WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


Browsers freezing..

2 posters

descriptionBrowsers freezing.. EmptyBrowsers freezing..29th January 2011, 4:48 pm

more_horiz
Hello, My uncles PC has been freezing when they are using IE, seems to have all of a sudden happened after their mcafee ran out! Hmmm i wonder! ;-)

Here are the logs, i ran the logs in safe mode and normal windows mode, so here you go....


OTL logfile created on: 1/29/2011 4:19:07 PM - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Yasub Khan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 591.00 Mb Available Physical Memory | 58.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.04 Gb Total Space | 61.66 Gb Free Space | 86.79% Space Free | Partition Type: NTFS
Drive D: | 72.00 Gb Total Space | 71.91 Gb Free Space | 99.88% Space Free | Partition Type: NTFS
Drive E: | 124.60 Mb Total Space | 110.35 Mb Free Space | 88.56% Space Free | Partition Type: FAT

Computer Name: BRAVEHEART | User Name: Yasub Khan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/29 15:49:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yasub Khan\Desktop\OTL (1).com
PRC - [2010/11/17 22:58:25 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010/10/03 22:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2009/10/08 23:00:19 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
PRC - [2009/07/28 00:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2009/06/18 23:03:27 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/03/23 16:41:06 | 000,603,488 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/10/20 17:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2008/10/07 01:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/06/19 10:42:12 | 000,857,544 | ---- | M] () -- C:\Program Files\T-Mobile\web'n'walk Manager\WTGU.exe
PRC - [2008/05/21 23:44:30 | 000,299,008 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe
PRC - [2008/05/21 03:02:08 | 000,372,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\MagicKBD.exe
PRC - [2008/04/14 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/28 22:00:10 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2008/01/25 00:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008/01/09 14:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2007/12/21 03:40:30 | 000,659,456 | ---- | M] (Samsung Electronics,.LTD) -- C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
PRC - [2007/11/01 17:12:38 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007/08/15 11:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/08/04 09:33:14 | 000,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007/07/24 19:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 22:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/01/29 15:49:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yasub Khan\Desktop\OTL (1).com
MOD - [2010/11/17 22:59:18 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/08/23 16:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/03/23 16:39:56 | 000,094,273 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2008/07/29 08:05:08 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
MOD - [2008/07/29 08:05:08 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/10/03 22:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2009/04/21 08:09:00 | 000,282,624 | ---- | M] (Marvell) [Auto | Running] -- C:\WINDOWS\system32\yk51x86.dll -- (yksvc)
SRV - [2008/05/13 15:44:00 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2008/01/25 00:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/01/09 14:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007/12/05 09:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007/11/07 08:35:40 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007/08/15 11:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007/07/24 19:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007/07/18 22:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)


========== Driver Services (SafeList) ==========

DRV - [2010/10/03 22:54:04 | 000,034,792 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\19917\RapportCerberus_19917.sys -- (RapportCerberus_19917)
DRV - [2010/10/03 22:43:44 | 000,169,320 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/10/03 22:43:44 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2009/04/21 08:09:00 | 000,297,344 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009/03/19 12:19:54 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/02/18 08:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/10/30 20:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/10/08 06:35:10 | 001,334,432 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/09/23 20:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008/08/28 18:18:14 | 000,224,736 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/08/26 23:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/22 18:56:54 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/08/22 18:56:50 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/08/22 18:56:36 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008/08/22 18:56:28 | 000,007,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/07/24 08:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/06/02 17:50:02 | 000,117,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008/05/05 16:42:18 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/04/14 12:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/15 20:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/02/11 16:07:00 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008/02/04 08:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/01/15 02:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2007/12/02 11:51:42 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007/11/22 05:44:08 | 000,201,320 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007/11/22 05:44:08 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007/11/22 05:44:08 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/11/22 05:44:04 | 000,033,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2005/10/27 04:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {df655c49-d4a4-466f-8044-c86294e906c8} - C:\Program Files\AOL UK Toolbar\aoluktb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {df655c49-d4a4-466f-8044-c86294e906c8} - C:\Program Files\AOL UK Toolbar\aoluktb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AOL Search powered by Google"
FF - prefs.js..browser.search.defaultthis.engineName: "TV Bar 1.4 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2320606&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "TV Bar 1.4 Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {12e57d18-f8f7-4b76-af63-605365ab88ec}:5.91.1.3555
FF - prefs.js..extensions.enabledItems: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {6169170a-f4d7-44a1-881f-f7ff71c52670}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2320606&q="


FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/17 22:59:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/13 22:06:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/13 22:06:49 | 000,000,000 | ---D | M]

[2009/12/25 13:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yasub Khan\Application Data\Mozilla\Extensions
[2011/01/28 02:49:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yasub Khan\Application Data\Mozilla\Firefox\Profiles\qasde2gj.default\extensions
[2010/02/03 22:29:07 | 000,000,000 | ---D | M] (AOL UK Toolbar) -- C:\Documents and Settings\Yasub Khan\Application Data\Mozilla\Firefox\Profiles\qasde2gj.default\extensions\{12e57d18-f8f7-4b76-af63-605365ab88ec}
[2010/08/31 10:23:13 | 000,000,000 | ---D | M] (Free TV Bar c3 Toolbar) -- C:\Documents and Settings\Yasub Khan\Application Data\Mozilla\Firefox\Profiles\qasde2gj.default\extensions\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}
[2011/01/15 17:48:43 | 000,000,000 | ---D | M] (TV Bar 1.4 Community Toolbar) -- C:\Documents and Settings\Yasub Khan\Application Data\Mozilla\Firefox\Profiles\qasde2gj.default\extensions\{6169170a-f4d7-44a1-881f-f7ff71c52670}
[2011/01/15 17:48:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Yasub Khan\Application Data\Mozilla\Firefox\Profiles\qasde2gj.default\extensions\engine@conduit.com
[2010/02/03 22:29:38 | 000,004,590 | ---- | M] () -- C:\Documents and Settings\Yasub Khan\Application Data\Mozilla\Firefox\Profiles\qasde2gj.default\searchplugins\aol-search-powered-by-google.xml
[2010/09/23 13:01:40 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Yasub Khan\Application Data\Mozilla\Firefox\Profiles\qasde2gj.default\searchplugins\conduit.xml
[2011/01/28 02:49:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/19 22:36:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/01/06 16:50:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/17 22:59:19 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/09/19 22:36:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2008/04/14 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (AOL UK Toolbar Loader) - {c7651f6e-3592-4612-b4e0-e0d471da0626} - C:\Program Files\AOL UK Toolbar\aoluktb.dll (AOL LLC.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL UK Toolbar) - {1e7144b2-0b4e-435a-af95-d925c184dab3} - C:\Program Files\AOL UK Toolbar\aoluktb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL UK Toolbar) - {1E7144B2-0B4E-435A-AF95-D925C184DAB3} - C:\Program Files\AOL UK Toolbar\aoluktb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
O4 - HKLM..\Run: [MagicKeyboard] C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\WTGU.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Yasub Khan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Yasub Khan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/18 22:53:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{27018992-b45e-11de-a520-00265ed6808c}\Shell - "" = AutoRun
O33 - MountPoints2\{27018992-b45e-11de-a520-00265ed6808c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{27018992-b45e-11de-a520-00265ed6808c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{abc06370-7550-11df-a662-00265ed6808c}\Shell - "" = AutoRun
O33 - MountPoints2\{abc06370-7550-11df-a662-00265ed6808c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{abc06370-7550-11df-a662-00265ed6808c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{abc06371-7550-11df-a662-00265ed6808c}\Shell - "" = AutoRun
O33 - MountPoints2\{abc06371-7550-11df-a662-00265ed6808c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{abc06371-7550-11df-a662-00265ed6808c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{abc06373-7550-11df-a662-00265ed6808c}\Shell - "" = AutoRun
O33 - MountPoints2\{abc06373-7550-11df-a662-00265ed6808c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{abc06373-7550-11df-a662-00265ed6808c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{abc06374-7550-11df-a662-00265ed6808c}\Shell - "" = AutoRun
O33 - MountPoints2\{abc06374-7550-11df-a662-00265ed6808c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{abc06374-7550-11df-a662-00265ed6808c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d1ac3d46-b388-11de-a51c-00265ed6808c}\Shell - "" = AutoRun
O33 - MountPoints2\{d1ac3d46-b388-11de-a51c-00265ed6808c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d1ac3d46-b388-11de-a51c-00265ed6808c}\Shell\AutoRun\command - "" = E:\VersionControl.exe
O33 - MountPoints2\{f68ae6c6-b527-11de-a521-00265ed6808c}\Shell - "" = AutoRun
O33 - MountPoints2\{f68ae6c6-b527-11de-a521-00265ed6808c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f68ae6c6-b527-11de-a521-00265ed6808c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/29 16:01:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011/01/29 15:51:55 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Yasub Khan\Desktop\OTL (1).com
[2011/01/06 16:50:53 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/01/06 16:50:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/01/06 16:50:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/29 16:14:19 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E6C4977E-58A9-4124-9C3B-1A74FEF8F863}.job
[2011/01/29 16:12:26 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3621788340-936788757-144521273-1005.job
[2011/01/29 16:12:20 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/29 16:12:19 | 000,000,887 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk
[2011/01/29 16:11:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/29 16:11:52 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/29 16:11:24 | 000,016,210 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2011/01/29 15:49:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yasub Khan\Desktop\OTL (1).com
[2011/01/28 11:06:39 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/27 02:19:28 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3621788340-936788757-144521273-1005.job
[2011/01/27 01:07:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/15 03:05:49 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/29 16:11:52 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/18 15:58:16 | 000,054,272 | ---- | C] () -- C:\Documents and Settings\Yasub Khan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/04 13:17:14 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Yasub Khan_KBD.ini
[2009/08/10 17:38:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/06/18 23:05:29 | 000,000,002 | ---- | C] () -- C:\WINDOWS\HotFixList.ini
[2009/06/18 23:05:24 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI
[2009/06/18 23:05:24 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Owner_KBD.ini
[2009/06/18 23:05:22 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI
[2009/06/18 23:05:22 | 000,002,741 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI
[2009/06/18 23:05:22 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI
[2009/06/18 23:05:22 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI
[2009/06/18 23:05:22 | 000,002,606 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI
[2009/06/18 23:05:22 | 000,002,236 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI
[2009/06/18 23:05:22 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI
[2009/06/18 23:05:22 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI
[2009/06/18 23:05:22 | 000,001,857 | ---- | C] () -- C:\WINDOWS\System32\KBDUU.INI
[2009/06/18 23:05:22 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI
[2009/06/18 23:05:22 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI
[2009/06/18 23:05:22 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\KBDU.INI
[2009/06/18 23:05:22 | 000,001,819 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI
[2009/06/18 23:05:22 | 000,001,699 | ---- | C] () -- C:\WINDOWS\System32\KBDT.INI
[2009/06/18 23:05:22 | 000,001,697 | ---- | C] () -- C:\WINDOWS\System32\KBDV.INI
[2009/06/18 23:05:22 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI
[2009/06/18 23:05:22 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI
[2009/06/18 23:03:16 | 000,000,135 | R--- | C] () -- C:\WINDOWS\System32\lngEng.ini
[2009/06/18 23:03:16 | 000,000,117 | ---- | C] () -- C:\WINDOWS\System32\lngKor.ini
[2009/06/18 23:00:02 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/06/18 22:57:35 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS
[2009/06/18 15:45:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/23 16:40:06 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/06/18 22:34:35 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007/12/12 12:44:44 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\RemoveDevice.dll
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/18 22:53:08 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2007/02/26 23:49:10 | 001,744,896 | ---- | M] (TopThinks, INC.) -- C:\WINDOWS\imagine digital freedom.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/06/18 22:53:49 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/09/04 13:16:59 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Yasub Khan\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/06/18 22:57:50 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Yasub Khan\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2010/09/10 01:22:27 | 000,567,680 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Yasub Khan\My Documents\ChromeSetup.exe
[2009/12/28 19:15:43 | 093,234,472 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Yasub Khan\My Documents\iTunesSetup.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/13 22:06:36 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/13 22:06:37 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/13 22:06:44 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2010/12/13 22:06:46 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/09/04 13:16:57 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Yasub Khan\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/06/18 15:44:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/06/18 15:44:21 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/06/18 15:44:21 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2008/04/14 12:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2008/04/14 12:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2008/04/14 12:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2008/04/14 12:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2008/04/14 12:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2005/10/27 04:18:05 | 000,004,300 | ---- | M] () -- C:\WINDOWS\system32\MEMIO.SYS
[2008/04/14 12:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2008/04/14 12:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2008/04/14 12:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2008/04/14 12:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2008/04/14 12:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2008/04/14 12:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2008/04/14 12:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2008/04/14 12:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2008/04/14 12:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2008/04/14 12:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/14 12:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/10/26 13:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2005/10/27 04:18:05 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\drivers\Marker.exe

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %SYSTEMDRIVE%\*.* >
[2009/06/18 22:53:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/09/04 13:16:12 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2009/06/18 22:53:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/01/29 16:11:52 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/18 22:53:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/06/18 22:53:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 12:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/01/29 16:11:51 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2009/07/09 18:57:37 | 000,000,159 | ---- | M] () -- C:\setup.log
[2009/10/18 15:57:45 | 000,000,432 | ---- | M] () -- C:\Shortcut to Shared Documents.lnk

< %PROGRAMFILES%\*. >
[2009/10/07 15:15:33 | 000,000,000 | ---D | M] -- C:\Program Files\3
[2010/09/23 20:12:39 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/01/27 17:09:42 | 000,000,000 | ---D | M] -- C:\Program Files\AOL UK Toolbar
[2009/06/18 23:00:48 | 000,000,000 | ---D | M] -- C:\Program Files\Atheros WLAN Client
[2010/11/17 22:59:27 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/06/18 22:51:12 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/11/17 22:55:23 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/10/07 15:15:33 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/06/18 22:58:05 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/12/17 00:30:39 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/01/06 16:50:47 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/06/18 23:00:21 | 000,000,000 | ---D | M] -- C:\Program Files\Marvell
[2009/11/09 21:34:43 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2009/11/08 22:11:12 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2009/06/18 23:05:54 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2009/09/05 00:17:15 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/06/18 22:53:53 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/12/20 01:26:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/08/13 05:11:10 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/12/13 22:07:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/06/18 22:49:59 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2009/06/18 22:50:09 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/06/18 23:03:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/06/18 22:51:42 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/06/18 22:50:17 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/17 00:27:40 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/11/17 22:59:32 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/06/18 22:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/09/04 13:18:39 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2009/06/18 23:01:06 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/10/08 22:59:29 | 000,000,000 | ---D | M] -- C:\Program Files\T-Mobile
[2010/09/23 20:13:16 | 000,000,000 | ---D | M] -- C:\Program Files\Times Reader
[2010/02/08 01:22:06 | 000,000,000 | ---D | M] -- C:\Program Files\Trusteer
[2009/06/18 22:57:39 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/06/18 23:01:09 | 000,000,000 | ---D | M] -- C:\Program Files\Vimicro Corporation
[2009/09/04 13:17:29 | 000,000,000 | ---D | M] -- C:\Program Files\WIDCOMM
[2009/06/18 22:53:40 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/06/18 22:50:06 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/06/18 22:52:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/06/18 22:53:53 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2009/10/07 15:16:21 | 000,000,000 | ---D | M] -- C:\Program Files\ZTE_MF6X6_USB_MODEM_1.2050.0.6

< %appdata%\*.* >
[2009/06/18 15:45:17 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Yasub Khan\Application Data\desktop.ini


< MD5 for: AGP440.SYS >
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008/04/14 07:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/14 07:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 12:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:disk.sys
[2008/04/14 12:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 12:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 12:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:usbstor.sys
[2008/04/14 07:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2008/04/14 07:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-01-12 17:02:01

< End of report >
[2011/01/29 16:14:19 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E6C4977E-58A9-4124-9C3B-1A74FEF8F863}.job
[2011/01/29 16:12:26 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3621788340-936788757-144521273-1005.job
[2011/01/29 16:12:20 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/29 16:12:19 | 000,000,887 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk
[2011/01/29 16:11:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/29 15:49:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yasub Khan\Desktop\OTL (1).com
[2011/01/28 11:06:39 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/27 02:19:28 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3621788340-936788757-144521273-1005.job
[2011/01/27 01:07:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/15 03:05:49 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/18 22:53:08 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2007/02/26 23:49:10 | 001,744,896 | ---- | M] (TopThinks, INC.) -- C:\WINDOWS\imagine digital freedom.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/06/18 22:53:49 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/09/04 13:16:59 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Yasub Khan\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/06/18 22:57:50 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Yasub Khan\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2010/09/10 01:22:27 | 000,567,680 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Yasub Khan\My Documents\ChromeSetup.exe
[2009/12/28 19:15:43 | 093,234,472 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Yasub Khan\My Documents\iTunesSetup.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/13 22:06:36 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/13 22:06:37 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/13 22:06:44 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2010/12/13 22:06:46 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/09/04 13:16:57 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Yasub Khan\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/06/18 15:44:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/06/18 15:44:21 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/06/18 15:44:21 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2008/04/14 12:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2008/04/14 12:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2008/04/14 12:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2008/04/14 12:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2008/04/14 12:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2005/10/27 04:18:05 | 000,004,300 | ---- | M] () -- C:\WINDOWS\system32\MEMIO.SYS
[2008/04/14 12:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2008/04/14 12:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2008/04/14 12:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2008/04/14 12:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2008/04/14 12:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2008/04/14 12:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2008/04/14 12:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2008/04/14 12:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2008/04/14 12:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2008/04/14 12:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/14 12:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/10/26 13:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2005/10/27 04:18:05 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\drivers\Marker.exe

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %SYSTEMDRIVE%\*.* >
[2009/06/18 22:53:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/09/04 13:16:12 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2009/06/18 22:53:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/01/29 16:11:52 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/18 22:53:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/06/18 22:53:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 12:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/01/29 16:11:51 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2009/07/09 18:57:37 | 000,000,159 | ---- | M] () -- C:\setup.log
[2009/10/18 15:57:45 | 000,000,432 | ---- | M] () -- C:\Shortcut to Shared Documents.lnk

< %PROGRAMFILES%\*. >
[2009/10/07 15:15:33 | 000,000,000 | ---D | M] -- C:\Program Files\3
[2010/09/23 20:12:39 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/01/27 17:09:42 | 000,000,000 | ---D | M] -- C:\Program Files\AOL UK Toolbar
[2009/06/18 23:00:48 | 000,000,000 | ---D | M] -- C:\Program Files\Atheros WLAN Client
[2010/11/17 22:59:27 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/06/18 22:51:12 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/11/17 22:55:23 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/10/07 15:15:33 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/06/18 22:58:05 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/12/17 00:30:39 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/01/06 16:50:47 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/06/18 23:00:21 | 000,000,000 | ---D | M] -- C:\Program Files\Marvell
[2009/11/09 21:34:43 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2009/11/08 22:11:12 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2009/06/18 23:05:54 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2009/09/05 00:17:15 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/06/18 22:53:53 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/12/20 01:26:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/08/13 05:11:10 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/12/13 22:07:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/06/18 22:49:59 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2009/06/18 22:50:09 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/06/18 23:03:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/06/18 22:51:42 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/06/18 22:50:17 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/17 00:27:40 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/11/17 22:59:32 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/06/18 22:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/09/04 13:18:39 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2009/06/18 23:01:06 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/10/08 22:59:29 | 000,000,000 | ---D | M] -- C:\Program Files\T-Mobile
[2010/09/23 20:13:16 | 000,000,000 | ---D | M] -- C:\Program Files\Times Reader
[2010/02/08 01:22:06 | 000,000,000 | ---D | M] -- C:\Program Files\Trusteer
[2009/06/18 22:57:39 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/06/18 23:01:09 | 000,000,000 | ---D | M] -- C:\Program Files\Vimicro Corporation
[2009/09/04 13:17:29 | 000,000,000 | ---D | M] -- C:\Program Files\WIDCOMM
[2009/06/18 22:53:40 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/06/18 22:50:06 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/06/18 22:52:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/06/18 22:53:53 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2009/10/07 15:16:21 | 000,000,000 | ---D | M] -- C:\Program Files\ZTE_MF6X6_USB_MODEM_1.2050.0.6

< %appdata%\*.* >
[2009/06/18 15:45:17 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Yasub Khan\Application Data\desktop.ini


< MD5 for: AGP440.SYS >
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008/04/14 07:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/14 07:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 12:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:disk.sys
[2008/04/14 12:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 12:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 12:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/04/14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:usbstor.sys
[2008/04/14 07:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2008/04/14 07:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-01-12 17:02:01

< End of report >


descriptionBrowsers freezing.. EmptyRe: Browsers freezing..29th January 2011, 4:49 pm

more_horiz
OTL Extras logfile created on: 1/29/2011 4:02:11 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 823.00 Mb Available Physical Memory | 81.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.04 Gb Total Space | 62.66 Gb Free Space | 88.20% Space Free | Partition Type: NTFS
Drive D: | 72.00 Gb Total Space | 71.91 Gb Free Space | 99.88% Space Free | Partition Type: NTFS
Drive E: | 124.60 Mb Total Space | 110.47 Mb Free Space | 88.66% Space Free | Partition Type: FAT

Computer Name: BRAVEHEART | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 23
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5CBB720F-08E6-4043-B83F-76C277AF6DE7}" = Samsung Wallpaper
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager
"{A75BC59B-10BF-6B87-DCC7-3501F158ACC6}" = Times Reader
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABB14904-A11B-4F42-996C-80FD608A0F17}" = Samsung EDS
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD723E53-A42C-4702-AA04-1D74A0311590}" = Magic Keyboard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL UK Toolbar" = AOL UK Toolbar
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"Marvell Miniport Driver" = Marvell Miniport Driver
"McAfee Security Scan" = McAfee Security Scan
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSC" = McAfee SecurityCenter
"Rapport_msi" = Rapport
"RealPlayer 12.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"web'n'walk Manager" = web'n'walk Manager
"ZTE_MF6X6_USB_MODEM_1.2050.0.6" = ZTE_MF6X6_USB_MODEM_1.2050.0.6

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/13/2010 11:23:01 AM | Computer Name = BRAVEHEART | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/22/2010 10:33:24 PM | Computer Name = BRAVEHEART | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 11/22/2010 10:37:46 PM | Computer Name = BRAVEHEART | Source = Application Hang | ID = 1002
Description = Hanging application mcupdui.exe, version 8.1.139.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/22/2010 10:38:16 PM | Computer Name = BRAVEHEART | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/22/2010 10:38:19 PM | Computer Name = BRAVEHEART | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/22/2010 10:39:12 PM | Computer Name = BRAVEHEART | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/22/2010 10:39:32 PM | Computer Name = BRAVEHEART | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/1/2011 2:37:48 PM | Computer Name = BRAVEHEART | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 3632 (0xe30) Thread address : 0x120844A0 Thread message : Build VSCORE.14.0.0.349
/ 5301.4018 Object being scanned = \Device\HarddiskVolume2\Documents and Settings

by C:\WINDOWS\System32\svchost.exe 17018(0)(0) 17017(0)(2) 7007(0)(0) 5006(0)(0)

5004(0)(0) 5003(0)(0) 5002(0)(1) 15002(0)(0)

Error - 1/28/2011 4:27:09 PM | Computer Name = BRAVEHEART | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This operation returned because the timeout period expired.

Error - 1/28/2011 4:27:09 PM | Computer Name = BRAVEHEART | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

[ System Events ]
Error - 1/20/2011 11:53:52 AM | Computer Name = BRAVEHEART | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .

Error - 1/23/2011 12:07:34 PM | Computer Name = BRAVEHEART | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.

Error - 1/23/2011 12:07:34 PM | Computer Name = BRAVEHEART | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .

Error - 1/23/2011 12:07:34 PM | Computer Name = BRAVEHEART | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .

Error - 1/27/2011 11:02:16 PM | Computer Name = BRAVEHEART | Source = DCOM | ID = 10010
Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register
with DCOM within the required timeout.

Error - 1/29/2011 12:01:28 PM | Computer Name = BRAVEHEART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 1/29/2011 12:01:37 PM | Computer Name = BRAVEHEART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 1/29/2011 12:02:42 PM | Computer Name = BRAVEHEART | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm mfehidk

Error - 1/29/2011 12:03:02 PM | Computer Name = BRAVEHEART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNASvc with
arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}

Error - 1/29/2011 12:03:03 PM | Computer Name = BRAVEHEART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNASvc with
arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}


< End of report >

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..29th January 2011, 11:37 pm

more_horiz
Hello.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Browsers freezing.. DXwU4
Browsers freezing.. VvYDg

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..30th January 2011, 7:53 pm

more_horiz
thanks for getting back to me, please see the log from malware..


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5640

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/30/2011 7:46:25 PM
mbam-log-2011-01-30 (19-46-25).txt

Scan type: Quick scan
Objects scanned: 154148
Time elapsed: 16 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..31st January 2011, 12:45 am

more_horiz
Hello.

  • Download combofix from here
    Link 1

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:

    Browsers freezing.. CF_download_FF

    Browsers freezing.. CF_download_rename

    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.

    Browsers freezing.. Cf410

  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes

    Browsers freezing.. Cf510

  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Browsers freezing.. DXwU4
Browsers freezing.. VvYDg

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..31st January 2011, 8:00 pm

more_horiz
here you go...


ComboFix 11-01-31.01 - Yasub Khan 01/31/2011 19:46:46.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.594 [GMT 0:00]
Running from: c:\documents and settings\Yasub Khan\Desktop\Combo-Fix.exe
AV: McAfee VirusScan *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.

((((((((((((((((((((((((( Files Created from 2010-12-28 to 2011-01-31 )))))))))))))))))))))))))))))))
.

2011-01-31 19:33 . 2011-01-31 19:37 -------- d-----w- C:\Combo-Fix
2011-01-30 19:16 . 2011-01-30 19:16 -------- d-----w- c:\documents and settings\Yasub Khan\Application Data\Malwarebytes
2011-01-30 19:15 . 2010-12-20 18:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-30 19:15 . 2011-01-30 19:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-30 19:15 . 2010-12-20 18:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-30 19:15 . 2011-01-30 19:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-29 16:01 . 2011-01-29 16:01 -------- d--h--w- c:\windows\PIF
2011-01-29 16:01 . 2011-01-29 16:01 -------- d-----w- c:\documents and settings\Administrator

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2009-06-18 22:51 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-17 22:58 . 2010-11-17 22:58 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-17 22:58 . 2010-11-17 22:58 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-12 18:53 . 2010-09-19 22:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 16:34 . 2010-09-19 22:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2008-06-18 22:34 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26 . 2008-06-18 22:34 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2008-06-18 22:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2008-06-18 22:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2008-06-18 22:33 385024 ----a-w- c:\windows\system32\html.iec
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-18 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"EDS"="c:\program files\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-21 659456]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"DMHotKey"="c:\program files\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944]
"BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-10-20 2768896]
"MagicKeyboard"="c:\program files\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-15 151552]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-04 582992]
"DataCardMonitor"="c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe" [2009-10-08 253952]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2010-11-17 274608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-3-23 603488]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
WTGU.lnk - c:\program files\T-Mobile\web'n'walk Manager\WTGU.exe [2009-10-8 857544]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [10/3/2010 10:43 PM 59240]
R1 RapportCerberus_19917;RapportCerberus_19917;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\19917\RapportCerberus_19917.sys [10/3/2010 10:54 PM 34792]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [10/3/2010 10:43 PM 169320]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [6/18/2009 10:57 PM 4300]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [10/3/2010 10:43 PM 767208]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [6/18/2008 10:34 PM 14336]
R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [1/15/2008 2:01 AM 30208]
R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [6/18/2009 11:01 PM 238464]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [11/17/2010 10:54 PM 136176]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [8/22/2008 6:56 PM 7680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
.
Contents of the 'Scheduled Tasks' folder

2011-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-17 22:53]

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-17 22:53]

2010-11-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-18 12:32]

2010-03-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-18 12:32]

2011-01-31 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3621788340-936788757-144521273-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 11:33]

2011-01-31 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3621788340-936788757-144521273-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 11:33]

2011-01-31 c:\windows\Tasks\User_Feed_Synchronization-{E6C4977E-58A9-4124-9C3B-1A74FEF8F863}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Yasub Khan\Application Data\Mozilla\Firefox\Profiles\qasde2gj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2320606&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - TV Bar 1.4 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2320606&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: AOL UK Toolbar: {12e57d18-f8f7-4b76-af63-605365ab88ec} - %profile%\extensions\{12e57d18-f8f7-4b76-af63-605365ab88ec}
FF - Ext: Free TV Bar c3 Toolbar: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - %profile%\extensions\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: TV Bar 1.4 Community Toolbar: {6169170a-f4d7-44a1-881f-f7ff71c52670} - %profile%\extensions\{6169170a-f4d7-44a1-881f-f7ff71c52670}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-31 19:55
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DataCardMonitor = c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe?rs\CancelAutoplay\CLSID?S\Syste?? ?B?????????=?????L???SOFTWARE\Microsoft\Windows\CurrentVersion\Run?ES ???5???????OCUME~1\YASUBK~1\LOCALS~1\Temp\DataCardPM32.tmp? 28 Stepping 2, Genu?? ????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2780)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2011-01-31 19:58:16
ComboFix-quarantined-files.txt 2011-01-31 19:58

Pre-Run: 66,368,729,088 bytes free
Post-Run: 66,904,948,736 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - F73D9A66F33678641F7DD1210FBA049F

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..1st February 2011, 1:46 am

more_horiz
Hello.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Browsers freezing.. DXwU4
Browsers freezing.. VvYDg

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..2nd February 2011, 9:56 pm

more_horiz
Hello, I ran the scanner and no threats were found!! Smile...

Am i good to go and install firewalls, updates, java etc?

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..3rd February 2011, 1:21 am

more_horiz
Hello.
You already have the latest Java, just do these updates via my instructions below.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Adobe Reader 8.1.2
    J2SE Runtime Environment 5.0

Then download and install Adobe Reader X

How is the machine running now?

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Browsers freezing.. DXwU4
Browsers freezing.. VvYDg

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..3rd February 2011, 8:32 pm

more_horiz
yeah its looking much better! thanks for your help..

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..4th February 2011, 12:01 am

more_horiz
Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

AntiSpyware

  • SpywareBlaster
    SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
  • Spybot - Search & Destroy.
    Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).

NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Securing your computer

  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.

Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:
Thank you for choosing GeekPolice. Please leave feedback!

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Browsers freezing.. DXwU4
Browsers freezing.. VvYDg

descriptionBrowsers freezing.. EmptyRe: Browsers freezing..

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum