OTL logfile created on: 6/24/2014 8:43:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Moms Desktop\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.48 Gb Total Physical Memory | 5.98 Gb Available Physical Memory | 80.01% Memory free
14.96 Gb Paging File | 13.15 Gb Available in Paging File | 87.92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.60 Gb Total Space | 569.29 Gb Free Space | 62.24% Space Free | Partition Type: NTFS
Drive D: | 16.82 Gb Total Space | 2.10 Gb Free Space | 12.49% Space Free | Partition Type: NTFS
Drive G: | 7.52 Gb Total Space | 6.56 Gb Free Space | 87.33% Space Free | Partition Type: FAT32
 
Computer Name: MOMSDESKTOP-HP | User Name: Moms Desktop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014/06/24 20:41:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moms Desktop\Desktop\OTL.exe
PRC - [2014/06/24 20:39:32 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2014/05/23 18:20:17 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe
PRC - [2014/05/12 08:18:00 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 08:17:54 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/04/28 16:32:48 | 000,041,024 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2014/04/28 16:32:46 | 002,546,752 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
PRC - [2014/04/18 08:47:52 | 000,249,024 | ---- | M] () -- C:\Program Files\pcreg\pcreg.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/16 17:03:24 | 000,020,480 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2011/08/16 17:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2011/08/12 12:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014/02/26 16:11:14 | 002,868,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\9b7a5ab89ab75ec85de0cedebfde4c5f\ReachFramework.ni.dll
MOD - [2014/02/25 22:08:43 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/02/25 22:08:37 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/02/25 22:08:34 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/02/25 22:08:27 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/02/25 22:08:26 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/25 22:08:23 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014/02/25 22:08:22 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/02/25 22:08:22 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/02/25 22:08:19 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/02/25 22:08:17 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/02/25 22:08:16 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/02/25 22:08:10 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\SupraSavings\SecureAssist.exe -- (SecureAssist)
SRV:[b]64bit:[/b] - [2014/06/14 12:47:38 | 000,706,560 | ---- | M] () [Auto | Stopped] -- C:\Program Files\003\nuttkoqiez64.exe -- (nuttkoqiez64)
SRV:[b]64bit:[/b] - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/04/18 08:47:52 | 000,249,024 | ---- | M] () [Auto | Running] -- C:\Program Files\pcreg\pcreg.exe -- (pcregservice)
SRV:[b]64bit:[/b] - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2011/09/26 05:46:50 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010/10/11 05:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:[b]64bit:[/b] - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/05/23 18:20:17 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\N360.exe -- (N360)
SRV - [2014/05/17 09:03:34 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/14 18:24:21 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/12 08:18:02 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 08:18:00 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/28 16:32:48 | 000,041,024 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/08/16 17:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/08/12 12:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2014/06/24 20:03:03 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2014/06/12 13:15:52 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:[b]64bit:[/b] - [2014/06/12 13:15:52 | 000,075,016 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:[b]64bit:[/b] - [2014/05/15 06:45:52 | 000,049,752 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AntiLog64.sys -- (AntiLog32)
DRV:[b]64bit:[/b] - [2014/05/12 08:19:28 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2014/05/12 08:19:16 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2014/03/04 00:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2014/02/17 21:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2014/02/12 21:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2013/12/31 10:43:26 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2013/12/31 10:43:25 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2013/11/27 17:53:23 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2013/09/26 22:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2013/09/25 22:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\ccsetx64.sys -- (ccSet_N360)
DRV:[b]64bit:[/b] - [2013/09/09 22:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2013/09/09 21:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2013/07/24 11:25:24 | 000,025,056 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KeyCrypt64.sys -- (keycrypt)
DRV:[b]64bit:[/b] - [2013/05/13 16:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2013/05/13 16:36:06 | 000,029,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:[b]64bit:[/b] - [2013/05/06 09:32:28 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2012/11/28 09:32:50 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:[b]64bit:[/b] - [2012/05/04 17:15:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2012/05/04 17:15:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/09/26 05:47:17 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011/09/26 05:47:14 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011/09/14 06:35:45 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/08/03 23:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2011/08/03 10:37:50 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:[b]64bit:[/b] - [2011/08/03 10:37:48 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:[b]64bit:[/b] - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/06/10 22:24:52 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/06/10 22:24:52 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/05/09 21:07:23 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/03/26 18:04:59 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140618.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{163D5E30-922E-403B-9026-3694580A5B1E}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{163D5E30-922E-403B-9026-3694580A5B1E}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^9N^xdm094^S05582^us&si=COa1gYDZjrcCFQua4Aod8DwAJg&ptb=DF458B65-A055-4091-BAC7-8E015053E2FE&ind=2013051114&n=77fcb8ea&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=63&bd=PAVILION&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {cc8ae5b8-005b-4b1a-a27d-307eddffe5c8} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx?gd=&ctid=CT3325291&octid=EB_ORIGINAL_CTID&ISID=M2C42E971-33C5-4DA7-9B68-D82C31CB4163&SearchSource=58&CUI=&UM=2&UP=SP5D8EC91A-A8B3-41B0-BD69-DC2C39190B68&q={searchTerms}&SSPV=Control21220_sp_ie
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{06DD694F-FA98-491A-A67E-2E163D788560}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=freeze&type=IE7DefaultSearch
IE - HKCU\..\SearchScopes\{163D5E30-922E-403B-9026-3694580A5B1E}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKCU\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^9N^xdm094^S05582^us&si=COa1gYDZjrcCFQua4Aod8DwAJg&ptb=DF458B65-A055-4091-BAC7-8E015053E2FE&ind=2013051114&n=77fcb8ea&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd_14_17_ff&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0DtAzyzz0B0BtD0A0EyDtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1Czu0C0I0S0V0E0R1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDtB0AyB0E0DzytBtGyBzz0CyCtGyCzyyByDtG0AyByC0BtGtBtAzzyEzzzyyCzytA0FyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyCtD0D0AzyyE0FtGyBtDtB0BtG0EzytBtDtG0DzyyByCtGtD0DtB0AyBtC0DyC0C0EyByE2Q&cr=1664580624&ir=
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7HPIA
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://search.xfinity.com/?cat=web&con=toolbar&cid=xfstart_tech_search&q={searchTerms}
IE - HKCU\..\SearchScopes\{8F97F7AC-E9DA-415A-8588-80E2035F5574}: "URL" = http://www.bing.com/search?FORM=UP35DF&PC=UP35&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKCU\..\SearchScopes\{BEFEBB59-F171-4064-806E-1346A6AB6080}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7HPIA
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80116&lng=en
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RecipeHub_2j.com/Plugin: C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2jffxtbr@RecipeHub_2j.com: C:\Program Files (x86)\RecipeHub_2j\bar\1.bin [2014/06/24 19:30:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/06/24 20:02:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014/06/24 19:30:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/05/25 10:27:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moms Desktop\AppData\Roaming\mozilla\Extensions
[2014/06/18 09:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/18 09:09:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014/05/11 21:54:28 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coieplg.dll (Symantec Corporation)
O2:[b]64bit:[/b] - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:[b]64bit:[/b] - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Toolbar BHO) - {06e3475c-5521-4de8-bb12-50720f21631c} - C:\PROGRA~2\RECIPE~2\bar\1.bin\2jbar.dll File not found
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Assistant BHO) - {b7acdf9c-c4f9-4d5d-998e-b147866b4d4c} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrcAs.dll ()
O2 - BHO: (Constant Guard Protection Suite) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.425.1\NativeBHO.dll (WhiteSky)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll File not found
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Recipe Hub) - {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll (MindSpark)
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Recipe Hub) - {CF51DE5B-EB36-4114-BB69-84DF63FBADB4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll (MindSpark)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriver.com/DRHM/store?Action=DisplayProductSearchResultsPage&SiteID=hpappli&Locale=en_US&keywords=%w
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\SecureAssist64.dll (SecureAssist)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\SecureAssist64.dll (SecureAssist)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\SecureAssist64.dll (SecureAssist)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\SecureAssist64.dll (SecureAssist)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\SecureAssist64.dll (SecureAssist)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\SecureAssist.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\SecureAssist.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\SecureAssist.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\SecureAssist.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\SecureAssist.dll ()
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D54E8F2-5017-4942-92BE-BA1E501F3CE0}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D54E8F2-5017-4942-92BE-BA1E501F3CE0}: NameServer = 75.75.75.75,75.75.76.76
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:[b]64bit:[/b] - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (c:\progra~2\keycry~1\keycry~3.dll) - c:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll (Zemana Ltd.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/10 13:10:52 | 000,000,215 | R--- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014/06/24 20:42:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Moms Desktop\Desktop\OTL.exe
[2014/06/24 20:39:05 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\AppData\Roaming\Opera
[2014/06/24 20:39:05 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\AppData\Local\Opera
[2014/06/24 20:39:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/06/24 20:33:34 | 010,307,952 | ---- | C] (Opera Software ASA) -- C:\Users\Moms Desktop\Opera_1151_int_Setup.exe
[2014/06/24 20:11:35 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\Desktop\Old Firefox Data
[2014/06/24 19:50:12 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/24 19:50:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/24 19:50:04 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/06/24 19:50:04 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/06/24 19:50:04 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/06/24 19:25:10 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\AppData\Local\ElevatedDiagnostics
[2014/06/24 12:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/24 12:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/23 08:07:35 | 000,000,000 | ---D | C] -- C:\NPE
[2014/06/22 11:00:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CraftEdge
[2014/06/22 11:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CraftEdge
[2014/06/22 11:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Craft Edge
[2014/06/14 12:49:48 | 000,338,120 | ---- | C] (SecureAssist) -- C:\Windows\SysNative\SecureAssist64.dll
[2014/06/14 12:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupraSavings
[2014/06/14 12:44:01 | 000,000,000 | ---D | C] -- C:\Program Files\003
[2014/06/14 12:31:43 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\AppData\Local\Make The Cut! Premium
[2014/06/14 12:31:39 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\AppData\Local\Make The Cut! Library
[2014/06/12 13:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/06/12 13:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\Provocraft
[2014/06/12 13:16:15 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\AppData\Roaming\com.cricut.Cricut-CraftRoom
[2014/06/12 13:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cricut-Craft Room
[2014/06/12 13:15:52 | 000,256,392 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftd2xx.dll
[2014/06/12 13:15:52 | 000,218,504 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysWow64\ftd2xx.dll
[2014/06/12 13:15:52 | 000,214,920 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\FTLang.dll
[2014/06/12 13:15:52 | 000,108,936 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftbusui.dll
[2014/06/12 13:15:52 | 000,085,384 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftser2k.sys
[2014/06/12 13:15:52 | 000,075,016 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftdibus.sys
[2014/06/12 13:15:52 | 000,065,416 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftcserco.dll
[2014/06/12 13:15:52 | 000,055,176 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftserui2.dll
[2014/06/11 14:25:41 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\Documents\Troop 177
[2014/06/08 13:05:21 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\Documents\Cricut
[2014/06/01 14:06:35 | 000,000,000 | ---D | C] -- C:\Users\Moms Desktop\Documents\Optimizer Pro
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014/06/24 20:41:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moms Desktop\Desktop\OTL.exe
[2014/06/24 20:39:04 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014/06/24 20:33:49 | 010,307,952 | ---- | M] (Opera Software ASA) -- C:\Users\Moms Desktop\Opera_1151_int_Setup.exe
[2014/06/24 20:24:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/24 20:22:54 | 000,786,622 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/24 20:22:54 | 000,665,326 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/24 20:22:54 | 000,123,134 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/24 20:10:22 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/24 20:10:22 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/24 20:06:53 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/24 20:03:03 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/24 20:02:43 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/24 20:02:25 | 000,003,132 | ---- | M] () -- C:\Windows\tasks\1ecc71f2-97a5-4467-a6ba-a33d21ec2cf4-3.job
[2014/06/24 20:02:25 | 000,002,140 | ---- | M] () -- C:\Windows\tasks\1ecc71f2-97a5-4467-a6ba-a33d21ec2cf4-4.job
[2014/06/24 20:02:25 | 000,001,502 | ---- | M] () -- C:\Windows\tasks\1ecc71f2-97a5-4467-a6ba-a33d21ec2cf4-5.job
[2014/06/24 20:02:25 | 000,001,404 | ---- | M] () -- C:\Windows\tasks\1ecc71f2-97a5-4467-a6ba-a33d21ec2cf4-1.job
[2014/06/24 20:02:25 | 000,001,380 | ---- | M] () -- C:\Windows\tasks\1ecc71f2-97a5-4467-a6ba-a33d21ec2cf4-2.job
[2014/06/24 20:02:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/24 20:02:11 | 1727,471,615 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/24 19:50:08 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/24 19:33:44 | 000,000,000 | ---- | M] () -- C:\Users\Moms Desktop\AppData\Local\{DB9658D7-4A72-4BD7-92D6-AE14C5C8BADF}
[2014/06/17 04:30:53 | 000,039,538 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\VT20140617.006
[2014/06/16 12:08:41 | 000,066,053 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\dragonfly cover.jpg
[2014/06/14 12:54:35 | 000,000,000 | ---- | M] () -- C:\END
[2014/06/14 12:49:17 | 000,002,536 | ---- | M] () -- C:\Windows\SysWow64\SecureAssistOff.ini
[2014/06/14 12:49:17 | 000,002,536 | ---- | M] () -- C:\Windows\SysNative\SecureAssistOff.ini
[2014/06/12 13:20:57 | 002,074,570 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\Cat.DB
[2014/06/12 13:16:12 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\Cricut-Craft Room.lnk
[2014/06/12 13:15:52 | 000,256,392 | ---- | M] (FTDI Ltd.) -- C:\Windows\SysNative\ftd2xx.dll
[2014/06/12 13:15:52 | 000,218,504 | ---- | M] (FTDI Ltd.) -- C:\Windows\SysWow64\ftd2xx.dll
[2014/06/12 13:15:52 | 000,214,920 | ---- | M] (FTDI Ltd.) -- C:\Windows\SysNative\FTLang.dll
[2014/06/12 13:15:52 | 000,108,936 | ---- | M] (FTDI Ltd.) -- C:\Windows\SysNative\ftbusui.dll
[2014/06/12 13:15:52 | 000,085,384 | ---- | M] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftser2k.sys
[2014/06/12 13:15:52 | 000,075,016 | ---- | M] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftdibus.sys
[2014/06/12 13:15:52 | 000,065,416 | ---- | M] (FTDI Ltd.) -- C:\Windows\SysNative\ftcserco.dll
[2014/06/12 13:15:52 | 000,055,176 | ---- | M] (FTDI Ltd.) -- C:\Windows\SysNative\ftserui2.dll
[2014/06/05 15:00:27 | 000,002,442 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2014/06/03 10:54:23 | 000,017,393 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\purple dragonfly.jpg
[2014/06/02 11:43:34 | 000,565,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/01 09:15:40 | 000,045,091 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\no regrets.jpg
[2014/06/01 09:15:22 | 000,098,879 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\I am blessed.jpg
[2014/06/01 09:14:52 | 000,127,118 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\spend time.jpg
[2014/06/01 09:14:42 | 000,024,386 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\phone down.jpg
[2014/06/01 09:14:13 | 000,034,986 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\love me.jpg
[2014/06/01 09:14:02 | 000,120,613 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\thinking.jpg
[2014/06/01 09:13:25 | 000,030,859 | ---- | M] () -- C:\Users\Moms Desktop\Desktop\take care.jpg
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014/06/24 20:39:33 | 000,001,843 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 11.51 1087.lnk
[2014/06/24 20:39:04 | 000,001,843 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014/06/24 20:39:04 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014/06/24 19:50:08 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/24 19:33:44 | 000,000,000 | ---- | C] () -- C:\Users\Moms Desktop\AppData\Local\{DB9658D7-4A72-4BD7-92D6-AE14C5C8BADF}
[2014/06/16 12:08:56 | 000,066,053 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\dragonfly cover.jpg
[2014/06/14 12:54:29 | 000,000,000 | ---- | C] () -- C:\END
[2014/06/14 12:49:32 | 000,295,080 | ---- | C] () -- C:\Windows\SysWow64\SecureAssist.dll
[2014/06/12 13:16:12 | 000,000,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cricut-Craft Room.lnk
[2014/06/12 13:16:12 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\Cricut-Craft Room.lnk
[2014/06/03 10:54:34 | 000,017,393 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\purple dragonfly.jpg
[2014/06/01 09:15:45 | 000,045,091 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\no regrets.jpg
[2014/06/01 09:15:27 | 000,098,879 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\I am blessed.jpg
[2014/06/01 09:14:55 | 000,127,118 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\spend time.jpg
[2014/06/01 09:14:46 | 000,024,386 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\phone down.jpg
[2014/06/01 09:14:16 | 000,034,986 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\love me.jpg
[2014/06/01 09:14:06 | 000,120,613 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\thinking.jpg
[2014/06/01 09:13:37 | 000,030,859 | ---- | C] () -- C:\Users\Moms Desktop\Desktop\take care.jpg
[2014/04/23 15:50:27 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/03/21 12:27:16 | 000,005,696 | ---- | C] () -- C:\Windows\SysWow64\SecureAssist.ini
[2014/03/21 12:27:16 | 000,002,536 | ---- | C] () -- C:\Windows\SysWow64\SecureAssistOff.ini
[2013/03/17 16:03:13 | 000,000,004 | ---- | C] () -- C:\Users\Moms Desktop\AppData\Local\pcdit.dat
[2013/02/03 15:41:47 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/08/14 20:42:14 | 000,056,912 | ---- | C] () -- C:\Users\Moms Desktop\g2mdlhlpx.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/03/17 16:03:46 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\Alibre Design
[2013/03/17 16:03:18 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\Alibre, Inc
[2014/06/24 19:30:27 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\BabSolution
[2013/08/28 20:11:37 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\Babylon
[2014/06/12 13:46:19 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\com.cricut.Cricut-CraftRoom
[2013/05/18 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\DriverCure
[2014/06/24 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\ID Vault
[2014/06/24 20:39:05 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\Opera
[2013/05/18 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\ParetoLogic
[2013/01/01 19:25:00 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\SoftGrid Client
[2012/12/28 11:57:21 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\TP
[2012/12/28 11:54:27 | 000,000,000 | ---D | M] -- C:\Users\Moms Desktop\AppData\Roaming\WinBatch
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >