Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IE8 stops responding upon viewing site.


  • Please log in to reply

#1
Cstaffa

Cstaffa

    Member

  • Member
  • PipPip
  • 32 posts
Upon trying to open http://thebloggess.c...k-your-battles/, iexplore CPU usage goes above 50% and IE stops responding.

Malwarebytes' mbam finds nothing. McAfee found nothing and has been removed. Avast was installed and finds nothing.

Minimal Output OTL log follows, full output and OTL Extras log available on request:

OTL logfile created on: 8/12/2011 11:41:27 PM - Run 4
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Noodle\Desktop\fixstuff
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.00 Mb Total Physical Memory | 651.92 Mb Available Physical Memory | 63.73% Memory free
2.41 Gb Paging File | 2.14 Gb Available in Paging File | 89.07% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 6.09 Gb Free Space | 16.37% Space Free | Partition Type: NTFS
Drive D: | 18.63 Gb Total Space | 6.51 Gb Free Space | 34.94% Space Free | Partition Type: FAT32
Drive E: | 18.62 Gb Total Space | 12.81 Gb Free Space | 68.82% Space Free | Partition Type: FAT32
Drive H: | 3.82 Gb Total Space | 0.73 Gb Free Space | 19.03% Space Free | Partition Type: FAT32

Computer Name: 400SC-1 | User Name: Noodle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Noodle\Desktop\fixstuff\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\IOGear\ION\IoctlSvc.exe (Prolific Technology Inc.)
PRC - C:\Program Files\Dantz\Retrospect\retrorun.exe (Dantz Development Corporation)
PRC - C:\WINDOWS\system32\tbctray.exe (Voyetra Turtle Beach, Inc.)
PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Noodle\Desktop\fixstuff\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Logitech\MouseWare\system\LGMOUSHK.DLL (Logitech Inc. )


========== Win32 Services (SafeList) ==========

SRV - (Tomcat6) -- File not found
SRV - (OracleOraDb11g_home1ConfigurationManager) -- File not found
SRV - (HidServ) -- File not found
SRV - (Bonjour Service) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (Imapi Helper) -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe (Alex Feinman)
SRV - (PLFlash DeviceIoControl Service) -- C:\Program Files\IOGear\ION\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (Retrospect Helper) -- C:\Program Files\Dantz\Retrospect\rthlpsvc.exe (Dantz Development Corporation)
SRV - (RetroLauncher) -- C:\Program Files\Dantz\Retrospect\retrorun.exe (Dantz Development Corporation)
SRV - (EC2007Service) -- C:\WINDOWS\system32\ec27ser.exe ()


========== Driver Services (SafeList) ==========

DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\EG1032xp.sys (Linksys, A Division of Cisco Systems, Inc )
DRV - (PCDCODEC) -- C:\WINDOWS\system32\drivers\atinpdxx.sys (ATI Technologies Inc.)
DRV - (MVDCODEC) -- C:\WINDOWS\system32\drivers\atinmdxx.sys (ATI Technologies Inc.)
DRV - (atinrvxx) -- C:\WINDOWS\system32\drivers\atinrvxx.sys (ATI Technologies Inc.)
DRV - (ATIXSAudio) -- C:\WINDOWS\system32\drivers\atinxsxx.sys (ATI Technologies Inc.)
DRV - (ativraxx) -- C:\WINDOWS\system32\drivers\atinraxx.sys (ATI Technologies Inc.)
DRV - (ATITUNEP) -- C:\WINDOWS\system32\drivers\atintuxx.sys (ATI Technologies Inc.)
DRV - (vtdg46xx) -- C:\Program Files\Turtle Beach\Santa Cruz\Control Panel\vtdg46xx.sys ()
DRV - (mbmiodrvr) -- C:\WINDOWS\system32\mbmiodrvr.sys ([email protected])
DRV - (MASPINT) -- C:\WINDOWS\System32\drivers\MASPINT.SYS (MicroStaff Co.,Ltd.)
DRV - (tbcwdm) -- C:\WINDOWS\system32\drivers\tbcwdm.sys (Voyetra Turtle Beach)
DRV - (tbcspud) -- C:\WINDOWS\system32\drivers\tbcspud.sys (Voyetra Turtle Beach)
DRV - (ati2mpad) -- C:\WINDOWS\system32\drivers\ati2mpad.sys (ATI Technologies Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.sys (Logitech)
DRV - (l8042pr2) -- C:\WINDOWS\system32\drivers\L8042Pr2.sys (Logitech)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS (Logitech)
DRV - (LKbdFlt2) -- C:\WINDOWS\system32\drivers\LKbdFlt2.sys (Logitech)
DRV - (atirage3) -- C:\WINDOWS\system32\drivers\atimpae.sys (ATI Technologies Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/19 19:08:21 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/08/12 01:01:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Search) - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe (Voyetra Turtle Beach, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ION Backup Tool.lnk = C:\WINDOWS\Installer\{586C47A4-6917-4332-B33F-EEC8D6841DF7}\NewShortcut2_586C47A469174332B33FEEC8D6841DF7.exe (InstallShield Software Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &AIM Search - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2006/06/25 22:32:05 | 000,000,000 | ---D | M]
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2006/06/25 22:32:05 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2006/06/25 22:32:05 | 000,000,000 | ---D | M]
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL (ATI Technologies Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - File not found
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://tky09.celarte...ntrol_en_US.cab (DjVuCtl Class)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternati...-ie/alttiff.cab (AlternaTIFF ActiveX)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} http://install.wildt...lim/install.cab (Reg Error: Key error.)
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://216.73.31.132/activex/AMC.cab (AxisMediaControl Class)
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} http://192.168.1.103.../WinWebPush.cab (WebWatch Class)
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} http://www.parallelg...in/cortvrml.cab (ParallelGraphics Cortona Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.inforivie...sCamControl.ocx (CamImage Class)
O16 - DPF: {A31CCCB0-46A8-11D3-A726-005004B35102} http://download.acti...SFViewerWeb.cab (XView Class)
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} http://download.micr...N-US/msorun.cab (Reg Error: Key error.)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} http://install.wildt...lim/install.cab (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://bin.mcafee.co...,19/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_04)
O16 - DPF: {CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_18)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} http://plugin.fileop...nt/FileOpen.CAB (FoInstaller Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://connect.fede...perSetupSP1.cab (JuniperSetupSP1 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Noodle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Noodle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/13 14:51:56 | 000,000,622 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2004/04/01 23:44:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/12 17:45:24 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2011/08/12 10:57:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/08/12 10:57:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/12 10:57:41 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/12 10:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/12 08:04:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Noodle\Desktop\fixstuff
[2011/08/12 01:14:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/08/12 01:13:11 | 000,000,000 | --SD | C] -- C:\FixKombo
[2011/08/12 01:06:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/08/12 00:31:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/08/12 00:18:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/08/12 00:18:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/08/12 00:18:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/08/12 00:18:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/08/12 00:17:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/08/12 00:16:21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/12 00:16:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Noodle\Start Menu\Programs\Administrative Tools
[2011/08/11 16:21:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Noodle\Application Data\Malwarebytes
[2011/08/11 16:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/08/11 13:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Noodle\Start Menu\Programs\HiJackThis
[2011/08/11 13:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/08/11 13:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/11 13:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/08/11 13:20:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Noodle\Start Menu\Programs\Startup (Disabled by Starter)
[2011/08/11 13:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Voyetra
[2011/08/11 13:06:15 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/08/06 20:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Noodle\Application Data\ElevatedDiagnostics
[2011/08/06 20:56:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/08/06 20:56:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/12 22:51:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/12 20:51:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/12 17:34:54 | 000,002,731 | ---- | M] () -- C:\Documents and Settings\Noodle\Desktop\svchost identify.lnk
[2011/08/12 17:10:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/12 16:48:04 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-1343024091-682003330-1005.job
[2011/08/12 16:47:58 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-1343024091-682003330-1004.job
[2011/08/12 16:47:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/12 10:57:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/12 07:54:44 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/08/12 01:01:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/08/12 00:32:03 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/08/11 20:28:19 | 000,302,592 | ---- | M] () -- C:\ol9dbfc5.exe
[2011/08/11 13:18:37 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Noodle\tray.pid
[2011/08/11 13:17:38 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-1343024091-682003330-1004.job
[2011/08/11 13:12:04 | 000,001,546 | ---- | M] () -- C:\WINDOWS\AEClient_u.MIF
[2011/08/11 13:11:06 | 000,001,546 | ---- | M] () -- C:\WINDOWS\UnImport71.MIF
[2011/08/10 23:49:36 | 000,444,494 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/10 23:49:36 | 000,072,370 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/10 23:45:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/06 20:56:27 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-1343024091-682003330-1005.job
[2011/07/25 11:17:44 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2011/07/23 19:05:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/15 09:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/12 17:34:46 | 000,002,731 | ---- | C] () -- C:\Documents and Settings\Noodle\Desktop\svchost identify.lnk
[2011/08/12 10:57:47 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/12 00:32:03 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/08/12 00:31:59 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/08/12 00:18:04 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/08/12 00:18:04 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/08/12 00:18:04 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/08/12 00:18:04 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/08/12 00:18:04 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/08/11 20:28:16 | 000,302,592 | ---- | C] () -- C:\ol9dbfc5.exe
[2011/08/11 13:11:06 | 000,001,546 | ---- | C] () -- C:\WINDOWS\UnImport71.MIF
[2011/08/11 11:23:48 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-1343024091-682003330-1004.job
[2011/08/11 11:23:47 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-1343024091-682003330-1004.job
[2010/09/07 19:42:29 | 000,100,312 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/02/18 15:48:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/10/13 21:18:21 | 000,038,867 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2008/10/13 21:18:21 | 000,029,257 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2008/10/02 20:40:45 | 000,000,076 | ---- | C] () -- C:\WINDOWS\Setup Wizard.INI
[2008/08/07 22:20:06 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2008/04/14 21:28:36 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2007/02/10 01:34:51 | 000,000,041 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\trfntw32.cfg
[2007/01/22 22:06:08 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/04/30 15:16:16 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/03/12 20:00:57 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2006/03/01 10:58:11 | 000,100,724 | ---- | C] () -- C:\WINDOWS\cpeins04.dat
[2006/03/01 10:58:11 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2006/02/13 16:29:25 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/01/02 20:40:38 | 000,000,681 | ---- | C] () -- C:\WINDOWS\HamU.ini
[2005/05/21 15:47:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IMPORT71.INI
[2005/04/19 23:01:04 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2005/04/19 23:01:04 | 000,000,268 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2005/02/27 16:44:05 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Noodle\Local Settings\Application Data\fusioncache.dat
[2005/02/20 16:27:18 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/01/02 20:26:09 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2004/12/06 19:03:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Noodle\Application Data\dm.ini
[2004/10/02 21:19:39 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ec27ser.exe
[2004/10/02 21:18:31 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EcRegMsg.dll
[2004/08/24 19:23:29 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/16 17:29:40 | 000,000,874 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2004/08/16 17:29:40 | 000,000,066 | ---- | C] () -- C:\WINDOWS\calera.ini
[2004/08/16 17:28:54 | 000,000,040 | ---- | C] () -- C:\WINDOWS\vissetup.ini
[2004/08/16 17:28:07 | 000,000,190 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/08/15 13:55:49 | 000,004,947 | ---- | C] () -- C:\WINDOWS\WinInit.INI
[2004/08/14 16:00:57 | 000,000,420 | ---- | C] () -- C:\WINDOWS\PCPHOTO.INI
[2004/07/18 19:53:34 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Noodle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/06/22 09:05:14 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2004/05/27 00:16:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2004/05/26 23:52:07 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2004/05/22 15:14:59 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/05/19 05:55:50 | 000,003,857 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/05/15 15:16:58 | 000,001,524 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2004/04/17 14:52:22 | 000,000,745 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2004/04/17 00:24:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/04/16 19:16:41 | 000,000,147 | ---- | C] () -- C:\WINDOWS\Disney's Magic Artist.INI
[2004/04/15 00:57:14 | 000,000,150 | ---- | C] () -- C:\WINDOWS\OED.INI
[2004/04/14 20:25:02 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2004/04/14 20:25:02 | 000,000,296 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2004/04/13 23:54:42 | 000,000,484 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/04/13 23:24:41 | 000,036,864 | ---- | C] () -- C:\WINDOWS\uneng.exe
[2004/04/13 21:26:57 | 000,109,056 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2004/04/13 21:26:57 | 000,000,488 | ---- | C] () -- C:\WINDOWS\Cmousecc.ini
[2004/04/13 20:57:52 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/04/01 23:46:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/04/01 23:42:13 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/04/01 17:16:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/04/01 17:14:43 | 000,459,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/01/28 11:42:06 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2004/01/28 11:42:06 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2004/01/28 11:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003/03/31 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/03/31 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 08:00:00 | 000,444,494 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/03/31 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 08:00:00 | 000,072,370 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/03/31 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/03/31 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/31 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2000/04/25 14:58:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wrkgadm.exe
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/02/15 21:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Actify
[2011/08/12 07:55:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/03/25 15:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2006/02/05 00:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2006/02/05 13:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2006/02/05 00:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2008/04/14 23:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/07/11 22:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2004/09/26 10:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\Aim
[2008/12/13 16:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\Common Files
[2011/08/06 20:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\ElevatedDiagnostics
[2007/02/13 21:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\FileOpen
[2004/04/26 19:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\FUJIFILM
[2004/04/14 17:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\ICQ
[2004/06/07 20:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\ICQLite
[2008/11/19 20:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\Juniper Networks
[2004/12/27 21:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\Leadertech
[2006/02/26 12:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\ScanSoft
[2011/08/11 19:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Noodle\Application Data\WeatherBug

========== Purity Check ==========



< End of report >

Edited by Cstaffa, 12 August 2011 - 10:57 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,798 posts
  • MVP
It's not your PC. There is something wrong with the site. I can read it fine with Firefox but it locked up IE8 and ate 50% of my CPU (I have two so it essentially ate one of them).

Ron
  • 0

#3
Cstaffa

Cstaffa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Thank you. You mean, there's something wrong with IE8. :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP