing I did was try to restore to an earlier point and and the restore kept failing

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Sat 08 Feb 2014, 9:42 am

Please download and run MS Fix-it from here. Click on "Visit our solution center" and choose IE.

To Run the SFC /SCANNOW Command in Windows 7
1. Open an elevated command prompt.

2. To Scan and Repair System Files
NOTE: Scans the integrity of all protected system files and repairs the system files if needed.
A) In the elevated command prompt, type sfc /scannow and press Enter. (see screenshot below)
NOTE: This may take some time to finish.



B) Go to step 4.

3. To Only Verify if the System Files are Corrupted
NOTE: Scans and only verifies the integrity of all proteced system files only.
A) In the elevated command prompt, type sfc /verifyonly and press Enter.

4. When the scan is complete, hopefully you will see all is ok like the screenshot below.
NOTE: If not, then you can attempt to run a System Restore using a restore point dated before the bad file occured to fix it. You may need to repeat doing a System Restore until you find a older restore point that may work.



5. When done, close the elevated command prompt.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Sun 09 Feb 2014, 10:39 pm

Ran MS Fix-it and resulted in the following

Issues found
Data Execution Prevention disabled
Fixed
Enable Data Execution Prevention
Succeeded

Security settings
Fixed
Reset Security settings
Succeeded

Pop-Up Blocker disabled
Fixed
Enable Pop-Up Blocker
Succeeded

Ran SFC /SCANNOW and Windows Resource Protection did not find any integrity violations.

IE is still acting the same

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Sun 09 Feb 2014, 10:44 pm

I think I might have found another piece of evidence...
In chrome, some words in your response is becoming hyper-linked. when I hover over it, it pops up an ad but it also shows
"Click to Continue > by HDVID CODEC V6.0"

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Mon 10 Feb 2014, 5:09 am

Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Mon 10 Feb 2014, 6:24 am

ComboFix 14-02-05.02 - Mark 02/09/2014 13:58:30.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4087.2188 [GMT -5:00]
Running from: c:\users\Mark\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SPL119C.tmp
c:\programdata\SPL1219.tmp
c:\programdata\SPL12D4.tmp
c:\programdata\SPL169B.tmp
c:\programdata\SPL1E1A.tmp
c:\programdata\SPL2700.tmp
c:\programdata\SPL3458.tmp
c:\programdata\SPL58AA.tmp
c:\programdata\SPL59B.tmp
c:\programdata\SPL627.tmp
c:\programdata\SPLA065.tmp
c:\programdata\SPLAAC1.tmp
c:\programdata\SPLAB4B.tmp
c:\programdata\SPLAFDD.tmp
c:\programdata\SPLB0E7.tmp
c:\programdata\SPLB1C1.tmp
c:\programdata\SPLC01.tmp
c:\programdata\SPLC966.tmp
c:\programdata\SPLD24B.tmp
c:\programdata\SPLE32D.tmp
c:\programdata\SPLF102.tmp
c:\programdata\SPLF3DF.tmp
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_plnkhmnoajbfccclonaeepohggeolcih_0
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_plnkhmnoajbfccclonaeepohggeolcih_0\1
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\background.html
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\chromeCoreFilesIndex.txt
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\crossriderManifest.json
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\manifest.xml
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins.json
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\1_base.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\1000020_analytics.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\1000025_analyticsFront.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\1000030_mz.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\102_dealply_m.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\103_intext_5_m.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\17_jQuery.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\175_coolmirage_m.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\182_openUrl.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\207_dbWrapper.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\21_debug.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\22_resources.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\28_initializer.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\47_resources_background.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\64_appApiMessage.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\72_appApiValidation.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\~[Filtered JS Events]~.js.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\userCode\background.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\extensionData\userCode\extension.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\icons\actions\1.png
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\icons\icon128.png
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\icons\icon16.png
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\icons\icon48.png
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\api\chrome.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\api\cookie.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\api\message.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\api\monitor.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\api\pageAction.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\api\pageActionBG.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\background.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\app_api.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\bg_app_api.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\consts.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\cookie_store.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\crossriderAPI.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\delegate.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\events.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\extensionDataStore.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\installer.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\logFile.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\logging.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\onBGDocumentLoad.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\popupResource\newPopup.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\popupResource\popup.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\reports.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\storageWrapper.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\updateManager.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\util.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\lib\xhr.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\main.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\js\platformVersion.js
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\manifest.json
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih\1.26.72_0\popup.html
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\000044.ldb
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\000046.ldb
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\000049.ldb
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\000052.ldb
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\000053.log
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\CURRENT
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\LOCK
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\LOG
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\LOG.old
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plnkhmnoajbfccclonaeepohggeolcih\MANIFEST-000051
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plnkhmnoajbfccclonaeepohggeolcih_0.localstorage-journal
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plnkhmnoajbfccclonaeepohggeolcih_0.localstorage
c:\users\Mark\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome.manifest
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\asyncDB.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\background.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\browserAction.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\contextMenu.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\dbManager.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\dom_bg.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\fileManager.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\firefox.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\firefoxNotifications.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\firefoxOmnibox.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\message.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\pageAction.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\request.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\tabs.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\webRequest.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\background.html
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\baseObject.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\browser.xul
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\console.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\consts.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\delegate.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\extensionDataStore.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\folderIOWrapper.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\httpObserver.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\IDBWrapper.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\installer.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\logFile.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\prefs.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\progressListenerObserver.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\registry.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\reloadObserver.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\reports.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\requestObject.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\searchSettings.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\uninstallObserver.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\updateManager.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\utils.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\core\xhr.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\dialog.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\main.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\options.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\options.xul
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\platformVersion.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\chrome\content\search_dialog.xul
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\defaults\preferences\prefs.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\manifest.xml
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins.json
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\1_base.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\1000020_analytics.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\1000025_analyticsFront.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\1000030_mz.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\102_dealply_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\103_intext_5_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\17_jQuery.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\182_openUrl.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\207_dbWrapper.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\21_debug.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\22_resources.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\226_set_campaign_id_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\28_initializer.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\47_resources_background.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\64_appApiMessage.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\72_appApiValidation.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\~[Filtered JS Events]~.js.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\plugins\98_omniCommands.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\userCode\background.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\extensionData\userCode\extension.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\install.rdf
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\locale\en-US\translations.dtd
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\button1.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\button2.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\button3.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\button4.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\button5.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\crossrider_statusbar.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\icon128.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\icon16.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\icon24.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\icon48.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\panelarrow-up.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\popup.html
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\skin.css
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\34f57b0c-8cdb-4914-818c-928df47c6c4f@3a243122-a6fc-40c9-a1e6-ba11e930da09.com\skin\update.css
.
.
((((((((((((((((((((((((( Files Created from 2014-01-09 to 2014-02-09 )))))))))))))))))))))))))))))))
.
.
2014-02-09 19:09 . 2014-02-09 19:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-09 19:09 . 2014-02-09 19:09 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-02-09 19:09 . 2014-02-09 19:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-09 01:25 . 2012-08-21 18:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-02-09 01:25 . 2014-02-09 01:25 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 01:25 . 2014-02-09 01:25 -------- d-----w- c:\program files\iTunes
2014-02-09 01:25 . 2014-02-09 01:25 -------- d-----w- c:\program files (x86)\iTunes
2014-02-09 01:25 . 2014-02-09 01:25 -------- d-----w- c:\program files\iPod
2014-02-07 00:36 . 2014-02-07 00:58 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-07 00:36 . 2014-02-07 00:36 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-02-07 00:36 . 2014-02-07 01:01 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-02-04 21:07 . 2014-02-04 21:08 -------- d-----w- C:\AdwCleaner
2014-02-03 20:57 . 2014-02-03 20:57 -------- d-----w- c:\users\Mark\.android
2014-02-03 20:57 . 2014-02-03 21:25 -------- d-----w- c:\users\Mark\AppData\Local\cache
2014-02-03 20:57 . 2014-02-04 18:13 -------- d-----w- c:\users\Mark\AppData\Local\genienext
2014-02-03 20:57 . 2014-02-03 21:26 -------- d-----w- c:\users\Mark\AppData\Local\Mobogenie
2014-01-23 10:30 . 2013-12-19 02:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-20 20:29 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-20 20:29 . 2014-01-20 20:29 -------- d-----w- c:\windows\Migration
2014-01-20 20:29 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-20 20:29 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-20 20:29 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-20 20:29 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-20 20:29 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-20 20:29 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-20 20:29 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-20 20:29 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-20 18:37 . 2013-11-19 21:52 34080 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2014-01-20 18:37 . 2014-01-08 20:54 121856 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2014-01-20 18:36 . 2013-12-24 15:40 21184 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-06 20:52 . 2012-07-08 11:06 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-06 20:52 . 2011-06-19 10:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-03 21:31 . 2009-12-23 21:06 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-05 12:02 . 2011-09-10 12:19 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-01-05 12:01 . 2011-09-10 12:18 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-11-26 14:46 . 2013-11-26 14:46 138152 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys
2013-11-26 14:46 . 2013-11-26 14:46 138152 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2013-11-26 11:54 . 2013-12-12 12:11 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 12:11 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 12:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 12:11 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 12:11 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 12:11 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 12:11 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 12:11 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 12:11 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 12:11 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 12:11 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 12:11 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 12:11 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 12:11 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 12:11 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 12:11 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 12:11 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 12:11 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 12:11 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 12:11 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 12:11 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 12:11 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 12:11 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 12:11 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 08:12 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 08:12 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-19 17:41 . 2013-11-19 17:41 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-19 17:41 . 2013-11-19 17:41 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-19 17:41 . 2013-11-19 17:41 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-19 17:41 . 2013-11-19 17:41 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-19 17:41 . 2013-11-19 17:41 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-19 17:41 . 2013-11-19 17:41 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-19 17:41 . 2013-11-19 17:41 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-19 17:41 . 2013-11-19 17:41 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-19 17:41 . 2013-11-19 17:41 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-19 17:41 . 2013-11-19 17:41 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-19 17:41 . 2013-11-19 17:41 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-19 17:41 . 2013-11-19 17:41 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-19 17:41 . 2013-11-19 17:41 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-19 17:41 . 2013-11-19 17:41 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-19 17:41 . 2013-11-19 17:41 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-19 17:41 . 2013-11-19 17:41 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-19 17:41 . 2013-11-19 17:41 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-19 17:41 . 2013-11-19 17:41 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-19 17:41 . 2013-11-19 17:41 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-19 17:41 . 2013-11-19 17:41 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-19 17:41 . 2013-11-19 17:41 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-19 17:41 . 2013-11-19 17:41 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-19 17:41 . 2013-11-19 17:41 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-19 17:41 . 2013-11-19 17:41 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-19 17:41 . 2013-11-19 17:41 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-19 17:41 . 2013-11-19 17:41 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-19 17:41 . 2013-11-19 17:41 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-19 17:41 . 2013-11-19 17:41 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-19 17:41 . 2013-11-19 17:41 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-19 17:41 . 2013-11-19 17:41 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-19 17:41 . 2013-11-19 17:41 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-19 17:41 . 2013-11-19 17:41 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-19 17:41 . 2013-11-19 17:41 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 17:41 . 2013-11-19 17:41 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-19 17:41 . 2013-11-19 17:41 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-19 17:41 . 2013-11-19 17:41 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-19 17:41 . 2013-11-19 17:41 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-19 17:41 . 2013-11-19 17:41 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-19 17:41 . 2013-11-19 17:41 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-19 17:41 . 2013-11-19 17:41 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-19 17:41 . 2013-11-19 17:41 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-19 17:41 . 2013-11-19 17:41 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-19 17:41 . 2013-11-19 17:41 413696 ----a-w- c:\windows\system32\html.iec
2013-11-19 17:41 . 2013-11-19 17:41 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-19 17:41 . 2013-11-19 17:41 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-19 17:41 . 2013-11-19 17:41 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-19 17:41 . 2013-11-19 17:41 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-19 17:41 . 2013-11-19 17:41 235520 ----a-w- c:\windows\system32\url.dll
2013-11-19 17:41 . 2013-11-19 17:41 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-19 17:41 . 2013-11-19 17:41 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-19 17:41 . 2013-11-19 17:41 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-19 17:41 . 2013-11-19 17:41 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-19 17:41 . 2013-11-19 17:41 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-19 17:41 . 2013-11-19 17:41 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-19 17:41 . 2013-11-19 17:41 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-19 17:41 . 2013-11-19 17:41 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-19 17:41 . 2013-11-19 17:41 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-19 17:41 . 2013-11-19 17:41 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-19 17:41 . 2013-11-19 17:41 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-12 02:23 . 2013-12-11 08:12 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 08:12 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Mon 10 Feb 2014, 6:25 am

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVD.exe" [2014-01-23 93096]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2010-12-19 48456]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-10-31 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-10-31 59720]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"FaxCenterServer"="c:\program files (x86)\Lexmark Fax Solutions\fm3032.exe" [2008-06-13 320168]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"UVS10 Preload"="c:\program files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe" [2006-08-09 36864]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-06 43848]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-06 152392]
.
c:\users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Auto Rip n Compress - Extender Monitor.lnk - c:\program files (x86)\AutoRipNCompress\Extender Rip Monitor.exe [2010-6-15 212376]
AutoStart IR.lnk - c:\program files (x86)\WinTV\Ir.exe /QUIET [2013-7-23 117344]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
Media Browser Service.lnk - c:\program files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe [2012-12-24 135168]
WinTV Recording Status.lnk - c:\program files (x86)\WinTV\WinTV7\WinTVTray.exe [2013-7-23 151040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_Dlls"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"My Web Search Bar Search Scope Monitor"="c:\progra~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
"MyWebSearch Email Plugin"=c:\progra~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Jasmio.MediaCenter.Service;Media Center Support Service;c:\program files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe;c:\program files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [x]
R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxdxserv.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ATP;Array Networks SSL VPN Driver;c:\windows\system32\DRIVERS\atpdrvr.sys;c:\windows\SYSNATIVE\DRIVERS\atpdrvr.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;c:\windows\system32\DRIVERS\hcw72ADFilter.sys;c:\windows\SYSNATIVE\DRIVERS\hcw72ADFilter.sys [x]
R3 hcw72ATV;WinTV HVR-950 NTSC;c:\windows\system32\DRIVERS\hcw72ATV.sys;c:\windows\SYSNATIVE\DRIVERS\hcw72ATV.sys [x]
R3 hcw72DTV;WinTV HVR-950 ATSC/QAM;c:\windows\system32\DRIVERS\hcw72DTV.sys;c:\windows\SYSNATIVE\DRIVERS\hcw72DTV.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys;c:\windows\SYSNATIVE\DRIVERS\HtcVComV64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 StkCMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkCMini.sys;c:\windows\SYSNATIVE\Drivers\StkCMini.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2013/11/21 19:25];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl;c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 Array_Utility_Service8.4.6.49;Array Utility Service 8,4,6,49;c:\program files\Array Networks\Common\8,4,6,49\arr_isrv.exe;c:\program files\Array Networks\Common\8,4,6,49\arr_isrv.exe [x]
S2 ArraySSL_VPN_Service8.4.6.49;Array SSL VPN Service 8,4,6,49;c:\program files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe;c:\program files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 chromoting;Chrome Remote Desktop Service;c:\program files (x86)\Google\Chrome Remote Desktop\32.0.1700.98\remoting_host.exe;c:\program files (x86)\Google\Chrome Remote Desktop\32.0.1700.98\remoting_host.exe [x]
S2 HauppaugeTVServer;HauppaugeTVServer;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe;c:\windows\SYSNATIVE\lxdxcoms.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys;c:\windows\SYSNATIVE\DRIVERS\easytthr.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 17:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-04 11:19 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 20:52]
.
2014-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 02:24]
.
2014-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 02:24]
.
2014-02-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2850355330-1140420294-2067073417-1000Core.job
- c:\users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-04 11:48]
.
2014-02-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2850355330-1140420294-2067073417-1000UA.job
- c:\users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-04 11:48]
.
2014-02-06 c:\windows\Tasks\HPCeeScheduleForMark.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15]
.
2013-01-21 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-20 16:07]
.
2011-12-22 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe [2013-06-18 19:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 120328]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-09 172032]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"lxdxmon.exe"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe" [2010-02-04 672424]
"lxdxamon"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe" [2010-02-04 16040]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: images.cdidocs.com\www
Trusted Zone: insidecdi.com\www
Trusted Zone: mycdiexam.com\www
Trusted Zone: tcfef.com\ra
TCP: DhcpNameServer = 192.168.0.1
DPF: {12D7432B-838B-48CA-9558-A51E2F054BFF} - [You must be registered and logged in to see this link.]
DPF: {B6648EB8-2460-484F-9255-9654454C4C70} - [You must be registered and logged in to see this link.]
DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - ExtSQL: 2013-12-15 08:21; [You must be registered and logged in to see this link.]; c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\adsremoval@adsremoval.net
FF - ExtSQL: !HIDDEN! 2009-12-23 16:21; [You must be registered and logged in to see this link.]; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
BHO-{11111111-1111-1111-1111-110411591171} - (no file)
Wow6432Node-HKCU-Run-Advanced SystemCare 6 - c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
Wow6432Node-HKU-Default-Run-Advanced SystemCare 7 - c:\program files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110411591171} - c:\program files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-bho64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Array SSL VPN8,4,6,49 - c:\program files\Array Networks\Common\8
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-02-09 14:12:09
ComboFix-quarantined-files.txt 2014-02-09 19:12
.
Pre-Run: 157,644,054,528 bytes free
Post-Run: 157,371,777,024 bytes free
.
- - End Of File - - C1AA52EF8DB6208671875EF327A6F6A2
4591A5981C69163A700C6B4BD3E9AF59

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Mon 10 Feb 2014, 7:12 am

Internet Explorer's security is based upon a set of zones. Each zone has different security in terms of what scripts and applications can be run from a site that is in that zone. There is a security zone called the Trusted Zone. This zone has the lowest security and allows scripts and applications from sites in this zone to run without your knowledge. It is therefore a popular setting for malware sites to use so that future infections can be easily done on your computer without your knowledge as these sites will be in the Trusted Zone. Therefore, I recommend that nothing be allowed in the trusted zone. If you agree, please do the following. Normally, I can repair this with a ComboFix script but since it was run from the incorrect location this is the way to fix that.
Is there any change?

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Tue 11 Feb 2014, 5:19 am

No changes. Since IE was unresponsive I was unable to access "Internet Options" through IE. I had to search internet options through the start menu and open from there. I deleted all the trusted sites and set the trusted sites security to high. Still no changes to IE

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Tue 11 Feb 2014, 5:56 am

Could you check to see if you still have this program on your computer? If you find it, could you please uninstall it?
Program Files\HDvid Codec V6.0

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Tue 11 Feb 2014, 6:19 am

There is no evidence that HDVid is on the computer. The folder is not listed. I have also searched for HDVid and searched hidden files and folders. I have noticed that the annoying ad links are no longer showing in chrome.

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Tue 11 Feb 2014, 10:06 am

Ok, please run MBAM again and see if it comes up clean.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Wed 12 Feb 2014, 6:21 am

Malwarebytes Anti-Malware 1.75.0.1300
[You must be registered and logged in to see this link.]

Database version: v2014.02.11.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Mark :: MARK-PC [administrator]

2/11/2014 12:16:04 PM
mbam-log-2014-02-11 (12-16-04).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 597826
Time elapsed: 2 hour(s), 3 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\HDvid Codec V6.0 (PUP.Optional.HDVidCndec.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Wed 12 Feb 2014, 6:36 am

Still no response. Check out the screenshot. There is some weird frame in the browser (lower grey section).

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Wed 12 Feb 2014, 7:28 am

What browser is that? What happens with the other browsers?

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Wed 12 Feb 2014, 9:30 am

That is Internet Explorer (I blacked out my favorites). Chrome and Mozilla seem to be working fine.

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Superdave on Wed 12 Feb 2014, 10:43 am

Download the Fix IE Utility to your desktop.

Before running the utility, make sure that all your Internet Explorer windows are closed!

* Extract the contents of the .zip file to your desktop.
* Double click the Fix IE Utility button to run the tool.
* Click Run Utility
* Click OK when you see 'Re-registered all files'
* Open Internet Explorer and see how it works.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by siouxlini on Wed 12 Feb 2014, 12:13 pm

No joy. still unresponsive. The frame bar is no longer there, so that is progress. This is a bugger I just don't understand.

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Re: Internet Browsers unresponsive or acting up

Post by Sponsored content Today at 11:11 am


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum