Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Dad (administrator) on HOMERJAY on 07-04-2014 07:23:02
Running from C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Microsoft) C:\WINDOWS\arservice.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehSched.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
(Intel Corporation) C:\WINDOWS\system32\IProsetMonitor.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files\Norton 360\Norton 360\Engine\21.2.0.38\N360.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\Program Files\pcreg\pcreg.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\WINDOWS\system32\atwtusb.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(WALTOP International Corp.) C:\WINDOWS\system32\TblMouse.exe
(PixArt Imaging Incorporation) C:\WINDOWS\PixArt\PAC7302\Monitor.exe
(Symantec Corporation) C:\Program Files\Norton 360\Norton 360\Engine\21.2.0.38\N360.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Apache Software Foundation) C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
(Logitech Inc.) C:\Program Files\SetPoint\SetPoint.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
() C:\WINDOWS\system32\atwtusb.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TblMouse] - C:\WINDOWS\system32\TblMouse.exe [65184 2007-10-09] (WALTOP International Corp.)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [PAC7302_Monitor] - C:\WINDOWS\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20026472 1999-12-31] (Realtek Semiconductor Corp.)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15512424 2012-09-23] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMCTray.dll [108392 2012-09-23] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2012-09-23] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [pcreg] - C:\Program Files\pcreg\service.exe [90184 2014-03-13] ()
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-229142031-1004967283-3177539258-1008\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-229142031-1004967283-3177539258-1008\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-229142031-1004967283-3177539258-1008\...\Run: [pcreg] - C:\Program Files\pcreg\service.exe [90184 2014-03-13] ()
HKU\S-1-5-21-229142031-1004967283-3177539258-1008\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-229142031-1004967283-3177539258-1008\...\MountPoints2: K - K:\VZW_Software_upgrade_assistant.exe
AppInit_DLLs: c:\progra~1\settin~1\systemk\syskldr.dll => c:\progra~1\settin~1\systemk\syskldr.dll File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
Lsa: [Authentication Packages] msv1_0 nwprovau
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SetPoint.lnk
ShortcutTarget: SetPoint.lnk -> C:\Program Files\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk
ShortcutTarget: Pin.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\LogMeInRemoteUser\Start Menu\Programs\Startup\Pin.lnk
ShortcutTarget: Pin.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Startup\Pin.lnk
ShortcutTarget: Pin.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=476&aid=100&itype=n&ver=11471&tm=305&src=hmp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE8HP&PC=UP61
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=n&ver=11471&tm=305&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3324862&octid=EB_ORIGINAL_CTID&ISID=M2900A595-AC67-465A-87AE-3FDB9880F1D9&SearchSource=58&CUI=&UM=5&UP=SPA1B67426-E9ED-4820-9ED9-E2A54B5FD984&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3324862&octid=EB_ORIGINAL_CTID&ISID=M2900A595-AC67-465A-87AE-3FDB9880F1D9&SearchSource=58&CUI=&UM=5&UP=SPA1B67426-E9ED-4820-9ED9-E2A54B5FD984&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {35BD7BC1-4C85-4F7F-ACA6-876B606CD4DB} URL = http://www.ask.com/web?q={searchTerms}&search=search&qsrc=0&o=0&l=dir
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=n&ver=11471&tm=305&src=ds&p={searchTerms}
SearchScopes: HKCU - {DD458146-C277-42A1-8FA1-561B6806DEA8} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=010BB6C7-4198-4CAC-BA6E-5FFD19588497&apn_sauid=123B04EA-1E04-4C22-88DD-9541C9C7D4BB
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave.com/content/bejeweled2/sis/popcaploader_v10.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Mozilla\Firefox\Profiles\846bmugo.default-1370280888171
FF DefaultSearchEngine: Conduit Search
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: file:///c:/home.htm
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=100&itype=n&ver=11471&tm=305&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2105 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2163 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Mozilla\Firefox\Profiles\846bmugo.default-1370280888171\searchplugins\ask-jeeves.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml
FF Extension: Firebug - C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Mozilla\Firefox\Profiles\846bmugo.default-1370280888171\Extensions\firebug@software.joehewitt.com.xpi [2013-08-05]
FF Extension: Lightbeam - C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Mozilla\Firefox\Profiles\846bmugo.default-1370280888171\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [lesstabs@lesstabs.com] - C:\Program Files\Mozilla Firefox\extensions\lesstabs@lesstabs.com
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-01-29]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-05] (Adobe Systems Incorporated)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 1999-12-31] (LSI Corporation)
R2 ARSVC; C:\WINDOWS\arservice.exe [58880 2005-08-03] (Microsoft)
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [110752 2010-09-21] (Intel Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [67400 2011-04-01] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43129288 2012-06-29] (Microsoft Corporation)
R2 N360; C:\Program Files\Norton 360\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-13] (Microsoft Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [33864 2014-03-13] ()
S0 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-29] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [528256 2012-12-11] (Wacom Technology, Corp.)
R2 WTService; C:\WINDOWS\system32\atwtusb.exe [364192 2007-12-06] ()

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 1999-12-31] (Creative)
S3 Andbus; C:\WINDOWS\System32\DRIVERS\lgandbus.sys [14336 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\WINDOWS\System32\DRIVERS\lganddiag.sys [20736 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\WINDOWS\System32\DRIVERS\lgandgps.sys [20096 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\WINDOWS\System32\DRIVERS\lgandmodem.sys [25088 2012-03-02] (LG Electronics Inc.)
S3 androidusb; C:\WINDOWS\System32\Drivers\lgandadb.sys [25728 2012-03-02] (Google Inc)
S3 aracpi; C:\WINDOWS\System32\DRIVERS\aracpi.sys [22784 2005-08-03] (Microsoft Corporation)
R3 arhidfltr; C:\WINDOWS\System32\DRIVERS\arhidfltr.sys [19200 2005-08-03] (Microsoft Corporation)
R3 arkbcfltr; C:\WINDOWS\System32\DRIVERS\arkbcfltr.sys [5376 2005-08-03] (Microsoft Corporation)
R3 armoucfltr; C:\WINDOWS\System32\DRIVERS\armoucfltr.sys [4992 2005-08-03] (Microsoft Corporation)
R3 ARPolicy; C:\WINDOWS\System32\DRIVERS\arpolicy.sys [10112 2005-08-03] (Microsoft Corporation)
S3 AVEO; C:\WINDOWS\System32\DRIVERS\AVEOdcnt.sys [224256 2010-01-21] (AVEO Corp)
R0 bb-run; C:\WINDOWS\System32\DRIVERS\bb-run.sys [17408 2003-11-05] (Promise Technology, Inc.)
R1 BHDrvx86; C:\Program Files\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx86.sys [1098968 2014-03-18] (Symantec Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360\1502000.026\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R3 CXFALCON; C:\WINDOWS\System32\drivers\cxfalcon.sys [100480 2005-08-16] (Conexant Systems, Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-01-31] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2014-01-28] (Symantec Corporation)
R0 ftsata2; C:\WINDOWS\System32\DRIVERS\ftsata2.sys [175104 2005-06-30] (Promise Technology, Inc.)
R3 hidkmdf; C:\WINDOWS\System32\DRIVERS\hidkmdf.sys [11680 2012-12-03] (Windows (R) Win 7 DDK provider)
R3 IDSxpx86; C:\Program Files\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140404.001\IDSxpx86.sys [383120 2014-03-25] (Symantec Corporation)
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28688 2007-04-11] (Logitech, Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 1999-12-31] (Creative Technology Ltd.)
R3 NAVENG; C:\Program Files\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140406.021\NAVENG.SYS [93272 2014-04-02] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140406.021\NAVEX15.SYS [1612376 2014-04-02] (Symantec Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [124264 2012-07-03] (NVIDIA Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2004-08-10] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-10] (Microsoft Corporation)
R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
S3 PAC7302; C:\WINDOWS\System32\DRIVERS\PAC7302.SYS [457216 2009-04-28] (PixArt Imaging Inc.)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [249288 2012-06-29] (Microsoft Corporation)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R3 SRTSP; C:\WINDOWS\System32\Drivers\N360\1502000.026\SRTSP.SYS [664280 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\1502000.026\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [12984 2012-04-13] ()
R0 SymDS; C:\WINDOWS\System32\drivers\N360\1502000.026\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\N360\1502000.026\SYMEFA.SYS [936152 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2014-01-29] (Symantec Corporation)
S3 SymIM; C:\WINDOWS\System32\DRIVERS\SymIM.sys [47960 2013-09-09] (Symantec Corporation)
R3 SymIMMP; C:\WINDOWS\System32\DRIVERS\SymIM.sys [47960 2013-09-09] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360\1502000.026\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\N360\1502000.026\SYMTDI.SYS [423256 2014-02-17] (Symantec Corporation)
S3 WacHidRouter; C:\WINDOWS\System32\DRIVERS\wachidrouter.sys [70048 2012-12-03] (Wacom Technology)
S3 wacomrouterfilter; C:\WINDOWS\System32\DRIVERS\wacomrouterfilter.sys [13728 2012-11-15] (Wacom Technology)
S3 WN5301; C:\WINDOWS\System32\DRIVERS\wn5301.sys [468768 2005-10-05] (Liteon Technology Inc.)
S3 dsNcAdpt; system32\DRIVERS\dsNcAdpt.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
U1 WS2IFSL; 
S2 zumbus; system32\DRIVERS\zumbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2014-04-07 07:23 - 2014-04-07 07:23 - 00023513 _____ () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\FRST.txt
2014-04-07 07:21 - 2014-04-07 07:23 - 00000000 ____D () C:\FRST
2014-04-07 07:17 - 2014-04-07 07:17 - 04745728 _____ (AVAST Software) C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\aswmbr.exe
2014-04-07 07:15 - 2014-04-07 07:15 - 01145856 _____ (Farbar) C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\FRST.exe
2014-04-06 17:02 - 2014-04-06 17:02 - 03423972 ____R () C:\2013Backup_2014-04-06_170202.mbf
2014-04-06 15:49 - 2014-04-06 15:49 - 03408054 ____R () C:\2013Backup_2014-04-06_154912.mbf
2014-04-04 15:47 - 2014-04-04 15:51 - 00000000 ____D () C:\WINDOWS\system32\CATRJunk
2014-04-04 15:38 - 2014-04-04 15:38 - 03182166 _____ () C:\WINDOWS\4_14image.bmp
2014-04-04 15:05 - 2014-04-04 15:05 - 00000000 _____ () C:\END
2014-04-03 07:25 - 2014-04-03 07:25 - 03396905 ____R () C:\2013Backup_2014-04-03_072538.mbf
2014-04-02 13:37 - 2014-04-07 03:41 - 00000328 _____ () C:\WINDOWS\Tasks\bench-sys.job
2014-04-02 13:33 - 2014-04-06 21:18 - 00000354 _____ () C:\WINDOWS\Tasks\At1.job
2014-04-02 13:33 - 2014-04-06 21:18 - 00000266 _____ () C:\WINDOWS\Tasks\pcreg.job
2014-04-02 13:32 - 2014-04-02 13:33 - 00000000 ____D () C:\Program Files\pcreg
2014-03-31 11:37 - 2014-04-06 14:57 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-31 11:37 - 2014-03-31 11:37 - 00000212 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-29 20:58 - 2013-09-09 19:47 - 00047960 ____R (Symantec Corporation) C:\WINDOWS\system32\Drivers\SymIM.sys
2014-03-28 20:52 - 2014-03-30 13:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-27 03:03 - 2014-03-27 03:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-27 03:00 - 2014-03-27 03:03 - 00006821 _____ () C:\WINDOWS\KB2934207.log
2014-03-26 15:40 - 2014-02-25 18:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-26 15:40 - 2014-02-25 18:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-03-21 22:40 - 2014-03-21 22:39 - 00110592 _____ () C:\WINDOWS\Minidump\Mini032114-01.dmp
2014-03-21 07:34 - 2014-04-06 10:38 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\PattenU
2014-03-16 14:33 - 2014-04-07 07:08 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\Mary Moose
2014-03-15 12:30 - 2014-03-15 12:30 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\SelfMV
2014-03-15 12:30 - 2014-03-15 12:30 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\samsung
2014-03-15 12:30 - 2014-03-15 12:30 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\NativeFus_Log
2014-03-15 12:30 - 2014-02-25 16:48 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\system32\secman.dll
2014-03-15 12:29 - 2014-04-02 13:46 - 00000000 ____D () C:\Program Files\Samsung
2014-03-15 12:27 - 2014-03-15 12:27 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\Downloaded Installations
2014-03-15 12:20 - 2008-04-13 19:12 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll
2014-03-15 12:20 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll
2014-03-15 12:12 - 2014-03-15 12:30 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Samsung
2014-03-15 12:12 - 2014-03-15 12:12 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\SmartSwitch
2014-03-14 03:06 - 2014-03-14 03:07 - 00132116 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-14 03:06 - 2014-03-14 03:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 03:06 - 2014-03-14 03:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 03:01 - 2014-03-14 03:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-03-13 06:50 - 2014-03-14 03:06 - 00130647 _____ () C:\WINDOWS\KB2929961.log
2014-03-13 06:49 - 2014-03-14 03:06 - 00134032 _____ () C:\WINDOWS\KB2930275.log
2014-03-11 12:10 - 2014-04-04 16:32 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\Mulvaney

==================== One Month Modified Files and Folders =======

2014-04-07 07:23 - 2014-04-07 07:23 - 00023513 _____ () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\FRST.txt
2014-04-07 07:23 - 2014-04-07 07:21 - 00000000 ____D () C:\FRST
2014-04-07 07:17 - 2014-04-07 07:17 - 04745728 _____ (AVAST Software) C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\aswmbr.exe
2014-04-07 07:15 - 2014-04-07 07:15 - 01145856 _____ (Farbar) C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\FRST.exe
2014-04-07 07:08 - 2014-03-16 14:33 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\Mary Moose
2014-04-07 07:02 - 2010-02-25 11:48 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 07:00 - 2013-05-09 04:49 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-07 06:32 - 2012-02-18 22:07 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\Adobe
2014-04-07 05:53 - 2005-08-30 21:55 - 00000280 _____ () C:\WINDOWS\wiadebug.log
2014-04-07 05:07 - 2014-01-29 08:55 - 00125533 _____ () C:\WINDOWS\setupapi.log
2014-04-07 03:41 - 2014-04-02 13:37 - 00000328 _____ () C:\WINDOWS\Tasks\bench-sys.job
2014-04-07 02:00 - 2012-11-16 17:47 - 00000338 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-HOMERJAY-Dad.job
2014-04-07 02:00 - 2010-11-18 19:32 - 00000364 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-HOMERJAY-HP_Administrator.job
2014-04-06 21:18 - 2014-04-02 13:33 - 00000354 _____ () C:\WINDOWS\Tasks\At1.job
2014-04-06 21:18 - 2014-04-02 13:33 - 00000266 _____ () C:\WINDOWS\Tasks\pcreg.job
2014-04-06 18:02 - 2010-02-25 11:48 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-06 18:02 - 2005-08-31 05:17 - 00031912 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-06 17:02 - 2014-04-06 17:02 - 03423972 ____R () C:\2013Backup_2014-04-06_170202.mbf
2014-04-06 17:02 - 2012-02-24 19:34 - 16097280 _____ () C:\2012Feb.mny
2014-04-06 15:49 - 2014-04-06 15:49 - 03408054 ____R () C:\2013Backup_2014-04-06_154912.mbf
2014-04-06 15:43 - 2005-08-31 05:17 - 01311583 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-06 14:59 - 2005-09-01 11:58 - 00000000 ____D () C:\WINDOWS\Registration
2014-04-06 14:59 - 2005-08-31 05:02 - 00000776 _____ () C:\WINDOWS\win.ini
2014-04-06 14:57 - 2014-03-31 11:37 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-04-06 14:57 - 2013-11-11 16:33 - 00000642 _____ () C:\WINDOWS\Tasks\Amazon Music Helper.job
2014-04-06 14:57 - 2012-02-14 18:45 - 00000178 ___SH () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\ntuser.ini
2014-04-06 14:57 - 2005-08-31 05:17 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-06 14:57 - 2005-08-30 21:55 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-04-06 14:54 - 2013-06-06 07:43 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\NPE
2014-04-06 14:54 - 2005-08-30 23:34 - 00000279 __RSH () C:\boot.ini
2014-04-06 10:38 - 2014-03-21 07:34 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\PattenU
2014-04-06 10:10 - 2013-11-20 12:34 - 00070656 _____ () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\Daily List.xls
2014-04-05 11:56 - 2014-01-14 16:27 - 00109145 _____ () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\2014BillPay.xlsx
2014-04-04 16:32 - 2014-03-11 12:10 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\Mulvaney
2014-04-04 15:51 - 2014-04-04 15:47 - 00000000 ____D () C:\WINDOWS\system32\CATRJunk
2014-04-04 15:38 - 2014-04-04 15:38 - 03182166 _____ () C:\WINDOWS\4_14image.bmp
2014-04-04 15:05 - 2014-04-04 15:05 - 00000000 _____ () C:\END
2014-04-03 23:38 - 2006-04-27 22:50 - 00000000 ____D () C:\Program Files\Las Vegas Casino
2014-04-03 23:36 - 2010-02-10 08:01 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-04-03 15:21 - 2012-03-08 19:53 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-04-03 07:25 - 2014-04-03 07:25 - 03396905 ____R () C:\2013Backup_2014-04-03_072538.mbf
2014-04-02 15:18 - 2005-09-01 11:54 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-04-02 14:11 - 2010-05-19 08:56 - 00000000 ____D () C:\Program Files\Lexmark 1200 Series
2014-04-02 14:11 - 2008-07-20 14:30 - 00000000 ____D () C:\Program Files\ABBYY FineReader 5.0 Sprint
2014-04-02 13:46 - 2014-03-15 12:29 - 00000000 ____D () C:\Program Files\Samsung
2014-04-02 13:33 - 2014-04-02 13:32 - 00000000 ____D () C:\Program Files\pcreg
2014-04-01 11:25 - 2013-07-22 10:05 - 00001011 _____ () C:\home.htm
2014-04-01 11:23 - 2013-07-22 10:05 - 00000000 ____D () C:\home_files
2014-03-31 22:42 - 2008-08-20 21:02 - 00002187 _____ () C:\Documents and Settings\All Users\Desktop\Safari.lnk
2014-03-31 11:37 - 2014-03-31 11:37 - 00000212 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-31 11:34 - 2013-05-08 05:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-30 13:54 - 2014-03-28 20:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 21:01 - 2014-01-29 09:18 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360
2014-03-29 20:57 - 2014-01-29 09:24 - 00001975 _____ () C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
2014-03-29 20:57 - 2014-01-29 09:18 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360
2014-03-27 03:03 - 2014-03-27 03:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-27 03:03 - 2014-03-27 03:00 - 00006821 _____ () C:\WINDOWS\KB2934207.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00912948 _____ () C:\WINDOWS\tsoc.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00654517 _____ () C:\WINDOWS\comsetup.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00398319 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00240333 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00232234 _____ () C:\WINDOWS\iis6.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00111793 _____ () C:\WINDOWS\ehOCGen.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00108384 _____ () C:\WINDOWS\ocmsn.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00099104 _____ () C:\WINDOWS\tabletoc.log
2014-03-27 03:03 - 2005-08-31 05:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-27 03:03 - 2005-08-31 04:59 - 01983696 _____ () C:\WINDOWS\FaxSetup.log
2014-03-27 03:03 - 2005-08-31 04:59 - 00972531 _____ () C:\WINDOWS\ocgen.log
2014-03-27 03:03 - 2005-08-31 04:59 - 00360008 _____ () C:\WINDOWS\netfxocm.log
2014-03-27 03:03 - 2005-08-31 04:59 - 00230231 _____ () C:\WINDOWS\plusoc.log
2014-03-27 03:03 - 2005-08-31 04:59 - 00099445 _____ () C:\WINDOWS\msgsocm.log
2014-03-27 03:03 - 2005-08-31 04:57 - 00617814 _____ () C:\WINDOWS\msmqinst.log
2014-03-26 18:30 - 2012-04-17 18:16 - 00001680 _____ () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
2014-03-21 22:40 - 2006-06-03 10:35 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-21 22:39 - 2014-03-21 22:40 - 00110592 _____ () C:\WINDOWS\Minidump\Mini032114-01.dmp
2014-03-18 15:29 - 2013-08-14 03:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 15:25 - 2012-02-21 09:00 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-15 12:30 - 2014-03-15 12:30 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\SelfMV
2014-03-15 12:30 - 2014-03-15 12:30 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\samsung
2014-03-15 12:30 - 2014-03-15 12:30 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\NativeFus_Log
2014-03-15 12:30 - 2014-03-15 12:12 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Samsung
2014-03-15 12:29 - 2005-12-08 10:09 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-15 12:27 - 2014-03-15 12:27 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\Downloaded Installations
2014-03-15 12:12 - 2014-03-15 12:12 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\SmartSwitch
2014-03-14 03:27 - 2005-08-31 05:05 - 03628824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 03:25 - 2010-02-13 10:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 03:07 - 2014-03-14 03:06 - 00132116 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-14 03:07 - 2005-12-08 09:55 - 00263358 _____ () C:\WINDOWS\updspapi.log
2014-03-14 03:07 - 2005-08-31 05:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-14 03:06 - 2014-03-14 03:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 03:06 - 2014-03-14 03:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 03:06 - 2014-03-13 06:50 - 00130647 _____ () C:\WINDOWS\KB2929961.log
2014-03-14 03:06 - 2014-03-13 06:49 - 00134032 _____ () C:\WINDOWS\KB2930275.log
2014-03-14 03:03 - 2008-07-20 13:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-03-14 03:01 - 2014-03-14 03:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-03-13 00:43 - 2012-02-14 18:45 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75
2014-03-12 12:00 - 2012-06-29 18:53 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-12 12:00 - 2012-06-29 18:53 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-12 08:26 - 2011-01-11 11:35 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\SarasDoodles
2014-03-11 09:10 - 2014-03-04 08:10 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\Sallie Mae
2014-03-10 12:26 - 2012-03-28 18:11 - 00000000 ____D () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\Taxes
2014-03-09 22:24 - 2005-08-31 05:07 - 00688336 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-08 07:09 - 2013-01-30 17:01 - 00027136 _____ () C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\Birthdays2013.xls

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some content of TEMP:
====================
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\file_159755.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\file_to_run551064.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\file_to_run551629.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\file_to_run55288.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\nsa3B.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\nsd2A.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\nsi2F.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\nsw27.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\nsx1A.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\nsz32.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\SettingsManagerSetup.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\speedmax.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\SPSetup.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================