Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Internet and Firefox crashes [Closed]


  • This topic is locked This topic is locked

#1
mrsmyth

mrsmyth

    New Member

  • Member
  • Pip
  • 1 posts
I have recently been experiencing both internet explorer and firefox crashes. My screen freezes and then goes black. I have downloaded and run OTL, although I am not sure if malware is a problem. Any help is much appreciated. Here is the OTL log:

OTL logfile created on: 1/4/2012 1:42:11 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Owner\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 28.44% Memory free
8.10 Gb Paging File | 5.36 Gb Available in Paging File | 66.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 194.20 Gb Free Space | 68.53% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 10.51 Gb Free Space | 71.72% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/18 12:59:36 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/11/20 22:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/10/14 07:48:25 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
PRC - [2008/05/07 16:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 16:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/20 22:04:51 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/11/18 08:51:45 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/12/22 04:35:16 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/12/14 22:13:46 | 000,281,600 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/12/14 22:13:30 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/01/20 20:52:05 | 000,521,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ntmssvc.dll -- (NtmsSvc)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2006/11/02 05:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/04 06:07:31 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2009/11/04 06:07:31 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 16:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/09 08:00:34 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2011/09/09 08:00:34 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2011/07/06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/06/15 09:10:14 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2011/05/15 12:52:10 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/03/30 21:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0501000.01D\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 21:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/21 18:39:49 | 000,432,760 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/14 20:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 00:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2011/01/26 23:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/04/27 12:40:40 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/09/30 18:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/03/26 07:00:16 | 000,071,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009/03/19 16:02:00 | 000,311,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2009/03/06 06:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2009/01/07 08:35:42 | 000,033,792 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sustucau.sys -- (SUSTUCAU)
DRV:64bit: - [2009/01/07 08:35:40 | 000,056,832 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sustucap.sys -- (SUSTUCAP)
DRV:64bit: - [2009/01/07 08:35:40 | 000,056,832 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sustucam.sys -- (SUSTUCAM)
DRV:64bit: - [2008/12/22 04:34:48 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/12/17 03:22:04 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/12/14 22:13:56 | 000,472,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/12/08 23:12:36 | 008,036,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/11/29 07:19:28 | 000,028,208 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2008/09/03 23:29:22 | 000,199,728 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/09/01 04:19:24 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/02/13 08:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Amusbx64.sys -- (Amusbprt)
DRV:64bit: - [2008/01/20 20:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/10/15 03:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\Amfltx64.sys -- (Amfilter)
DRV:64bit: - [2007/02/05 16:36:48 | 000,049,664 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\livecamv.sys -- (RLDesignVirtualAudioCableWdm)
DRV:64bit: - [2006/11/02 01:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2011/11/14 13:28:01 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111221.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/11/09 08:21:02 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/11/09 08:21:02 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/10/05 17:29:52 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120104.001\EX64.SYS -- (NAVEX15)
DRV - [2011/10/05 17:29:52 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120104.001\ENG64.SYS -- (NAVENG)
DRV - [2011/09/09 08:00:28 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2011/09/09 08:00:28 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2011/08/22 23:17:32 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20111226.001\IDSviA64.sys -- (IDSVia64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {7016c97b-3532-4753-8d12-a4a352ff36bf} - C:\Program Files (x86)\TwitterTools\tbTwi2.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internet-home-page.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...l_date=20111118
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 DC 52 34 FC 71 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = https://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFunWeb.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Owner\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/09/28 07:18:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_4_3 [2012/01/02 22:41:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/07 22:49:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/02 10:48:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/20 14:38:58 | 000,000,000 | ---D | M]

[2011/11/29 09:00:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2010/08/16 13:51:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions\[email protected]
[2010/10/26 10:32:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dplph78z.default\extensions
[2011/11/29 09:07:56 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\dplph78z.default\extensions\[email protected]
[2012/01/01 10:25:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yj044glv.default\extensions
[2011/12/01 13:18:50 | 000,000,000 | ---D | M] (Kindle It) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yj044glv.default\extensions\[email protected]
[2011/12/01 13:15:20 | 000,000,000 | ---D | M] ("Boounce") -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yj044glv.default\extensions\[email protected]
[2011/12/19 23:42:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/19 23:42:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/11/20 22:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/12/19 23:42:07 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/13 22:28:05 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files (x86)\mozilla firefox\plugins\nppopcaploader.dll
[2009/07/02 10:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files (x86)\mozilla firefox\plugins\npzylomgamesplayer.dll
[2010/08/19 16:31:16 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/11/20 19:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/30 15:23:49 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011/09/16 08:42:21 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/11/20 19:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2011/10/22 23:08:57 | 000,001,943 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Yahooober33103209.xml
[2011/10/17 13:07:59 | 000,001,943 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Yahooober92330252.xml

O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (TwitterTools Toolbar) - {7016c97b-3532-4753-8d12-a4a352ff36bf} - C:\Program Files (x86)\TwitterTools\tbTwi2.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (TwitterTools Toolbar) - {7016c97b-3532-4753-8d12-a4a352ff36bf} - C:\Program Files (x86)\TwitterTools\tbTwi2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (TwitterTools Toolbar) - {7016C97B-3532-4753-8D12-A4A352FF36BF} - C:\Program Files (x86)\TwitterTools\tbTwi2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKCU..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found
O4 - HKCU..\Run: [EPSON NX510 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE /FU "C:\Windows\TEMP\E_SF96B.tmp" /EF "HKCU" File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: Add to Wish List - {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: inboswdollars.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: patientslikeme.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: tv.com ([authorize] https in Trusted sites)
O15 - HKCU\..Trusted Domains: walmart.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.7.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C62E2A6-F79D-404C-8C15-D4431A8F3A74}: DhcpNameServer = 192.168.7.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8801CC70-4EF6-4EA0-A471-62DD7D5D54DF}: DhcpNameServer = 192.168.7.254
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Pictures\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Pictures\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/23 00:28:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\OrderConfirmation.aspx_files
[2011/12/19 23:53:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/12/19 23:44:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/12/14 23:25:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\UCleanWindows_V4
[2011/12/14 19:02:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\DDMSettings
[2011/12/14 18:55:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\superWinTools Software
[2011/12/14 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B0A49CAC-6643-42FE-B348-BAD8FE05BD3D}
[2011/12/13 15:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/04 12:51:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/04 12:50:38 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/04 12:44:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/04 01:24:17 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/04 01:24:17 | 000,604,816 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/04 01:24:17 | 000,104,670 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/02 22:40:56 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/02 22:40:56 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 20:31:21 | 000,000,680 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2011/12/28 20:07:02 | 000,000,934 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/28 20:07:02 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/27 15:43:13 | 000,000,402 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Owner.job
[2011/12/23 00:28:14 | 000,041,197 | ---- | M] () -- C:\Users\Owner\Desktop\OrderConfirmation.aspx.htm
[2011/12/15 09:54:46 | 000,304,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/14 23:25:44 | 000,131,072 | ---- | M] () -- C:\Windows\SysWow64\UCsysfg.ucl
[2011/12/14 18:15:58 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2011/12/14 18:05:43 | 002,729,438 | ---- | M] () -- C:\Users\Owner\Desktop\UCleanWindows_V4.zip
[2011/12/14 16:04:53 | 000,277,969 | ---- | M] () -- C:\Users\Owner\Documents\crochetChristmasTree.pdf
[2011/12/13 17:22:31 | 000,002,567 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office OneNote 2007 (2).lnk
[2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/12/07 22:49:37 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/12/07 22:49:37 | 000,001,420 | ---- | M] () -- C:\Users\Owner\Desktop\DivX Movies.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/28 20:07:02 | 000,000,934 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/28 20:07:02 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/23 00:28:12 | 000,041,197 | ---- | C] () -- C:\Users\Owner\Desktop\OrderConfirmation.aspx.htm
[2011/12/14 23:25:44 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\UCsysfg.ucl
[2011/12/14 18:06:10 | 002,729,438 | ---- | C] () -- C:\Users\Owner\Desktop\UCleanWindows_V4.zip
[2011/12/14 16:04:53 | 000,277,969 | ---- | C] () -- C:\Users\Owner\Documents\crochetChristmasTree.pdf
[2011/11/10 17:46:59 | 000,000,439 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/10/04 17:47:58 | 000,000,732 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps64.dat
[2011/06/18 21:51:24 | 000,000,691 | ---- | C] () -- C:\Windows\wininit.ini
[2010/10/16 11:01:28 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2010/08/06 12:25:33 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2010/08/05 22:58:21 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/08/05 22:58:21 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/08/05 22:58:21 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/08/05 22:58:21 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/08/05 22:58:21 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/08/05 22:58:21 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/08/05 22:58:21 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/08/05 22:58:21 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/08/05 22:58:21 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/08/05 22:58:21 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/08/05 22:58:21 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/08/05 22:58:21 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/08/05 22:58:21 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/08/05 22:58:21 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/08/05 22:58:21 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/08/05 22:58:21 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/08/05 22:52:50 | 000,000,079 | ---- | C] () -- C:\Windows\EPNX510.ini
[2009/10/23 15:55:38 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2009/06/19 15:12:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/19 15:12:18 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/06/19 15:11:51 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 12:55:51 | 000,061,440 | ---- | C] () -- C:\Windows\wnUninstall.exe
[2009/06/03 20:43:06 | 000,011,254 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png
[2009/05/26 16:03:03 | 000,001,184 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2009/05/25 23:05:35 | 000,024,064 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/30 22:32:14 | 002,026,604 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/04/30 22:32:14 | 000,445,796 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/04/30 22:32:14 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2009/04/30 22:24:33 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/04/30 20:05:29 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 09:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 06:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 06:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 06:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 03:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2010/05/20 13:15:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Arkadium
[2011/11/30 08:26:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\calibre
[2010/02/03 10:38:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/11/19 10:34:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2011/01/28 12:08:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DriverCure
[2009/06/25 20:38:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\eMusic
[2011/01/07 10:29:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Epson
[2010/05/30 23:05:16 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Facebook
[2009/11/07 00:46:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2010/09/17 18:31:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leader Technologies
[2010/08/16 14:08:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2011/10/27 10:15:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mahjong LoT
[2011/11/16 08:19:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Oberon Media
[2010/11/13 12:21:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Paltalk
[2011/01/28 12:08:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ParetoLogic
[2009/06/03 20:43:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PeerNetworking
[2011/03/09 07:29:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Registry Mechanic
[2011/10/14 07:45:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Systweak
[2009/06/07 10:22:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2010/09/25 16:19:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific
[2009/09/21 10:04:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2009/11/08 21:16:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2009/11/08 11:21:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TweetPocket.206395F9AD09DB46721ECAB992E1762159D60F5A.1
[2011/10/18 18:42:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Uniblue
[2009/05/25 21:13:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Windows Live Writer
[2012/01/01 22:22:12 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:303528AB
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:AA4982C6
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKLM\..\URLSearchHook: {7016c97b-3532-4753-8d12-a4a352ff36bf} - C:\Program Files (x86)\TwitterTools\tbTwi2.dll (Conduit Ltd.)
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internet-home-page.com
    IE - HKCU\..\URLSearchHook: - No CLSID value found
    FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFunWeb.dll File not found
    O2 - BHO: (TwitterTools Toolbar) - {7016c97b-3532-4753-8d12-a4a352ff36bf} - C:\Program Files (x86)\TwitterTools\tbTwi2.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
    O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
    O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
    O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (TwitterTools Toolbar) - {7016c97b-3532-4753-8d12-a4a352ff36bf} - C:\Program Files (x86)\TwitterTools\tbTwi2.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (TwitterTools Toolbar) - {7016C97B-3532-4753-8D12-A4A352FF36BF} - C:\Program Files (x86)\TwitterTools\tbTwi2.dll (Conduit Ltd.)
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    
    
    :Services
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    C:\Program Files (x86)\TwitterTools
    C:\Program Files (x86)\FunWebProducts
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done



Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the ComboFix log in your next reply as well as describe how your computer is running now
  • 0

#3
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP