I keep getting an error message that the DNS is changing, I am running Constant Guard which blocks the change, but it is still concerning. Also, IE9 keeps freezing and I sometimes have a difficult time connecting to Spadester, an online spades game. The connection is very unstable to Spadester.
OTL logfile created on: 2/7/2013 9:32:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Purcell\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.86 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 56.38% Memory free
7.73 Gb Paging File | 5.44 Gb Available in Paging File | 70.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 53.73 Gb Free Space | 53.73% Space Free | Partition Type: NTFS
Drive D: | 350.66 Gb Total Space | 266.78 Gb Free Space | 76.08% Space Free | Partition Type: NTFS
Computer Name: PURCELL-PC | User Name: Purcell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/02/07 21:31:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Purcell\Downloads\OTL.exe
PRC - [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/01/18 02:27:22 | 007,370,552 | ---- | M] (Zemana Ltd.) -- C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
PRC - [2013/01/14 08:16:10 | 000,066,600 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2013/01/14 08:16:07 | 003,982,376 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/01 19:56:20 | 000,255,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Purcell\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2012/10/10 20:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe
PRC - [2011/03/14 10:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2010/02/04 00:28:02 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmsdmon.exe
PRC - [2010/02/04 00:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
PRC - [2010/01/18 20:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/12/14 01:17:48 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2009/11/03 22:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/13 04:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/08/19 11:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/06/17 11:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/03/05 03:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\SysWOW64\Rezip.exe
PRC - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
========== Modules (No Company Name) ==========
MOD - [2013/02/06 18:16:26 | 012,459,888 | ---- | M] () -- C:\Users\Purcell\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
MOD - [2013/01/25 20:35:06 | 000,460,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll
MOD - [2013/01/25 20:35:04 | 004,012,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013/01/25 20:34:19 | 000,597,968 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013/01/25 20:34:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013/01/25 20:34:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2013/01/14 08:16:09 | 000,014,888 | ---- | M] () -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.XmlSerializers.dll
MOD - [2013/01/14 08:16:08 | 000,104,488 | ---- | M] () -- C:\Program Files (x86)\Constant Guard Protection Suite\IdVaultCore.XmlSerializers.dll
MOD - [2013/01/14 08:15:09 | 000,548,488 | ---- | M] () -- C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.dll
MOD - [2013/01/09 21:09:28 | 000,240,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4f91a66a3f10565b979b758f6f08e8cc\WindowsFormsIntegration.ni.dll
MOD - [2013/01/09 21:01:24 | 001,358,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\07ea9ea39e1fddc8e4fe8850c849309e\System.WorkflowServices.ni.dll
MOD - [2013/01/09 20:10:45 | 001,707,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
MOD - [2013/01/09 18:03:51 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/09 16:10:17 | 017,478,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll
MOD - [2013/01/09 16:10:03 | 002,347,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013/01/09 16:10:01 | 001,084,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013/01/09 16:10:00 | 000,256,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013/01/09 16:09:49 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/09 16:09:48 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\68f617caf670fefc0be769a294dc4ffd\System.ServiceProcess.ni.dll
MOD - [2013/01/09 16:09:42 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\aa0c82eddc6cc12961a92835f777dcc0\System.Web.Services.ni.dll
MOD - [2013/01/09 16:09:40 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll
MOD - [2013/01/09 16:09:31 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/01/09 16:09:21 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/09 16:09:08 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/09 16:09:02 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/09 16:09:00 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/09 16:09:00 | 000,060,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll
MOD - [2013/01/09 16:08:50 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/09 16:08:48 | 000,684,032 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\3abd733e8fa28fafbfc99458fdf691da\System.Security.ni.dll
MOD - [2013/01/09 16:08:45 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/09 16:08:42 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/09 16:08:41 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/09 16:08:35 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/11/14 03:16:55 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/10/05 04:53:24 | 005,025,792 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/10/05 04:53:24 | 003,198,976 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/10/05 04:53:24 | 000,630,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/05/30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\wincfi39.dll
MOD - [2010/11/04 19:58:14 | 002,048,000 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/04 19:58:05 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/04 19:58:04 | 000,425,984 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010/02/04 00:28:02 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmsdmon.exe
MOD - [2010/02/04 00:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
MOD - [2010/02/03 23:41:38 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcaps.dll
MOD - [2010/02/03 23:41:23 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxscw.dll
MOD - [2010/02/03 23:41:20 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdrs.dll
MOD - [2010/02/03 23:28:15 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcnv4.dll
MOD - [2010/02/02 21:49:34 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2010/02/02 02:30:16 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.monitor.core.dll
MOD - [2010/02/02 02:30:16 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.monitor.common.dll
MOD - [2010/02/02 02:29:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.devmons.mcmdevmon.dll
MOD - [2009/10/16 12:00:47 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdatr.dll
MOD - [2009/10/16 12:00:40 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcats.dll
MOD - [2009/08/19 11:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MOD - [2009/06/10 15:22:40 | 000,010,752 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2007/11/22 02:55:48 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2007/03/01 22:54:32 | 000,657,920 | ---- | M] () -- C:\Program Files (x86)\File Shredder\fsshell.dll
MOD - [2006/08/11 21:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009/10/16 12:10:44 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdxcoms.exe -- (lxdx_device)
SRV:64bit: - [2009/10/16 12:00:52 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV:64bit: - [2009/10/02 03:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/07 19:58:04 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/14 08:16:10 | 000,066,600 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/10/10 20:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe -- (N360)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/16 12:10:34 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdxcoms.exe -- (lxdx_device)
SRV - [2009/10/16 12:00:52 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV - [2009/06/17 11:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/05 03:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)
SRV - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/30 13:42:56 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/01/18 02:27:22 | 000,025,784 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KeyCrypt64.sys -- (keycrypt)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/10/13 13:52:48 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2012/10/08 19:00:02 | 000,776,864 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/10/03 19:40:36 | 001,133,216 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/10/03 19:40:20 | 000,493,216 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symds64.sys -- (SymDS)
DRV:64bit: - [2012/10/03 19:19:14 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/27 21:05:22 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/07/22 19:34:24 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/05/24 23:36:56 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/13 03:32:22 | 002,797,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/11/25 15:32:58 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/20 00:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/10/09 21:16:28 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/10/02 10:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/09/28 03:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/08/28 21:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/08/28 21:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/08/05 08:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/01 14:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/06/27 08:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/06/10 14:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 14:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/28 00:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2009/04/07 17:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2013/01/30 18:33:44 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130207.004\ex64.sys -- (NAVEX15)
DRV - [2013/01/30 18:33:44 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130207.004\eng64.sys -- (NAVENG)
DRV - [2013/01/30 16:33:56 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130206.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/01/16 03:22:36 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130116.013\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/01/13 22:41:24 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/01/13 22:41:24 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/11/19 21:49:12 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/03 12:12:40] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=EIE9HP&PC=UP50
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...=EIE9HP&PC=UP50
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{49472064-B0CF-432C-AE6E-B1E73E0E556D}: "URL" = http://search.yahoo....19630,0,18,6477
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{6FE03C9C-C92F-4BAC-BB78-71333AB4C3F3}: "URL" = http://websearch.ask...37-4C2E79CCA0A0
IE - HKCU\..\SearchScopes\{DB371D13-67A1-488A-BD23-DAD593881D30}: "URL" = http://www.google.co...SN_enUS505US506
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/02/07 21:23:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/01/30 18:12:16 | 000,000,000 | ---D | M]
[2012/11/26 14:26:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Purcell\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
CHR - homepage: http://www.ask.com/?...N10248cr&gct=hp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.ask.com/?...N10248cr&gct=hp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Purcell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
CHR - Extension: YouTube = C:\Users\Purcell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Purcell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Norton Identity Protection = C:\Users\Purcell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\
CHR - Extension: Norton Identity Protection = C:\Users\Purcell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\
CHR - Extension: Gmail = C:\Users\Purcell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Constant Guard Protection Suite) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.111.1\NativeBHO.dll (WhiteSky)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [lxdxamon] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe ()
O4:64bit: - HKLM..\Run: [lxdxmon.exe] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Driver Genius] File not found
O4 - HKLM..\Run: [ZALFree] C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe (Zemana Ltd.)
O4 - HKCU..\Run: [{E6A5652A-D13D-5CE7-6175-172B01C82980}] C:\Users\Purcell\AppData\Roaming\Wafiof\ortio.exe (National Energy Corporation)
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKCU..\Run: [SkyDrive] C:\Users\Purcell\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59F87F1D-841B-4521-BDE6-5AEE15864DC9}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8595CC34-384C-48A5-A944-5B7183E4EB3F}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE50FD~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll (Zemana Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b364b909-36bf-11e2-a9eb-00245481740d}\Shell - "" = AutoRun
O33 - MountPoints2\{b364b909-36bf-11e2-a9eb-00245481740d}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe
O33 - MountPoints2\{b364b963-36bf-11e2-a9eb-00245481740d}\Shell - "" = AutoRun
O33 - MountPoints2\{b364b963-36bf-11e2-a9eb-00245481740d}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/02/06 12:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2013/02/06 12:40:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition
[2013/02/06 12:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2013/02/05 08:59:40 | 000,000,000 | ---D | C] -- C:\Users\Purcell\AppData\Roaming\Wafiof
[2013/02/05 08:59:40 | 000,000,000 | ---D | C] -- C:\Users\Purcell\AppData\Roaming\Usum
[2013/02/01 12:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
[2013/01/28 18:02:45 | 000,000,000 | ---D | C] -- C:\Users\Purcell\Documents\OneNote Notebooks
[2013/01/28 17:58:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013/01/28 17:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/01/28 17:54:00 | 000,000,000 | ---D | C] -- C:\Users\Purcell\AppData\Local\Microsoft Help
[2013/01/23 11:27:25 | 000,000,000 | ---D | C] -- C:\Users\Purcell\Documents\AA Resume
[2013/01/23 09:39:02 | 000,000,000 | ---D | C] -- C:\Users\Purcell\Doctor Web
[2013/01/23 09:09:30 | 000,000,000 | ---D | C] -- C:\Users\Purcell\AppData\Roaming\Malwarebytes
[2013/01/23 09:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/23 09:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/23 09:09:15 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/01/23 09:09:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/01/23 08:49:15 | 000,000,000 | -HSD | C] -- C:\Users\Purcell\Documents\f6e48dde6a25485a8713f168d27b2775
[2013/01/23 08:49:15 | 000,000,000 | -HSD | C] -- C:\Users\Purcell\Documents\f20045d91cde448ba3229ef4aee2cd22
[2013/01/20 12:33:55 | 000,000,000 | ---D | C] -- C:\Users\Purcell\AppData\Local\Zemana
[2013/01/20 09:39:54 | 000,000,000 | ---D | C] -- C:\Users\Purcell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spadester
[2013/01/19 23:44:21 | 000,025,784 | ---- | C] (Zemana Ltd.) -- C:\windows\SysNative\drivers\KeyCrypt64.sys
[2013/01/19 23:44:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
[2013/01/19 23:44:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiLogger Free
[2013/01/19 23:44:20 | 000,000,000 | ---D | C] -- C:\Users\Purcell\AppData\Local\AntiLogger Free
[2013/01/19 23:41:17 | 000,000,000 | ---D | C] -- C:\Users\Purcell\AppData\Local\Programs
[2013/01/18 11:20:57 | 000,000,000 | R-SD | C] -- C:\Users\Purcell\Documents\My Stationery
[2013/01/17 22:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyCryptSDK
[2013/01/14 08:17:20 | 000,025,472 | ---- | C] (IObit) -- C:\windows\SysNative\RegistryDefragBootTime.exe
[3 C:\Users\Purcell\Documents\*.tmp files -> C:\Users\Purcell\Documents\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/07 21:35:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/02/07 21:28:22 | 000,014,144 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/07 21:28:22 | 000,014,144 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/07 21:21:28 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/07 21:21:27 | 000,000,498 | ---- | M] () -- C:\windows\tasks\ParetoLogic Update Version3 Startup Task.job
[2013/02/07 21:20:59 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/07 21:20:54 | 3111,555,072 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/07 20:21:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/07 19:55:07 | 000,000,472 | ---- | M] () -- C:\windows\tasks\ParetoLogic Registration3.job
[2013/02/07 11:53:50 | 000,000,548 | ---- | M] () -- C:\Users\Purcell\AppData\Roaming\wklnhst.dat
[2013/02/06 12:46:42 | 001,841,747 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\Cat.DB
[2013/02/06 12:40:54 | 000,001,211 | ---- | M] () -- C:\Users\Purcell\Desktop\Driver Genius Professional Edition.lnk
[2013/02/06 07:48:54 | 000,000,404 | ---- | M] () -- C:\windows\tasks\PC Health Advisor Defrag.job
[2013/02/05 07:27:36 | 000,000,446 | ---- | M] () -- C:\windows\tasks\ParetoLogic Update Version3.job
[2013/02/02 10:58:14 | 000,180,609 | ---- | M] () -- C:\Users\Purcell\Desktop\GuideToUIBenefits.pdf
[2013/02/01 07:49:56 | 000,000,386 | ---- | M] () -- C:\windows\tasks\PC Health Advisor.job
[2013/01/30 13:42:56 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/01/30 13:42:56 | 000,007,466 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/01/30 13:42:56 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/01/28 21:32:24 | 000,429,632 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/01/28 18:14:12 | 000,001,816 | ---- | M] () -- C:\Users\Purcell\Desktop\Microsoft Office - Shortcut.lnk
[2013/01/23 09:41:15 | 000,000,814 | ---- | M] () -- C:\Users\Purcell\Desktop\cureit-201301231553 - Shortcut.lnk
[2013/01/23 09:09:16 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/20 09:39:58 | 000,000,953 | ---- | M] () -- C:\Users\Purcell\Desktop\Spadester.lnk
[2013/01/20 09:39:58 | 000,000,933 | ---- | M] () -- C:\Users\Purcell\Application Data\Microsoft\Internet Explorer\Quick Launch\Spadester.lnk
[2013/01/19 23:44:21 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\AntiLogger Free.lnk
[2013/01/18 13:58:31 | 000,778,834 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/01/18 13:58:31 | 000,660,318 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/01/18 13:58:31 | 000,121,214 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/01/18 02:27:22 | 000,025,784 | ---- | M] (Zemana Ltd.) -- C:\windows\SysNative\drivers\KeyCrypt64.sys
[2013/01/17 22:49:59 | 000,002,207 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2013/01/17 22:49:59 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[2013/01/15 19:01:23 | 000,016,896 | ---- | M] () -- C:\Users\Purcell\Documents\Hearts, Heads and Hands.wps
[2013/01/15 14:49:12 | 000,026,985 | ---- | M] () -- C:\Users\Purcell\Documents\Five Dysfunctions of a Team.pdf
[2013/01/14 08:37:05 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/01/14 08:04:47 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/01/13 13:18:51 | 000,002,283 | ---- | M] () -- C:\Users\Purcell\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/11 18:06:57 | 000,024,576 | ---- | M] () -- C:\Users\Purcell\Documents\HR Meeting.wps
[2013/01/09 15:42:23 | 000,773,050 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[3 C:\Users\Purcell\Documents\*.tmp files -> C:\Users\Purcell\Documents\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/06 12:40:54 | 000,001,211 | ---- | C] () -- C:\Users\Purcell\Desktop\Driver Genius Professional Edition.lnk
[2013/02/02 10:58:14 | 000,180,609 | ---- | C] () -- C:\Users\Purcell\Desktop\GuideToUIBenefits.pdf
[2013/01/28 18:14:12 | 000,001,816 | ---- | C] () -- C:\Users\Purcell\Desktop\Microsoft Office - Shortcut.lnk
[2013/01/23 09:41:15 | 000,000,814 | ---- | C] () -- C:\Users\Purcell\Desktop\cureit-201301231553 - Shortcut.lnk
[2013/01/23 09:09:16 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/20 09:39:58 | 000,000,953 | ---- | C] () -- C:\Users\Purcell\Desktop\Spadester.lnk
[2013/01/19 23:44:21 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\AntiLogger Free.lnk
[2013/01/15 14:49:12 | 000,026,985 | ---- | C] () -- C:\Users\Purcell\Documents\Five Dysfunctions of a Team.pdf
[2013/01/14 08:37:05 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/01/14 08:04:47 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/01/11 18:06:57 | 000,024,576 | ---- | C] () -- C:\Users\Purcell\Documents\HR Meeting.wps
[2012/11/28 06:01:50 | 000,773,050 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/10/15 11:30:54 | 000,782,336 | ---- | C] () -- C:\windows\SysWow64\lxdxdrs.dll
[2012/10/15 11:30:54 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\lxdxcaps.dll
[2012/10/15 11:30:54 | 000,069,632 | ---- | C] () -- C:\windows\SysWow64\lxdxcnv4.dll
[2012/10/15 11:30:42 | 001,105,920 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxserv.dll
[2012/10/15 11:30:42 | 000,851,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxcomc.dll
[2012/10/15 11:30:42 | 000,843,776 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxusb1.dll
[2012/10/15 11:30:42 | 000,663,552 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxhbn3.dll
[2012/10/15 11:30:42 | 000,647,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxpmui.dll
[2012/10/15 11:30:42 | 000,589,824 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxcoms.exe
[2012/10/15 11:30:42 | 000,569,344 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxlmpm.dll
[2012/10/15 11:30:42 | 000,376,832 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxcomm.dll
[2012/10/15 11:30:42 | 000,364,544 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxinpa.dll
[2012/10/15 11:30:42 | 000,360,448 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxcfg.exe
[2012/10/15 11:30:42 | 000,348,160 | ---- | C] () -- C:\windows\SysWow64\LXDXinst.dll
[2012/10/15 11:30:42 | 000,339,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxiesc.dll
[2012/10/15 11:30:42 | 000,335,872 | ---- | C] () -- C:\windows\SysWow64\lxdxcomx.dll
[2012/10/15 11:30:42 | 000,315,392 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxih.exe
[2012/10/15 11:30:42 | 000,053,248 | ---- | C] ( ) -- C:\windows\SysWow64\lxdxprox.dll
[2012/10/13 13:45:35 | 000,000,126 | ---- | C] () -- C:\windows\QUICKEN.INI
[2012/10/13 04:41:39 | 000,000,548 | ---- | C] () -- C:\Users\Purcell\AppData\Roaming\wklnhst.dat
[2012/09/30 23:17:22 | 000,039,904 | ---- | C] () -- C:\windows\SysWow64\dischandler.exe
[2012/09/29 16:47:28 | 000,000,178 | ---- | C] () -- C:\windows\SysWow64\Formats.ini
[2012/09/24 23:30:54 | 003,915,776 | ---- | C] () -- C:\windows\SysWow64\ffmpeg.dll
[2012/09/24 23:30:04 | 000,112,640 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2012/09/24 23:29:20 | 000,271,360 | ---- | C] () -- C:\windows\SysWow64\TomsMoComp_ff.dll
[2012/09/24 23:29:00 | 000,157,184 | ---- | C] () -- C:\windows\SysWow64\ff_unrar.dll
[2012/09/24 23:29:00 | 000,147,456 | ---- | C] () -- C:\windows\SysWow64\ff_libmad.dll
[2012/09/24 23:29:00 | 000,099,840 | ---- | C] () -- C:\windows\SysWow64\ff_wmv9.dll
[2012/09/24 23:28:58 | 001,525,760 | ---- | C] () -- C:\windows\SysWow64\ff_samplerate.dll
[2012/09/24 23:28:58 | 000,211,968 | ---- | C] () -- C:\windows\SysWow64\ff_libdts.dll
[2012/09/24 23:28:58 | 000,114,688 | ---- | C] () -- C:\windows\SysWow64\ff_liba52.dll
[2012/07/19 12:56:08 | 000,172,544 | ---- | C] () -- C:\windows\SysWow64\libbluray.dll
[2012/07/19 12:56:02 | 006,894,331 | ---- | C] () -- C:\windows\SysWow64\avcodec-lav-54.dll
[2012/07/19 12:56:02 | 001,111,581 | ---- | C] () -- C:\windows\SysWow64\avformat-lav-54.dll
[2012/07/19 12:56:02 | 000,401,685 | ---- | C] () -- C:\windows\SysWow64\swscale-lav-2.dll
[2012/07/19 12:56:02 | 000,232,895 | ---- | C] () -- C:\windows\SysWow64\avutil-lav-51.dll
[2012/07/19 12:56:02 | 000,162,743 | ---- | C] () -- C:\windows\SysWow64\avfilter-lav-3.dll
[2012/07/19 12:56:02 | 000,101,820 | ---- | C] () -- C:\windows\SysWow64\avresample-lav-0.dll
[2011/12/07 13:32:24 | 000,216,064 | ---- | C] ( ) -- C:\windows\SysWow64\Lagarith.dll
[2011/09/08 08:00:52 | 000,150,528 | ---- | C] () -- C:\windows\SysWow64\mkx.dll
[2011/09/08 08:00:48 | 000,142,336 | ---- | C] () -- C:\windows\SysWow64\mp4.dll
[2011/09/08 08:00:42 | 000,123,392 | ---- | C] () -- C:\windows\SysWow64\ogm.dll
[2011/09/08 08:00:38 | 000,249,856 | ---- | C] () -- C:\windows\SysWow64\dxr.dll
[2011/09/08 08:00:34 | 000,113,152 | ---- | C] () -- C:\windows\SysWow64\dsmux.exe
[2011/09/08 08:00:24 | 000,154,624 | ---- | C] () -- C:\windows\SysWow64\ts.dll
[2011/09/08 08:00:10 | 000,137,728 | ---- | C] () -- C:\windows\SysWow64\mkv2vfr.exe
[2011/09/08 08:00:06 | 000,358,400 | ---- | C] () -- C:\windows\SysWow64\gdsmux.exe
[2011/09/08 07:59:54 | 000,080,384 | ---- | C] () -- C:\windows\SysWow64\mkzlib.dll
[2011/09/08 07:59:52 | 000,024,576 | ---- | C] () -- C:\windows\SysWow64\mkunicode.dll
[2011/06/23 21:58:32 | 000,242,259 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2011/06/23 21:58:04 | 000,877,296 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2011/03/03 05:39:56 | 000,109,568 | ---- | C] () -- C:\windows\SysWow64\avi.dll
[2011/03/03 05:38:10 | 000,097,792 | ---- | C] () -- C:\windows\SysWow64\avs.dll
[2011/03/03 05:37:50 | 000,093,184 | ---- | C] () -- C:\windows\SysWow64\avss.dll
[2011/02/11 04:26:20 | 000,237,568 | ---- | C] () -- C:\windows\SysWow64\OptimFROG.dll
========== ZeroAccess Check ==========
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/02/07 21:23:41 | 000,000,000 | -HSD | M] -- C:\Users\Purcell\AppData\Roaming\.#
[2012/12/03 14:30:17 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\DriverCure
[2013/01/23 09:10:16 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\Fizob
[2013/02/07 21:22:50 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\ID Vault
[2012/12/24 09:28:51 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\IObit
[2012/10/19 21:20:44 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\JAM Software
[2012/11/05 18:25:55 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\Lexmark Productivity Studio
[2012/12/03 14:30:17 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\ParetoLogic
[2012/12/08 17:36:15 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\Pegasus Mail
[2013/01/20 09:39:55 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\Spadester
[2012/10/13 04:41:43 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\Template
[2012/10/14 08:58:14 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\TrueCrypt
[2013/02/07 20:59:49 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\UseNeXT
[2013/02/06 14:07:21 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\Usum
[2013/02/05 08:59:40 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\Wafiof
[2013/01/23 09:26:11 | 000,000,000 | ---D | M] -- C:\Users\Purcell\AppData\Roaming\Wuoqr
========== Purity Check ==========
< End of report >