I very recently uninstalled SB S&D (like a few minutes before doing this scan). Computer is a bit sluggish. I'm sure part of the problem is due to unnecessary items running, but before going through those, want to make sure there aren't any infections/etc.
Spoiler
OTL logfile created on: 5/31/2013 3:14:07 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\parentalUnit\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.61 Gb Total Physical Memory | 4.72 Gb Available Physical Memory | 62.05% Memory free
15.21 Gb Paging File | 11.86 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.56 Gb Total Space | 367.38 Gb Free Space | 80.64% Space Free | Partition Type: NTFS
Drive D: | 10.10 Gb Total Space | 1.23 Gb Free Space | 12.19% Space Free | Partition Type: NTFS
Computer Name: WOLFK7 | User Name: parentalUnit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/05/31 03:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\parentalUnit\Downloads\OTL(1).exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 17:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/12/14 07:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/09/29 02:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla\Firefox7\firefox.exe
PRC - [2011/09/29 02:53:40 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla\Firefox7\plugin-container.exe
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/02/22 21:57:02 | 000,056,040 | ---- | M] (Xobni Corporation) -- C:\Program Files (x86)\Xobni\XobniService.exe
PRC - [2011/01/25 20:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/11/02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010/09/28 11:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/08/24 22:11:16 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2012/12/15 15:09:12 | 006,275,000 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/29 02:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla\Firefox7\mozjs.dll
========== Services (SafeList) ==========
SRV:64bit: - [2011/12/01 06:24:47 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/12/14 07:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/24 13:59:58 | 000,102,912 | ---- | M] () [Auto | Running] -- C:\Windows\agent_x64.exe -- (Agent)
SRV - [2011/02/22 21:57:02 | 000,056,040 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011/01/25 20:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/11/02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/28 11:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/23 21:59:36 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/03/31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/12/14 17:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 05:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/05 13:35:07 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2011/12/01 06:24:48 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/12/01 06:24:48 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/29 06:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/06/09 17:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2010/06/09 17:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010/04/22 19:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2010/02/18 12:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/11/02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/19
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/19
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMDTDF
IE:64bit: - HKLM\..\SearchScopes\{BBA68337-EC13-4991-8BF2-CE269449E214}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/19
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/19
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMDTDF
IE - HKLM\..\SearchScopes\{BBA68337-EC13-4991-8BF2-CE269449E214}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/19
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/19
IE - HKCU\..\SearchScopes,DefaultScope = {98C4C31D-A3B6-4C3F-A151-62A44E4DBA3A}
IE - HKCU\..\SearchScopes\{98C4C31D-A3B6-4C3F-A151-62A44E4DBA3A}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/16 17:41:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] [2012/01/05 13:59:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] [2012/01/05 13:59:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] [2012/01/05 13:59:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla\Firefox7\components [2012/06/24 15:38:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla\Firefox7\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/16 17:41:37 | 000,000,000 | ---D | M]
[2011/09/10 04:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Extensions
[2011/09/10 04:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Extensions - Copy
[2011/09/10 04:23:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions
[2011/09/10 04:23:30 | 000,000,000 | ---D | M] () -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011/09/10 04:23:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/10 04:23:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/10 04:23:32 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/09/10 04:23:32 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2013/01/27 18:55:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyr9by.Default User\extensions
[2011/09/10 04:23:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyr9by.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/17 11:30:54 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyr9by.Default User\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2013/01/27 18:55:44 | 000,000,000 | ---D | M] (ShopAtHome.com Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyr9by.Default User\extensions\[email protected]
[2011/09/10 04:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions
[2011/09/10 04:23:58 | 000,000,000 | ---D | M] () -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011/09/10 04:23:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/10 04:24:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/10 04:24:00 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/09/10 04:24:01 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2012/06/24 15:26:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions
[2012/06/24 15:26:50 | 000,000,000 | ---D | M] () -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2012/06/24 15:26:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/24 15:26:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/06/24 15:26:54 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/06/24 15:26:54 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2012/06/24 15:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\ojlyr9by.Default User\extensions
[2012/06/24 15:27:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\ojlyr9by.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/24 15:27:02 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\ojlyr9by.Default User\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2012/06/24 15:27:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions
[2012/06/24 15:27:06 | 000,000,000 | ---D | M] () -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2012/06/24 15:27:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/24 15:27:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/06/24 15:27:09 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/06/24 15:27:09 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN
Hosts file not found
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mcvh-vcu.edu ([vcuhsra] https in Trusted sites)
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} http://vcuhsnm103.mc....edu/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\InstallerControl.cab (F5 Networks Auto Update)
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\vdeskctrl.cab (F5 Virtual Sandbox Class)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\urxhost.cab (F5 Networks Host Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{051C5261-519B-41F2-8841-AAD784346E0A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\kloehk.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5bee94ca-a773-11e2-81df-2c27d734c7ba}\Shell - "" = AutoRun
O33 - MountPoints2\{5bee94ca-a773-11e2-81df-2c27d734c7ba}\Shell\AutoRun\command - "" = G:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/27 08:48:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[1 C:\Users\parentalUnit\Documents\*.tmp files -> C:\Users\parentalUnit\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/05/28 21:32:16 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForparentalUnit.job
[2013/05/28 04:22:16 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/28 04:22:16 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/27 09:23:58 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/27 09:23:58 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/27 09:23:58 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/27 09:15:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/27 09:15:11 | 1829,740,543 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/27 09:11:25 | 000,426,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/27 08:58:43 | 000,772,558 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[1 C:\Users\parentalUnit\Documents\*.tmp files -> C:\Users\parentalUnit\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/03/23 07:01:13 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/05 12:40:30 | 000,102,912 | ---- | C] () -- C:\Windows\agent_x64.exe
[2011/12/01 06:25:09 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/10/08 14:01:55 | 000,000,000 | ---- | C] () -- C:\Windows\f5unistall.INI
[2011/09/16 17:34:56 | 000,218,187 | ---- | C] () -- C:\Windows\hpwins14.dat
[2011/09/16 17:34:56 | 000,000,411 | ---- | C] () -- C:\Windows\hpwmdl14.dat
[2011/08/10 06:56:20 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/01/05 12:46:51 | 000,000,000 | ---D | M] -- C:\Users\parentalUnit\AppData\Roaming\Neat
[2012/01/05 12:46:37 | 000,000,000 | ---D | M] -- C:\Users\parentalUnit\AppData\Roaming\Nuance
========== Purity Check ==========
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\parentalUnit\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.61 Gb Total Physical Memory | 4.72 Gb Available Physical Memory | 62.05% Memory free
15.21 Gb Paging File | 11.86 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.56 Gb Total Space | 367.38 Gb Free Space | 80.64% Space Free | Partition Type: NTFS
Drive D: | 10.10 Gb Total Space | 1.23 Gb Free Space | 12.19% Space Free | Partition Type: NTFS
Computer Name: WOLFK7 | User Name: parentalUnit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/05/31 03:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\parentalUnit\Downloads\OTL(1).exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 17:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/12/14 07:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/09/29 02:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla\Firefox7\firefox.exe
PRC - [2011/09/29 02:53:40 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla\Firefox7\plugin-container.exe
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/02/22 21:57:02 | 000,056,040 | ---- | M] (Xobni Corporation) -- C:\Program Files (x86)\Xobni\XobniService.exe
PRC - [2011/01/25 20:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/11/02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010/09/28 11:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/08/24 22:11:16 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2012/12/15 15:09:12 | 006,275,000 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/29 02:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla\Firefox7\mozjs.dll
========== Services (SafeList) ==========
SRV:64bit: - [2011/12/01 06:24:47 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/12/14 07:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/24 13:59:58 | 000,102,912 | ---- | M] () [Auto | Running] -- C:\Windows\agent_x64.exe -- (Agent)
SRV - [2011/02/22 21:57:02 | 000,056,040 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011/01/25 20:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/11/02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/28 11:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/23 21:59:36 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/03/31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/12/14 17:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 05:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/05 13:35:07 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2011/12/01 06:24:48 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/12/01 06:24:48 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/29 06:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/06/09 17:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2010/06/09 17:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010/04/22 19:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2010/02/18 12:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/11/02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/19
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/19
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMDTDF
IE:64bit: - HKLM\..\SearchScopes\{BBA68337-EC13-4991-8BF2-CE269449E214}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/19
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/19
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMDTDF
IE - HKLM\..\SearchScopes\{BBA68337-EC13-4991-8BF2-CE269449E214}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/19
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/19
IE - HKCU\..\SearchScopes,DefaultScope = {98C4C31D-A3B6-4C3F-A151-62A44E4DBA3A}
IE - HKCU\..\SearchScopes\{98C4C31D-A3B6-4C3F-A151-62A44E4DBA3A}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/16 17:41:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] [2012/01/05 13:59:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] [2012/01/05 13:59:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] [2012/01/05 13:59:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla\Firefox7\components [2012/06/24 15:38:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla\Firefox7\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/16 17:41:37 | 000,000,000 | ---D | M]
[2011/09/10 04:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Extensions
[2011/09/10 04:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Extensions - Copy
[2011/09/10 04:23:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions
[2011/09/10 04:23:30 | 000,000,000 | ---D | M] () -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011/09/10 04:23:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/10 04:23:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/10 04:23:32 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/09/10 04:23:32 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\FireFox4\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2013/01/27 18:55:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyr9by.Default User\extensions
[2011/09/10 04:23:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyr9by.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/17 11:30:54 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyr9by.Default User\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2013/01/27 18:55:44 | 000,000,000 | ---D | M] (ShopAtHome.com Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyr9by.Default User\extensions\[email protected]
[2011/09/10 04:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions
[2011/09/10 04:23:58 | 000,000,000 | ---D | M] () -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011/09/10 04:23:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/10 04:24:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/10 04:24:00 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/09/10 04:24:01 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox\Profiles\s43aq02z.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2012/06/24 15:26:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions
[2012/06/24 15:26:50 | 000,000,000 | ---D | M] () -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2012/06/24 15:26:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/24 15:26:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/06/24 15:26:54 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/06/24 15:26:54 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\FireFox4\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2012/06/24 15:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\ojlyr9by.Default User\extensions
[2012/06/24 15:27:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\ojlyr9by.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/24 15:27:02 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\ojlyr9by.Default User\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2012/06/24 15:27:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions
[2012/06/24 15:27:06 | 000,000,000 | ---D | M] () -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2012/06/24 15:27:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/06/24 15:27:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/06/24 15:27:09 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/06/24 15:27:09 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\parentalUnit\AppData\Roaming\Mozilla\Firefox - Copy\Profiles\s43aq02z.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN
Hosts file not found
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mcvh-vcu.edu ([vcuhsra] https in Trusted sites)
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} http://vcuhsnm103.mc....edu/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\InstallerControl.cab (F5 Networks Auto Update)
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\vdeskctrl.cab (F5 Virtual Sandbox Class)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\parentalUnit\AppData\Local\Temp\f5tmp\urxhost.cab (F5 Networks Host Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{051C5261-519B-41F2-8841-AAD784346E0A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\kloehk.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5bee94ca-a773-11e2-81df-2c27d734c7ba}\Shell - "" = AutoRun
O33 - MountPoints2\{5bee94ca-a773-11e2-81df-2c27d734c7ba}\Shell\AutoRun\command - "" = G:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/27 08:48:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[1 C:\Users\parentalUnit\Documents\*.tmp files -> C:\Users\parentalUnit\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/05/28 21:32:16 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForparentalUnit.job
[2013/05/28 04:22:16 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/28 04:22:16 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/27 09:23:58 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/27 09:23:58 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/27 09:23:58 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/27 09:15:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/27 09:15:11 | 1829,740,543 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/27 09:11:25 | 000,426,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/27 08:58:43 | 000,772,558 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[1 C:\Users\parentalUnit\Documents\*.tmp files -> C:\Users\parentalUnit\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/03/23 07:01:13 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/05 12:40:30 | 000,102,912 | ---- | C] () -- C:\Windows\agent_x64.exe
[2011/12/01 06:25:09 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/10/08 14:01:55 | 000,000,000 | ---- | C] () -- C:\Windows\f5unistall.INI
[2011/09/16 17:34:56 | 000,218,187 | ---- | C] () -- C:\Windows\hpwins14.dat
[2011/09/16 17:34:56 | 000,000,411 | ---- | C] () -- C:\Windows\hpwmdl14.dat
[2011/08/10 06:56:20 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/01/05 12:46:51 | 000,000,000 | ---D | M] -- C:\Users\parentalUnit\AppData\Roaming\Neat
[2012/01/05 12:46:37 | 000,000,000 | ---D | M] -- C:\Users\parentalUnit\AppData\Roaming\Nuance
========== Purity Check ==========
< End of report >