Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Mostly functional infection, but beginning to slow my computer down a

Started by KemptonB , Sep 29 2011 11:34 PM

  • Please log in to reply

#1
KemptonB
Posted 29 September 2011 - 11:34 PM

KemptonB

    New Member

  • Member
  • Pip
  • 3 posts
Background:

Recently I switched Internet providers and more or less since then I have had some trouble with my computer. I switched antivirus software to Norton Security Suite since it came free with Comcast. I also installed (and later uninstalled) some audio and video file converters, but other than that, there have been no significant change I made to my computer in the last few weeks.

Situation:
Although I am able to access the Internet well-enough, I have noticed that my RAM usage has gone up and up lately, and far more process are running in the background than I am used to. Some of the unfamiliar ones include SearchIndexer.exe, and lots of svchost.exe processes.

Below is my OTL.exe log and attached is a screen-shot of my task manager.
I hope this is enough information! Let me know if you'd like greater detail.

OTL logfile created on: 9/29/2011 11:56:36 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Kempton\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 48.31% Memory free
8.19 Gb Paging File | 6.36 Gb Available in Paging File | 77.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.52 Gb Total Space | 108.28 Gb Free Space | 23.77% Space Free | Partition Type: NTFS
Drive D: | 10.23 Gb Total Space | 1.37 Gb Free Space | 13.42% Space Free | Partition Type: NTFS

Computer Name: KEMPTONS-COMP | User Name: Kempton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/29 23:55:25 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Kempton\Downloads\OTL.exe
PRC - [2011/09/07 12:06:19 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/20 12:03:34 | 000,210,144 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe
PRC - [2011/04/01 00:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/05 23:17:40 | 000,161,336 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/07 12:08:18 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/07 12:06:18 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 18:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/20 12:03:34 | 000,210,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Security Suite\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2011/04/01 00:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/07/27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/23 09:12:35 | 000,174,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/01 00:07:54 | 004,184,672 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C270(UVC)
DRV:64bit: - [2011/04/01 00:06:22 | 000,341,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0501000.01D\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/21 19:39:49 | 000,432,760 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0501000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2010/11/15 20:45:33 | 000,171,128 | R--- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/08/20 23:59:12 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/06/06 22:12:22 | 000,035,840 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/12/02 12:50:38 | 000,105,592 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2008/09/28 21:58:08 | 000,033,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/01/20 21:48:11 | 000,019,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023.sys -- (USB_RNDIS)
DRV:64bit: - [2008/01/20 21:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2006/12/05 11:34:26 | 000,572,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207)
DRV - [2011/09/22 06:57:56 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110929.031\IDSviA64.sys -- (IDSVia64)
DRV - [2011/09/22 01:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110929.019\EX64.SYS -- (NAVEX15)
DRV - [2011/09/22 01:00:00 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/09/22 01:00:00 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/09/22 01:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110929.019\ENG64.SYS -- (NAVENG)
DRV - [2011/09/09 17:47:18 | 001,152,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110920.001\BHDrvx64.sys -- (BHDrvx64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect...fftrie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..keyword.URL: "http://slirsredirect...0fftrab&query="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Kempton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.1908.5032\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Kempton\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Kempton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kempton\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kempton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/06/09 23:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/06/09 23:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/09/27 17:46:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_2_3 [2011/09/28 08:47:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/07 12:06:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/29 23:50:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Kempton\AppData\Roaming\Move Networks [2011/09/22 23:42:23 | 000,000,000 | ---D | M]

[2008/09/17 15:07:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Kempton\AppData\Roaming\Mozilla\Extensions
[2011/09/29 12:49:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kempton\AppData\Roaming\Mozilla\Firefox\Profiles\2t0yne4f.default\extensions
[2011/09/22 23:42:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kempton\AppData\Roaming\Mozilla\Firefox\Profiles\2t0yne4f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/22 23:42:23 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Kempton\AppData\Roaming\Mozilla\Firefox\Profiles\2t0yne4f.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/09/22 16:47:38 | 000,000,000 | -H-D | M] (XFINITY Toolbar) -- C:\Users\Kempton\AppData\Roaming\Mozilla\Firefox\Profiles\2t0yne4f.default\extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f}
[2011/09/22 23:42:23 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Kempton\AppData\Roaming\Mozilla\Firefox\Profiles\2t0yne4f.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/09/22 23:42:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kempton\AppData\Roaming\Mozilla\Firefox\Profiles\2t0yne4f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/09/29 12:49:42 | 000,000,000 | ---D | M] (AOL Messaging Toolbar) -- C:\Users\Kempton\AppData\Roaming\Mozilla\Firefox\Profiles\2t0yne4f.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/06/15 19:26:22 | 000,004,207 | -H-- | M] () -- C:\Users\Kempton\AppData\Roaming\Mozilla\Firefox\Profiles\2t0yne4f.default\searchplugins\aim-search.xml
[2011/09/23 00:32:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/07/16 00:31:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/06/09 19:10:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/09/28 08:47:09 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_2_3
[2011/09/27 17:46:55 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
() (No name found) -- C:\USERS\KEMPTON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2T0YNE4F.DEFAULT\EXTENSIONS\[email protected]
[2011/09/07 12:06:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2008/10/02 22:40:18 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files (x86)\mozilla firefox\plugins\NPTURNMED.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npViewpoint.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll (StartNow.com)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll (StartNow.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF275D1D-7580-43F9-ADA9-59DEE765A6FD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2577A71-B245-4BDF-B695-3A952C691A61}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\Userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Kempton\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kempton\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5720799e-8506-11dd-899a-0022153f4d50}\Shell\AutoRun\command - "" = K:\PortableVault.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/29 13:47:10 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Local\Kerkia
[2011/09/29 13:45:44 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Roaming\minimem
[2011/09/29 13:45:07 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minimem
[2011/09/29 13:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\Kerkia
[2011/09/26 12:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF
[2011/09/26 12:54:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinFF
[2011/09/26 12:46:51 | 000,000,000 | ---D | C] -- C:\Users\Kempton\Documents\Any Video Converter
[2011/09/26 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Roaming\AnvSoft
[2011/09/25 22:23:58 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/09/25 16:17:41 | 000,000,000 | ---D | C] -- C:\Netgear
[2011/09/23 18:19:01 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Local\CrashDumps
[2011/09/23 09:12:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D
[2011/09/23 01:04:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/09/23 01:04:20 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/09/23 01:03:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2011/09/23 01:03:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
[2011/09/23 01:03:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011/09/22 23:25:21 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Roaming\Tific
[2011/09/22 22:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Suite
[2011/09/22 21:54:00 | 000,000,000 | ---D | C] -- C:\Users\Kempton\Documents\Symantec
[2011/09/22 21:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/09/22 21:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/09/22 21:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2011/09/22 21:33:24 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Local\ID Vault
[2011/09/22 21:32:56 | 000,000,000 | -H-D | C] -- C:\Users\Kempton\AppData\Roaming\ID Vault
[2011/09/22 21:32:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SFT
[2011/09/22 21:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Constant Guard Protection Suite
[2011/09/22 21:31:23 | 000,000,000 | ---D | C] -- C:\ProgramData\White Sky, Inc
[2011/09/22 16:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\comcasttb
[2011/09/22 16:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CA
[2011/09/22 16:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xfin_portal
[2011/09/22 16:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ComcastUI
[2011/09/11 00:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Amazon
[2011/09/10 18:41:52 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Local\Ilivid Player
[2011/09/10 18:34:59 | 000,000,000 | -H-D | C] -- C:\Users\Kempton\AppData\Local\PackageAware
[2011/09/05 23:35:57 | 000,000,000 | ---D | C] -- C:\Users\Kempton\AppData\Local\Facebook
[2011/09/05 02:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2011/09/03 16:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/09/03 00:12:13 | 000,000,000 | -H-D | C] -- C:\Users\Kempton\AppData\Roaming\Logitech
[2011/09/02 21:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011/09/02 21:48:24 | 000,000,000 | -H-D | C] -- C:\Users\Kempton\AppData\Roaming\Leadertech
[2011/09/02 21:46:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\logishrd
[2011/09/02 21:46:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\logishrd
[2011/09/02 21:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2011/09/02 21:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2011/09/02 21:46:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LWS
[2011/09/02 21:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011/09/02 21:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2011/09/02 21:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2011/09/01 09:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/09/01 09:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/09/01 09:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/09/01 09:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/09/01 09:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/09/01 09:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/09/01 09:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/09/01 09:01:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/29 23:52:25 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/29 23:52:23 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/09/29 23:42:17 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-339374970-1131118951-510972617-1000UA.job
[2011/09/29 23:42:17 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/29 23:42:16 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-339374970-1131118951-510972617-1000Core.job
[2011/09/29 22:29:14 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/29 22:29:14 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/29 18:21:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/29 13:13:20 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9C815538-B043-4A1B-9DB4-03229CC8D264}.job
[2011/09/26 12:57:39 | 000,222,208 | ---- | M] () -- C:\Users\Kempton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/26 12:13:37 | 000,001,150 | ---- | M] () -- C:\Users\Kempton\Desktop\Install Pazera Free MOV to AVI Converter.lnk
[2011/09/25 22:22:48 | 000,002,595 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2011/09/25 22:21:01 | 002,560,568 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
[2011/09/25 16:36:26 | 000,005,868 | ---- | M] () -- C:\Users\Kempton\Desktop\Router_Setup.html
[2011/09/23 18:26:05 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/23 18:26:05 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/23 18:26:05 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/23 09:12:36 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/09/23 09:12:35 | 000,174,200 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/09/23 09:12:35 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/09/23 01:01:35 | 000,000,905 | ---- | M] () -- C:\Users\Kempton\Desktop\Norton Installation Files.lnk
[2011/09/23 00:04:20 | 000,105,385 | ---- | M] () -- C:\Users\Kempton\Untitled.jpg
[2011/09/22 16:45:58 | 000,000,195 | ---- | M] () -- C:\Users\Kempton\Desktop\Comcast Security.url
[2011/09/11 00:00:26 | 001,894,912 | ---- | M] () -- C:\Amazon Unbox Video.msi
[2011/09/11 00:00:21 | 000,006,129 | ---- | M] () -- C:\0x0409.ini
[2011/09/02 21:59:01 | 000,001,477 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2011/09/01 09:08:58 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/26 12:13:12 | 000,001,150 | ---- | C] () -- C:\Users\Kempton\Desktop\Install Pazera Free MOV to AVI Converter.lnk
[2011/09/25 22:19:43 | 002,560,568 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
[2011/09/25 16:36:26 | 000,005,868 | ---- | C] () -- C:\Users\Kempton\Desktop\Router_Setup.html
[2011/09/25 16:36:26 | 000,000,172 | R--- | C] () -- C:\Users\Kempton\Desktop\Router Login.url
[2011/09/25 16:28:17 | 000,035,840 | R--- | C] () -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS
[2011/09/23 09:12:35 | 000,432,760 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symtdiv.sys
[2011/09/23 09:12:35 | 000,007,877 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnetv64.cat
[2011/09/23 09:12:34 | 000,912,504 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys
[2011/09/23 09:12:34 | 000,744,568 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys
[2011/09/23 09:12:34 | 000,450,680 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys
[2011/09/23 09:12:34 | 000,382,584 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys
[2011/09/23 09:12:34 | 000,171,128 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys
[2011/09/23 09:12:34 | 000,040,568 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys
[2011/09/23 09:12:34 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.cat
[2011/09/23 09:12:34 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.cat
[2011/09/23 09:12:34 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnet64.cat
[2011/09/23 09:12:34 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.cat
[2011/09/23 09:12:34 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa.inf
[2011/09/23 09:12:34 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds.inf
[2011/09/23 09:12:34 | 000,001,474 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnetv.inf
[2011/09/23 09:12:34 | 000,001,446 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnet.inf
[2011/09/23 09:12:34 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.inf
[2011/09/23 09:12:34 | 000,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.inf
[2011/09/23 09:12:33 | 000,007,492 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\iron.cat
[2011/09/23 09:12:33 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\iron.inf
[2011/09/23 09:12:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.cat
[2011/09/23 09:12:04 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\isolate.ini
[2011/09/23 01:04:21 | 000,034,152 | ---- | C] () -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/09/23 01:04:20 | 000,174,200 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/09/23 01:04:20 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/09/23 01:04:20 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/09/23 01:04:17 | 000,002,595 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2011/09/23 01:01:35 | 000,000,905 | ---- | C] () -- C:\Users\Kempton\Desktop\Norton Installation Files.lnk
[2011/09/23 00:04:19 | 000,105,385 | ---- | C] () -- C:\Users\Kempton\Untitled.jpg
[2011/09/22 16:45:58 | 000,000,195 | ---- | C] () -- C:\Users\Kempton\Desktop\Comcast Security.url
[2011/09/11 00:00:33 | 001,894,912 | ---- | C] () -- C:\Amazon Unbox Video.msi
[2011/09/11 00:00:33 | 000,006,129 | ---- | C] () -- C:\0x0409.ini
[2011/09/05 23:35:59 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-339374970-1131118951-510972617-1000UA.job
[2011/09/05 23:35:59 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-339374970-1131118951-510972617-1000Core.job
[2011/09/02 21:45:37 | 000,001,477 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2011/09/01 09:08:58 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/23 17:36:19 | 000,121,788 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/04/01 00:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/04/01 00:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/04/01 00:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010/07/19 09:31:10 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2010/07/15 21:37:25 | 000,000,138 | ---- | C] () -- C:\Windows\usrwiz.ini
[2010/02/01 02:01:01 | 000,000,790 | ---- | C] () -- C:\Windows\videoimp.ini
[2010/02/01 02:00:55 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010/02/01 02:00:45 | 000,000,021 | ---- | C] () -- C:\Windows\VI_setup.ini
[2010/01/28 01:03:31 | 000,000,021 | ---- | C] () -- C:\Windows\PI4_setup.ini
[2009/09/18 20:55:53 | 000,000,225 | ---- | C] () -- C:\Windows\PowerReg.dat
[2009/07/05 13:29:50 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/12/13 19:34:19 | 000,000,136 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008/11/11 13:14:44 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2008/11/06 17:21:02 | 000,000,281 | ---- | C] () -- C:\Windows\EReg072.dat
[2008/11/02 01:33:11 | 000,000,072 | ---- | C] () -- C:\Windows\pex.INI
[2008/11/02 01:28:11 | 000,000,372 | ---- | C] () -- C:\Windows\ulead32.ini
[2008/09/27 15:17:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/09/18 17:24:12 | 000,016,387 | ---- | C] () -- C:\Windows\wininit.ini
[2008/09/18 15:52:36 | 000,000,892 | ---- | C] () -- C:\Windows\eReg.dat
[2008/09/17 17:00:36 | 000,130,832 | ---- | C] () -- C:\Windows\hpoins18.dat
[2008/09/17 17:00:23 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2008/09/17 15:15:06 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008/09/17 15:15:06 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008/09/17 13:43:43 | 000,222,208 | ---- | C] () -- C:\Users\Kempton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/17 09:05:54 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2008/09/17 09:05:54 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/09/08 23:12:11 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/09/08 23:12:11 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/08/05 17:02:12 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP207.INI
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[1997/06/13 19:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

========== LOP Check ==========

[2008/09/18 18:36:44 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\acccore
[2011/09/22 21:37:39 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\Amazon
[2011/09/26 12:46:50 | 000,000,000 | ---D | M] -- C:\Users\Kempton\AppData\Roaming\AnvSoft
[2011/09/22 23:42:20 | 000,000,000 | ---D | M] -- C:\Users\Kempton\AppData\Roaming\Facebook
[2011/09/22 22:42:50 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\ID Vault
[2010/06/02 19:18:04 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\Image Zone Express
[2009/07/26 19:05:31 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\InterTrust
[2009/08/08 16:15:34 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\iWin
[2011/09/02 21:48:24 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\Leadertech
[2011/09/29 13:45:44 | 000,000,000 | ---D | M] -- C:\Users\Kempton\AppData\Roaming\minimem
[2011/09/22 23:42:23 | 000,000,000 | ---D | M] -- C:\Users\Kempton\AppData\Roaming\MusE
[2008/09/27 13:52:00 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\muvee Technologies
[2010/04/04 21:59:33 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\PACE Anti-Piracy
[2008/12/05 05:12:40 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\Printer Info Cache
[2011/09/22 23:25:21 | 000,000,000 | ---D | M] -- C:\Users\Kempton\AppData\Roaming\Tific
[2010/05/31 22:00:06 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\Unity
[2011/09/25 22:43:31 | 000,000,000 | ---D | M] -- C:\Users\Kempton\AppData\Roaming\uTorrent
[2008/09/17 02:49:16 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\WildTangent
[2008/09/18 06:58:03 | 000,000,000 | -H-D | M] -- C:\Users\Kempton\AppData\Roaming\WinBatch
[2011/09/26 12:57:20 | 000,000,000 | ---D | M] -- C:\Users\Kempton\AppData\Roaming\WinFF
[2011/09/29 23:42:16 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-339374970-1131118951-510972617-1000Core.job
[2011/09/29 23:42:17 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-339374970-1131118951-510972617-1000UA.job
[2011/09/29 23:51:21 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/09/29 13:13:20 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9C815538-B043-4A1B-9DB4-03229CC8D264}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 964 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:y6ipkKeKKrzkhIp7
@Alternate Data Stream - 1166 bytes -> C:\ProgramData\Microsoft:cYGukDBY7lKskrJGIY
@Alternate Data Stream - 1164 bytes -> C:\Users\Kempton\AppData\Local\a9TbpeGL:4ncmt9YNnJ44ik0IZDb4wYgkVw
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:9D718DA3
@Alternate Data Stream - 1054 bytes -> C:\ProgramData\Microsoft:VS7Xi1yrTVrev87yxayglmX

< End of report >


Problem screen.jpg
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP