My computer has a problem.. [Closed]
#1
- Group: Member
- Posts: 0
- Joined: 14-December 11
Posted 14 December 2011 - 08:32 AM
#2
- Group: Member
- Posts: 0
- Joined: 14-December 11
Posted 14 December 2011 - 08:50 AM
OTL logfile created on: 12/14/2011 9:36:11 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Tyler\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.90 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 40.17% Memory free
8.02 Gb Paging File | 5.66 Gb Available in Paging File | 70.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.60 Gb Total Space | 134.09 Gb Free Space | 60.78% Space Free | Partition Type: NTFS
Drive D: | 12.28 Gb Total Space | 0.00 Gb Free Space | 0.03% Space Free | Partition Type: NTFS
Computer Name: TYLER-PC | User Name: Tyler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/14 09:35:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Tyler\Downloads\OTL.exe
PRC - [2011/12/12 18:33:53 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/12/11 19:38:10 | 000,397,864 | -H-- | M] (Symantec Corporation) -- C:\Users\Public\Downloads\Norton\{N360S_prod_1.6.18_5.1.0.29}\N360Downloader.exe
PRC - [2011/10/24 19:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/10/13 18:36:14 | 000,246,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011/10/13 18:36:11 | 000,218,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/04/29 16:59:32 | 000,227,840 | ---- | M] (Mp3Tube) -- C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe
PRC - [2011/04/29 13:12:50 | 000,184,320 | ---- | M] (Mp3Tube) -- C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
========== Modules (No Company Name) ==========
MOD - [2011/11/09 19:04:45 | 001,451,336 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
MOD - [2011/10/13 18:36:11 | 000,218,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/17 18:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2011/10/24 19:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/10/13 18:36:14 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/04/29 16:59:32 | 000,227,840 | ---- | M] (Mp3Tube) [Auto | Running] -- C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe -- (Mp3Tube Toolbar Service)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/12/11 20:14:15 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/10/07 05:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 05:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 05:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 00:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 00:13:56 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 00:13:54 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV:64bit: - [2011/07/11 00:13:52 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV:64bit: - [2011/05/23 00:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/21 19:39:49 | 000,432,760 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMTDIV.SYS -- (SYMTDIV)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2011/01/27 00:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/20 22:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/08 10:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2008/12/20 02:03:08 | 001,344,000 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/09/19 19:43:58 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/06/29 09:52:44 | 000,126,976 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/06/10 14:58:48 | 000,170,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/06/05 11:59:50 | 000,264,704 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/04/17 13:05:20 | 000,324,656 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/01/20 21:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel®
DRV:64bit: - [2008/01/20 21:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/10/31 21:22:50 | 001,481,216 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/10/31 21:19:46 | 000,293,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2007/10/31 21:18:32 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/10/17 18:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2007/06/18 19:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 20:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/06/18 17:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2011/12/10 01:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111213.035\EX64.SYS -- (NAVEX15)
DRV - [2011/12/10 01:00:00 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/12/10 01:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111213.035\ENG64.SYS -- (NAVENG)
DRV - [2011/12/09 16:53:28 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20111212.002\IDSviA64.sys -- (IDSVia64)
DRV - [2011/11/23 23:08:44 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111123.001\BHDrvx64.sys -- (BHDrvx64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:50370
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/11/04 16:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2011/09/14 16:37:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/12/11 20:18:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn\ [2011/12/11 20:12:21 | 000,000,000 | ---D | M]
[2009/12/25 18:56:01 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Tyler\AppData\Roaming\Mozilla\Extensions
[2009/12/25 18:56:01 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Tyler\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/12/08 19:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/20 10:56:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/12/08 18:43:41 | 000,001,211 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Mp3Tube.xml
Hosts file not found
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {258C9770-1713-4021-8D7E-1F184A2BD754} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Mp3Tube Toolbar) - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.dll (Mp3Tube Toolbar)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [aaaaaaaa×] C:\Users\Tyler\aaaaaaaa×.exe File not found
O4 - HKCU..\Run: [FNFPDoJienHIJQ.exe] C:\ProgramData\FNFPDoJienHIJQ.exe File not found
O4 - HKCU..\Run: [Norton Download Manager{N360S_prod_1.6.18_5.1.0.29}] C:\Users\Public\Downloads\Norton\{N360S_prod_1.6.18_5.1.0.29}\N360Downloader.exe (Symantec Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ShopperReports - Compare product prices - {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll File not found
O9 - Extra Button: ShopperReports - Compare travel rates - {EB620C54-E229-4942-87CE-E717109FC8C6} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D7AA6ED-3314-48BB-8CA4-56E60E24DC50}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{391b232b-0fd3-11df-9721-001f16d82b9d}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\SaAFeq.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/14 09:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/12/14 09:13:50 | 000,000,000 | ---D | C] -- C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/12/11 20:18:41 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\Documents\Symantec
[2011/12/11 20:14:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/12/11 20:14:16 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/12/11 20:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/12/11 20:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/12/11 20:13:15 | 000,432,760 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symtdiv.sys
[2011/12/11 20:13:14 | 000,912,504 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymEFA64.sys
[2011/12/11 20:13:14 | 000,744,568 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys
[2011/12/11 20:13:14 | 000,450,680 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymDS64.sys
[2011/12/11 20:13:14 | 000,382,584 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys
[2011/12/11 20:13:14 | 000,171,128 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.sys
[2011/12/11 20:13:14 | 000,040,568 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys
[2011/12/11 20:12:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2011/12/11 20:12:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D
[2011/12/11 20:12:21 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2011/12/11 20:12:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2011/12/11 19:51:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\PCSettings
[2011/12/11 19:38:11 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2011/12/11 19:19:12 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\HpUpdate
[2011/12/11 19:19:09 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2011/12/08 19:17:20 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/11/20 10:55:40 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\Skype
[2011/11/20 10:55:27 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/11/20 10:55:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Skype
========== Files - Modified Within 30 Days ==========
[2011/12/14 09:42:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/14 09:13:50 | 000,001,960 | ---- | M] () -- C:\Users\Tyler\Desktop\HiJackThis.lnk
[2011/12/14 09:03:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/13 21:48:45 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/13 21:48:43 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/13 19:35:18 | 000,000,680 | ---- | M] () -- C:\Users\Tyler\AppData\Local\d3d9caps.dat
[2011/12/13 19:35:11 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/13 17:34:32 | 002,881,248 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
[2011/12/11 21:37:25 | 000,000,949 | -H-- | M] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (64-bit).lnk
[2011/12/11 20:14:15 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/12/11 20:14:15 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/12/11 20:14:15 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/12/11 20:13:46 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011/12/11 20:13:30 | 000,000,943 | -H-- | M] () -- C:\Users\Tyler\Desktop\Norton Download Manager.lnk
[2011/12/11 20:13:30 | 000,000,848 | -H-- | M] () -- C:\Users\Tyler\Desktop\Norton Installation Files.lnk
[2011/12/11 20:12:52 | 000,000,290 | -H-- | M] () -- C:\ProgramData\hpqp.ini
[2011/12/11 20:11:46 | 4193,460,224 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/10 22:23:54 | 000,007,680 | -H-- | M] () -- C:\Users\Tyler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/10 12:13:05 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/10 12:13:05 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/10 12:13:05 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/08 20:38:50 | 000,000,625 | -H-- | M] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/08 19:19:46 | 000,000,440 | -H-- | M] () -- C:\ProgramData\l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,601 | -H-- | M] () -- C:\Users\Tyler\Desktop\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,296 | -H-- | M] () -- C:\ProgramData\~l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~l6BUNDDK9Jm4Otr
[2011/12/08 08:09:19 | 000,000,588 | -H-- | M] () -- C:\Users\Tyler\AppData\Roaming\wklnhst.dat
[2011/12/08 08:06:42 | 000,049,152 | -H-- | M] () -- C:\Users\Tyler\Documents\laurenpsychcheatsheet.wps
[2011/12/04 15:27:15 | 000,009,908 | -HS- | M] () -- C:\Users\Tyler\AppData\Local\6q18ns2m36o151
[2011/12/04 15:27:15 | 000,009,908 | -HS- | M] () -- C:\ProgramData\6q18ns2m36o151
[2011/11/30 23:04:43 | 000,104,958 | -H-- | M] () -- C:\Users\Tyler\Documents\Windows Photo Gallery Wallpaper.jpg
========== Files Created - No Company Name ==========
[2011/12/14 09:13:50 | 000,001,960 | ---- | C] () -- C:\Users\Tyler\Desktop\HiJackThis.lnk
[2011/12/12 18:31:33 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/12 18:31:31 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/11 21:37:25 | 000,000,949 | -H-- | C] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (64-bit).lnk
[2011/12/11 20:16:57 | 002,881,248 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
[2011/12/11 20:14:16 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/12/11 20:14:16 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/12/11 20:13:46 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011/12/11 20:13:15 | 000,000,000 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymDS64.cat
[2011/12/11 20:12:25 | 000,003,373 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymEFA.inf
[2011/12/11 20:12:25 | 000,002,792 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymDS.inf
[2011/12/11 20:12:25 | 000,001,474 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymNetV.inf
[2011/12/11 20:12:25 | 000,001,446 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymNet.inf
[2011/12/11 20:12:25 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.inf
[2011/12/11 20:12:25 | 000,001,422 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.inf
[2011/12/11 20:12:25 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Iron.inf
[2011/12/11 20:12:24 | 000,007,877 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnetv64.cat
[2011/12/11 20:12:24 | 000,007,492 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\iron.cat
[2011/12/11 20:12:24 | 000,007,462 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.cat
[2011/12/11 20:12:24 | 000,007,460 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymEFA64.cat
[2011/12/11 20:12:24 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnet64.cat
[2011/12/11 20:12:24 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.cat
[2011/12/11 20:12:24 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\isolate.ini
[2011/12/11 19:38:11 | 000,000,943 | -H-- | C] () -- C:\Users\Tyler\Desktop\Norton Download Manager.lnk
[2011/12/11 19:38:11 | 000,000,848 | -H-- | C] () -- C:\Users\Tyler\Desktop\Norton Installation Files.lnk
[2011/12/08 20:38:47 | 000,000,625 | -H-- | C] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,601 | -H-- | C] () -- C:\Users\Tyler\Desktop\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,296 | -H-- | C] () -- C:\ProgramData\~l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~l6BUNDDK9Jm4Otr
[2011/12/08 19:17:17 | 000,000,440 | -H-- | C] () -- C:\ProgramData\l6BUNDDK9Jm4Ot
[2011/12/07 13:20:00 | 000,049,152 | -H-- | C] () -- C:\Users\Tyler\Documents\laurenpsychcheatsheet.wps
[2011/12/04 12:43:59 | 000,009,908 | -HS- | C] () -- C:\Users\Tyler\AppData\Local\6q18ns2m36o151
[2011/12/04 12:43:59 | 000,009,908 | -HS- | C] () -- C:\ProgramData\6q18ns2m36o151
[2011/11/30 23:05:17 | 000,104,958 | -H-- | C] () -- C:\Users\Tyler\Documents\Windows Photo Gallery Wallpaper.jpg
[2010/10/25 22:07:50 | 000,000,006 | -H-- | C] () -- C:\Users\Tyler\AppData\Roaming\start
[2010/10/25 22:07:23 | 000,000,006 | -H-- | C] () -- C:\Users\Tyler\AppData\Roaming\completescan
[2010/10/25 22:00:32 | 000,000,010 | -H-- | C] () -- C:\Users\Tyler\AppData\Roaming\install
[2010/08/25 19:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 19:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 19:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/07/20 11:37:27 | 000,000,680 | ---- | C] () -- C:\Users\Tyler\AppData\Local\d3d9caps.dat
[2010/04/28 19:13:57 | 000,000,588 | -H-- | C] () -- C:\Users\Tyler\AppData\Roaming\wklnhst.dat
[2010/02/20 00:32:50 | 000,007,680 | -H-- | C] () -- C:\Users\Tyler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/28 03:34:28 | 000,010,444 | -HS- | C] () -- C:\Users\Tyler\AppData\Local\JNvc
[2009/12/30 11:26:11 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/30 11:25:40 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/30 11:25:01 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 10:47:53 | 000,000,290 | -H-- | C] () -- C:\ProgramData\hpqp.ini
[2009/04/20 18:31:40 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/07/06 15:20:48 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== LOP Check ==========
[2011/10/13 18:34:03 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\AVG2012
[2011/08/10 06:21:23 | 000,000,000 | -HSD | M] -- C:\Users\Tyler\AppData\Roaming\B59AE475
[2011/08/09 09:22:05 | 000,000,000 | -HSD | M] -- C:\Users\Tyler\AppData\Roaming\F948BFF1
[2011/11/10 03:19:40 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\FrostWire
[2010/05/28 18:56:22 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\GARMIN
[2011/12/08 19:24:17 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\LimeWire
[2011/09/16 17:16:05 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\ooVoo Details
[2010/04/28 19:14:01 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\Template
[2011/12/11 20:09:13 | 000,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Tyler\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.90 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 40.17% Memory free
8.02 Gb Paging File | 5.66 Gb Available in Paging File | 70.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.60 Gb Total Space | 134.09 Gb Free Space | 60.78% Space Free | Partition Type: NTFS
Drive D: | 12.28 Gb Total Space | 0.00 Gb Free Space | 0.03% Space Free | Partition Type: NTFS
Computer Name: TYLER-PC | User Name: Tyler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/14 09:35:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Tyler\Downloads\OTL.exe
PRC - [2011/12/12 18:33:53 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/12/11 19:38:10 | 000,397,864 | -H-- | M] (Symantec Corporation) -- C:\Users\Public\Downloads\Norton\{N360S_prod_1.6.18_5.1.0.29}\N360Downloader.exe
PRC - [2011/10/24 19:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/10/13 18:36:14 | 000,246,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011/10/13 18:36:11 | 000,218,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/04/29 16:59:32 | 000,227,840 | ---- | M] (Mp3Tube) -- C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe
PRC - [2011/04/29 13:12:50 | 000,184,320 | ---- | M] (Mp3Tube) -- C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
========== Modules (No Company Name) ==========
MOD - [2011/11/09 19:04:45 | 001,451,336 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
MOD - [2011/10/13 18:36:11 | 000,218,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/17 18:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2011/10/24 19:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/10/13 18:36:14 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/04/29 16:59:32 | 000,227,840 | ---- | M] (Mp3Tube) [Auto | Running] -- C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe -- (Mp3Tube Toolbar Service)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/12/11 20:14:15 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/10/07 05:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 05:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 05:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 00:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 00:13:56 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 00:13:54 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV:64bit: - [2011/07/11 00:13:52 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV:64bit: - [2011/05/23 00:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/21 19:39:49 | 000,432,760 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMTDIV.SYS -- (SYMTDIV)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2011/01/27 00:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/20 22:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/08 10:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2008/12/20 02:03:08 | 001,344,000 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/09/19 19:43:58 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/06/29 09:52:44 | 000,126,976 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/06/10 14:58:48 | 000,170,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/06/05 11:59:50 | 000,264,704 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/04/17 13:05:20 | 000,324,656 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/01/20 21:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel®
DRV:64bit: - [2008/01/20 21:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/10/31 21:22:50 | 001,481,216 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/10/31 21:19:46 | 000,293,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2007/10/31 21:18:32 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/10/17 18:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2007/06/18 19:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 20:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/06/18 17:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2011/12/10 01:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111213.035\EX64.SYS -- (NAVEX15)
DRV - [2011/12/10 01:00:00 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/12/10 01:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111213.035\ENG64.SYS -- (NAVENG)
DRV - [2011/12/09 16:53:28 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20111212.002\IDSviA64.sys -- (IDSVia64)
DRV - [2011/11/23 23:08:44 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111123.001\BHDrvx64.sys -- (BHDrvx64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:50370
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/11/04 16:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2011/09/14 16:37:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/12/11 20:18:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn\ [2011/12/11 20:12:21 | 000,000,000 | ---D | M]
[2009/12/25 18:56:01 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Tyler\AppData\Roaming\Mozilla\Extensions
[2009/12/25 18:56:01 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Tyler\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/12/08 19:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/20 10:56:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/12/08 18:43:41 | 000,001,211 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Mp3Tube.xml
Hosts file not found
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {258C9770-1713-4021-8D7E-1F184A2BD754} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Mp3Tube Toolbar) - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.dll (Mp3Tube Toolbar)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [aaaaaaaa×] C:\Users\Tyler\aaaaaaaa×.exe File not found
O4 - HKCU..\Run: [FNFPDoJienHIJQ.exe] C:\ProgramData\FNFPDoJienHIJQ.exe File not found
O4 - HKCU..\Run: [Norton Download Manager{N360S_prod_1.6.18_5.1.0.29}] C:\Users\Public\Downloads\Norton\{N360S_prod_1.6.18_5.1.0.29}\N360Downloader.exe (Symantec Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ShopperReports - Compare product prices - {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll File not found
O9 - Extra Button: ShopperReports - Compare travel rates - {EB620C54-E229-4942-87CE-E717109FC8C6} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D7AA6ED-3314-48BB-8CA4-56E60E24DC50}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{391b232b-0fd3-11df-9721-001f16d82b9d}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\SaAFeq.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/14 09:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/12/14 09:13:50 | 000,000,000 | ---D | C] -- C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/12/11 20:18:41 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\Documents\Symantec
[2011/12/11 20:14:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/12/11 20:14:16 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/12/11 20:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/12/11 20:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/12/11 20:13:15 | 000,432,760 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symtdiv.sys
[2011/12/11 20:13:14 | 000,912,504 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymEFA64.sys
[2011/12/11 20:13:14 | 000,744,568 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys
[2011/12/11 20:13:14 | 000,450,680 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymDS64.sys
[2011/12/11 20:13:14 | 000,382,584 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys
[2011/12/11 20:13:14 | 000,171,128 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.sys
[2011/12/11 20:13:14 | 000,040,568 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys
[2011/12/11 20:12:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2011/12/11 20:12:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D
[2011/12/11 20:12:21 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2011/12/11 20:12:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2011/12/11 19:51:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\PCSettings
[2011/12/11 19:38:11 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2011/12/11 19:19:12 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\HpUpdate
[2011/12/11 19:19:09 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2011/12/08 19:17:20 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/11/20 10:55:40 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\Skype
[2011/11/20 10:55:27 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/11/20 10:55:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Skype
========== Files - Modified Within 30 Days ==========
[2011/12/14 09:42:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/14 09:13:50 | 000,001,960 | ---- | M] () -- C:\Users\Tyler\Desktop\HiJackThis.lnk
[2011/12/14 09:03:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/13 21:48:45 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/13 21:48:43 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/13 19:35:18 | 000,000,680 | ---- | M] () -- C:\Users\Tyler\AppData\Local\d3d9caps.dat
[2011/12/13 19:35:11 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/13 17:34:32 | 002,881,248 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
[2011/12/11 21:37:25 | 000,000,949 | -H-- | M] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (64-bit).lnk
[2011/12/11 20:14:15 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/12/11 20:14:15 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/12/11 20:14:15 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/12/11 20:13:46 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011/12/11 20:13:30 | 000,000,943 | -H-- | M] () -- C:\Users\Tyler\Desktop\Norton Download Manager.lnk
[2011/12/11 20:13:30 | 000,000,848 | -H-- | M] () -- C:\Users\Tyler\Desktop\Norton Installation Files.lnk
[2011/12/11 20:12:52 | 000,000,290 | -H-- | M] () -- C:\ProgramData\hpqp.ini
[2011/12/11 20:11:46 | 4193,460,224 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/10 22:23:54 | 000,007,680 | -H-- | M] () -- C:\Users\Tyler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/10 12:13:05 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/10 12:13:05 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/10 12:13:05 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/08 20:38:50 | 000,000,625 | -H-- | M] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/08 19:19:46 | 000,000,440 | -H-- | M] () -- C:\ProgramData\l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,601 | -H-- | M] () -- C:\Users\Tyler\Desktop\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,296 | -H-- | M] () -- C:\ProgramData\~l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~l6BUNDDK9Jm4Otr
[2011/12/08 08:09:19 | 000,000,588 | -H-- | M] () -- C:\Users\Tyler\AppData\Roaming\wklnhst.dat
[2011/12/08 08:06:42 | 000,049,152 | -H-- | M] () -- C:\Users\Tyler\Documents\laurenpsychcheatsheet.wps
[2011/12/04 15:27:15 | 000,009,908 | -HS- | M] () -- C:\Users\Tyler\AppData\Local\6q18ns2m36o151
[2011/12/04 15:27:15 | 000,009,908 | -HS- | M] () -- C:\ProgramData\6q18ns2m36o151
[2011/11/30 23:04:43 | 000,104,958 | -H-- | M] () -- C:\Users\Tyler\Documents\Windows Photo Gallery Wallpaper.jpg
========== Files Created - No Company Name ==========
[2011/12/14 09:13:50 | 000,001,960 | ---- | C] () -- C:\Users\Tyler\Desktop\HiJackThis.lnk
[2011/12/12 18:31:33 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/12 18:31:31 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/11 21:37:25 | 000,000,949 | -H-- | C] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (64-bit).lnk
[2011/12/11 20:16:57 | 002,881,248 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
[2011/12/11 20:14:16 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/12/11 20:14:16 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/12/11 20:13:46 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011/12/11 20:13:15 | 000,000,000 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymDS64.cat
[2011/12/11 20:12:25 | 000,003,373 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymEFA.inf
[2011/12/11 20:12:25 | 000,002,792 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymDS.inf
[2011/12/11 20:12:25 | 000,001,474 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymNetV.inf
[2011/12/11 20:12:25 | 000,001,446 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymNet.inf
[2011/12/11 20:12:25 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.inf
[2011/12/11 20:12:25 | 000,001,422 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.inf
[2011/12/11 20:12:25 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Iron.inf
[2011/12/11 20:12:24 | 000,007,877 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnetv64.cat
[2011/12/11 20:12:24 | 000,007,492 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\iron.cat
[2011/12/11 20:12:24 | 000,007,462 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.cat
[2011/12/11 20:12:24 | 000,007,460 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymEFA64.cat
[2011/12/11 20:12:24 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnet64.cat
[2011/12/11 20:12:24 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.cat
[2011/12/11 20:12:24 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\isolate.ini
[2011/12/11 19:38:11 | 000,000,943 | -H-- | C] () -- C:\Users\Tyler\Desktop\Norton Download Manager.lnk
[2011/12/11 19:38:11 | 000,000,848 | -H-- | C] () -- C:\Users\Tyler\Desktop\Norton Installation Files.lnk
[2011/12/08 20:38:47 | 000,000,625 | -H-- | C] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,601 | -H-- | C] () -- C:\Users\Tyler\Desktop\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,296 | -H-- | C] () -- C:\ProgramData\~l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~l6BUNDDK9Jm4Otr
[2011/12/08 19:17:17 | 000,000,440 | -H-- | C] () -- C:\ProgramData\l6BUNDDK9Jm4Ot
[2011/12/07 13:20:00 | 000,049,152 | -H-- | C] () -- C:\Users\Tyler\Documents\laurenpsychcheatsheet.wps
[2011/12/04 12:43:59 | 000,009,908 | -HS- | C] () -- C:\Users\Tyler\AppData\Local\6q18ns2m36o151
[2011/12/04 12:43:59 | 000,009,908 | -HS- | C] () -- C:\ProgramData\6q18ns2m36o151
[2011/11/30 23:05:17 | 000,104,958 | -H-- | C] () -- C:\Users\Tyler\Documents\Windows Photo Gallery Wallpaper.jpg
[2010/10/25 22:07:50 | 000,000,006 | -H-- | C] () -- C:\Users\Tyler\AppData\Roaming\start
[2010/10/25 22:07:23 | 000,000,006 | -H-- | C] () -- C:\Users\Tyler\AppData\Roaming\completescan
[2010/10/25 22:00:32 | 000,000,010 | -H-- | C] () -- C:\Users\Tyler\AppData\Roaming\install
[2010/08/25 19:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 19:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 19:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/07/20 11:37:27 | 000,000,680 | ---- | C] () -- C:\Users\Tyler\AppData\Local\d3d9caps.dat
[2010/04/28 19:13:57 | 000,000,588 | -H-- | C] () -- C:\Users\Tyler\AppData\Roaming\wklnhst.dat
[2010/02/20 00:32:50 | 000,007,680 | -H-- | C] () -- C:\Users\Tyler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/28 03:34:28 | 000,010,444 | -HS- | C] () -- C:\Users\Tyler\AppData\Local\JNvc
[2009/12/30 11:26:11 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/30 11:25:40 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/30 11:25:01 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 10:47:53 | 000,000,290 | -H-- | C] () -- C:\ProgramData\hpqp.ini
[2009/04/20 18:31:40 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/07/06 15:20:48 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== LOP Check ==========
[2011/10/13 18:34:03 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\AVG2012
[2011/08/10 06:21:23 | 000,000,000 | -HSD | M] -- C:\Users\Tyler\AppData\Roaming\B59AE475
[2011/08/09 09:22:05 | 000,000,000 | -HSD | M] -- C:\Users\Tyler\AppData\Roaming\F948BFF1
[2011/11/10 03:19:40 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\FrostWire
[2010/05/28 18:56:22 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\GARMIN
[2011/12/08 19:24:17 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\LimeWire
[2011/09/16 17:16:05 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\ooVoo Details
[2010/04/28 19:14:01 | 000,000,000 | -H-D | M] -- C:\Users\Tyler\AppData\Roaming\Template
[2011/12/11 20:09:13 | 000,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
#3
- Group: GeekU Moderator
- Posts: 56,122
- Joined: 31-May 06
Posted 14 December 2011 - 02:16 PM
Hi there lets see if we can sort you out and return you to the straight and narrow. I will require you to run the first programme twice each time in a different mode
When all fixes have been run and you post the logs could you let me know if all icons and folders have returned
First I notice you have multiple antivirus programmes, this is the one time when more is not better
When we have some stability we will sort that out for you
Download RogueKiller to your desktop
Please post the contents of the RKreport.txt in your next Reply.
Re-Run RogueKiller
Please post the contents of the RKreport.txt in your next Reply.
NEXT
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
THEN
Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
When all fixes have been run and you post the logs could you let me know if all icons and folders have returned
First I notice you have multiple antivirus programmes, this is the one time when more is not better
When we have some stability we will sort that out for you
Download RogueKiller to your desktop
- Quit all running programs
- For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
- When prompted, type 2 and validate
- The RKreport.txt shall be generated next to the executable.
- If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Please post the contents of the RKreport.txt in your next Reply.
Re-Run RogueKiller
- Quit all running programs
- For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
- When prompted, type 6 and validate
- The RKreport.txt shall be generated next to the executable.
- If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Please post the contents of the RKreport.txt in your next Reply.
NEXT
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
Quote
:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:50370
O2 - BHO: (no name) - {258C9770-1713-4021-8D7E-1F184A2BD754} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKCU..\Run: [aaaaaaaa×] C:\Users\Tyler\aaaaaaaa×.exe File not found
O4 - HKCU..\Run: [FNFPDoJienHIJQ.exe] C:\ProgramData\FNFPDoJienHIJQ.exe File not found
O33 - MountPoints2\{391b232b-0fd3-11df-9721-001f16d82b9d}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\SaAFeq.EXE
[2011/12/08 19:17:20 | 000,000,000 | -H-D | C] -- C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/12/08 20:38:50 | 000,000,625 | -H-- | M] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/08 19:19:46 | 000,000,440 | -H-- | M] () -- C:\ProgramData\l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,601 | -H-- | M] () -- C:\Users\Tyler\Desktop\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,296 | -H-- | M] () -- C:\ProgramData\~l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~l6BUNDDK9Jm4Otr
[2011/12/04 15:27:15 | 000,009,908 | -HS- | M] () -- C:\Users\Tyler\AppData\Local\6q18ns2m36o151
[2011/12/04 15:27:15 | 000,009,908 | -HS- | M] () -- C:\ProgramData\6q18ns2m36o151
[2011/12/08 20:38:47 | 000,000,625 | -H-- | C] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,601 | -H-- | C] () -- C:\Users\Tyler\Desktop\System Fix.lnk
[2011/12/08 19:17:20 | 000,000,296 | -H-- | C] () -- C:\ProgramData\~l6BUNDDK9Jm4Ot
[2011/12/08 19:17:20 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~l6BUNDDK9Jm4Otr
[2011/12/08 19:17:17 | 000,000,440 | -H-- | C] () -- C:\ProgramData\l6BUNDDK9Jm4Ot
[2011/12/04 12:43:59 | 000,009,908 | -HS- | C] () -- C:\Users\Tyler\AppData\Local\6q18ns2m36o151
[2011/12/04 12:43:59 | 000,009,908 | -HS- | C] () -- C:\ProgramData\6q18ns2m36o151
:Files
ipconfig /flushdns /c
:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
:Commands
[purity]
[resethosts]
[emptyjava]
[CREATERESTOREPOINT]
[Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
#4
- Group: GeekU Moderator
- Posts: 56,122
- Joined: 31-May 06
Posted 18 December 2011 - 05:17 AM
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Share this topic:
Page 1 of 1
