Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

screensaver popup on my desktop after closing Firefox

Started by cupcake107 , Apr 28 2011 10:51 PM

  • Please log in to reply

#1
cupcake107
Posted 28 April 2011 - 10:51 PM

cupcake107

    Member

  • Member
  • PipPip
  • 13 posts
screensaver popup on my desktop after closing Firefox. Help!

I have Firefox 3.6.16. Nearly every time I close Firefox, a Firefox screensaver pop-up appears on my Desktop. I want it gone.

OTL logfile created on: 4/29/2011 12:43:40 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Cupcake\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.71 Gb Total Space | 50.48 Gb Free Space | 36.14% Space Free | Partition Type: NTFS
Drive D: | 9.34 Gb Total Space | 1.70 Gb Free Space | 18.17% Space Free | Partition Type: NTFS

Computer Name: HOMEOFFICE | User Name: Cupcake | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/29 00:42:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Cupcake\Downloads\OTL.exe
PRC - [2011/03/25 11:37:45 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/20 19:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/26 03:15:26 | 000,361,808 | ---- | M] () -- C:\Windows\SMINST\BLService.exe
PRC - [2007/05/17 16:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe


========== Modules (SafeList) ==========

MOD - [2011/04/29 00:42:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Cupcake\Downloads\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/09/05 12:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/04/26 03:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/02/09 17:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/17 16:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2010/12/20 19:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2008/06/30 05:52:26 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/06/10 13:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/06/05 11:58:42 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/04/27 13:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/11/06 17:07:00 | 000,180,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20071204.002\IDSvix86.sys -- (IDSvix86)
DRV - [2007/10/17 18:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/06/11 05:28:06 | 000,012,800 | R--- | M] (Genesys Logic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fixustor.sys -- (FIXUSTOR)
DRV - [2007/04/10 16:46:48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.aol.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..network.proxy.no_proxies_on: ""

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/07/26 01:26:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/25 11:37:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/25 11:37:46 | 000,000,000 | ---D | M]

[2008/12/18 21:27:50 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Cupcake\AppData\Roaming\Mozilla\Extensions
[2011/04/28 23:26:53 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Cupcake\AppData\Roaming\Mozilla\Firefox\Profiles\d9jy65q5.default\extensions
[2011/03/01 01:16:46 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Users\Cupcake\AppData\Roaming\Mozilla\Firefox\Profiles\d9jy65q5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/09/07 23:46:24 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Cupcake\AppData\Roaming\Mozilla\Firefox\Profiles\d9jy65q5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/08/23 23:22:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/04 20:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/29 11:50:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/23 23:22:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [ttool] File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10k_Plugin.exe (Adobe Systems, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Cupcake\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab ()
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....NPUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (GMNRev Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://messenger.zon...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Cupcake\Downloads\Lamp_Genie_by_horatziu1977.jpg
O24 - Desktop BackupWallPaper: C:\Users\Cupcake\Downloads\Lamp_Genie_by_horatziu1977.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/26 01:01:12 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/02/12 02:16:06 | 000,000,832 | ---- | M] () - C:\Autorun_dll.log -- [ NTFS ]
O33 - MountPoints2\{18b2d579-1170-11de-8b8b-001d7277e86d}\Shell - "" = AutoRun
O33 - MountPoints2\{18b2d579-1170-11de-8b8b-001d7277e86d}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/29 00:29:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/29 00:29:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/29 00:26:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3121200586-3638593243-2113836983-1000UA.job
[2011/04/28 19:20:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/28 12:36:08 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3121200586-3638593243-2113836983-1000Core.job
[2011/04/26 23:15:41 | 001,257,689 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (149).wma
[2011/04/26 23:11:05 | 001,967,109 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (148).wma
[2011/04/25 12:40:20 | 000,597,659 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (147).wma
[2011/04/25 05:16:43 | 000,006,648 | ---- | M] () -- C:\Users\Cupcake\AppData\Local\d3d9caps.dat
[2011/04/24 20:13:14 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/24 20:13:14 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/24 20:06:37 | 000,000,284 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011/04/24 20:06:02 | 3149,082,624 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/12 00:33:57 | 000,153,149 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (145).wma
[2011/04/12 00:33:50 | 001,140,949 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (146).wma
[2011/04/12 00:06:58 | 000,754,809 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (144).wma
[2011/04/12 00:04:02 | 000,647,049 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (143).wma
[2011/04/11 21:42:35 | 000,853,589 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (142).wma
[2011/04/11 14:29:55 | 001,751,589 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (141).wma
[2011/04/02 00:56:39 | 000,337,239 | ---- | M] () -- C:\Users\Cupcake\Documents\Untitled (140).wma
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/26 23:15:41 | 001,257,689 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (149).wma
[2011/04/26 23:11:05 | 001,967,109 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (148).wma
[2011/04/25 12:40:20 | 000,597,659 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (147).wma
[2011/04/25 03:21:02 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3121200586-3638593243-2113836983-1000UA.job
[2011/04/25 03:21:01 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3121200586-3638593243-2113836983-1000Core.job
[2011/04/12 00:33:50 | 001,140,949 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (146).wma
[2011/04/12 00:31:23 | 000,153,149 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (145).wma
[2011/04/12 00:06:57 | 000,754,809 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (144).wma
[2011/04/12 00:04:01 | 000,647,049 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (143).wma
[2011/04/11 21:42:35 | 000,853,589 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (142).wma
[2011/04/11 14:29:55 | 001,751,589 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (141).wma
[2011/04/02 00:56:39 | 000,337,239 | ---- | C] () -- C:\Users\Cupcake\Documents\Untitled (140).wma
[2010/12/23 03:04:00 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/12/23 03:04:00 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/12/23 03:03:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/12/22 15:09:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/04 21:24:10 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/09/01 02:28:21 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/05/05 12:53:41 | 000,200,704 | R--- | C] () -- C:\Windows\System32\UMonit.exe
[2010/05/05 12:53:41 | 000,167,936 | R--- | C] () -- C:\Windows\System32\ustor.dll
[2010/05/05 12:53:41 | 000,001,504 | R--- | C] () -- C:\Windows\System32\IconCfg0.ini
[2010/01/19 18:23:47 | 000,000,120 | -H-- | C] () -- C:\Users\Cupcake\AppData\Local\Rbipobakamodet.dat
[2010/01/19 18:23:47 | 000,000,000 | -H-- | C] () -- C:\Users\Cupcake\AppData\Local\Ntipetapediwih.bin
[2009/02/08 19:34:03 | 000,020,762 | -H-- | C] () -- C:\Users\Cupcake\AppData\Roaming\wklnhst.dat
[2008/12/05 21:03:10 | 000,006,648 | ---- | C] () -- C:\Users\Cupcake\AppData\Local\d3d9caps.dat
[2008/11/08 11:03:18 | 000,014,848 | -H-- | C] () -- C:\Users\Cupcake\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/26 01:16:18 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/07/07 11:29:46 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll
[2008/07/07 11:14:06 | 000,495,376 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/06/12 13:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/06/12 13:41:18 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/06/12 13:41:18 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/06/04 12:54:12 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2007/04/10 16:46:48 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,308,800 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,595,684 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,101,350 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 04:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2008/11/08 10:23:40 | 000,000,000 | -H-D | M] -- C:\Users\Cupcake\AppData\Roaming\acccore
[2010/08/23 22:56:18 | 000,000,000 | -H-D | M] -- C:\Users\Cupcake\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/22 11:49:22 | 000,000,000 | -H-D | M] -- C:\Users\Cupcake\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/03/01 01:20:11 | 000,000,000 | ---D | M] -- C:\Users\Cupcake\AppData\Roaming\GARMIN
[2009/01/24 21:44:23 | 000,000,000 | -H-D | M] -- C:\Users\Cupcake\AppData\Roaming\iWin
[2011/03/15 14:24:19 | 000,000,000 | ---D | M] -- C:\Users\Cupcake\AppData\Roaming\LolClient
[2010/02/23 15:30:35 | 000,000,000 | -HSD | M] -- C:\Users\Cupcake\AppData\Roaming\lowsec
[2009/08/03 09:08:22 | 000,000,000 | -H-D | M] -- C:\Users\Cupcake\AppData\Roaming\MSNInstaller
[2008/11/10 19:23:59 | 000,000,000 | -H-D | M] -- C:\Users\Cupcake\AppData\Roaming\muvee Technologies
[2010/08/20 13:45:04 | 000,000,000 | -H-D | M] -- C:\Users\Cupcake\AppData\Roaming\PlayFirst
[2009/02/08 19:34:05 | 000,000,000 | -H-D | M] -- C:\Users\Cupcake\AppData\Roaming\Template
[2011/04/24 17:38:35 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:206E2596

< End of report >

Edited by cupcake107, 28 April 2011 - 11:49 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP