here is the otl.txt
OTL logfile created on: 4/11/2014 9:54:43 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Paul D. Aslanian\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.79 Gb Total Physical Memory | 4.36 Gb Available Physical Memory | 75.42% Memory free
11.57 Gb Paging File | 9.96 Gb Available in Paging File | 86.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 675.44 Gb Total Space | 634.18 Gb Free Space | 93.89% Space Free | Partition Type: NTFS
Computer Name: PAULDASLANIAN | User Name: Paul D. Aslanian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Paul D. Aslanian\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe ()
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe (Samsung)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (SEC)
PRC - C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe ()
MOD - C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll ()
MOD - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll ()
========== Services (SafeList) ==========
SRV:
64bit: - (IEEtwCollectorService) -- C:\windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:
64bit: - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe (McAfee, Inc.)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:
64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:
64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:
64bit: - (25a98636) -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe (Symantec Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (SamsungDeviceConfigurationWinService) -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe ()
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:
64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:
64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:
64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:
64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:
64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:
64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys (Symantec Corporation)
DRV:
64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys (Symantec Corporation)
DRV:
64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys (Symantec Corporation)
DRV:
64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys (Symantec Corporation)
DRV:
64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys (Symantec Corporation)
DRV:
64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys (Symantec Corporation)
DRV:
64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:
64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:
64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:
64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:
64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:
64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:
64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:
64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:
64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:
64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:
64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:
64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:
64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:
64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:
64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:
64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:
64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:
64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys (Symantec Corporation)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121226.002\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121226.002\eng64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121225.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121130.005\BHDrvx64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://samsung.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.facebook.com"
FF - prefs.js..extensions.enabledAddons: ee5ad154-f909-4cc0-aa51-d7e94e3fb0af%4036204afd-f43e-4917-9c71-8384e2e4d3ad.com:0.94.36
FF - prefs.js..extensions.enabledAddons: a9719e64-232b-4695-ae9c-a89cd7f2aa84%40ca1279df-bc0d-44a8-97ef-19301c922b68.com:0.94.20
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/10/28 19:25:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2014/04/11 09:28:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/29 12:01:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8c46fde2-8f22-4b77-9d6b-47daa604b639}: C:\Program Files (x86)\Re-markit Corp\158.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/29 12:01:08 | 000,000,000 | ---D | M]
[2012/10/28 12:05:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul D. Aslanian\AppData\Roaming\Mozilla\Extensions
[2014/04/11 09:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul D. Aslanian\AppData\Roaming\Mozilla\Firefox\Profiles\1mhcgdqe.default-1397143917212\extensions
[2014/03/29 12:01:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/29 12:01:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\PAUL D. ASLANIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1MHCGDQE.DEFAULT-1397143917212\EXTENSIONS\A9719E64-232B-4695-AE9C-A89CD7F2AA84@CA1279DF-BC0D-44A8-97EF-19301C922B68.COM
File not found (No name found) -- C:\USERS\PAUL D. ASLANIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1MHCGDQE.DEFAULT-1397143917212\EXTENSIONS\EE5AD154-F909-4CC0-AA51-D7E94E3FB0AF@36204AFD-F43E-4917-9C71-8384E2E4D3AD.COM
[2012/06/28 11:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google
riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google
mniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google
ageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Paul D. Aslanian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Paul D. Aslanian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Paul D. Aslanian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Paul D. Aslanian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Paul D. Aslanian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Paul D. Aslanian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: &Leave a note for Been users - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/205 File not found
O8:
64bit: - Extra context menu item: &Remove from Been Clickstream - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/206 File not found
O8:
64bit: - Extra context menu item: &Save as Been Favorite - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/204 File not found
O8:
64bit: - Extra context menu item: &Thumbs Down - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/202 File not found
O8:
64bit: - Extra context menu item: &Thumbs Up - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/201 File not found
O8 - Extra context menu item: &Leave a note for Been users - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/205 File not found
O8 - Extra context menu item: &Remove from Been Clickstream - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/206 File not found
O8 - Extra context menu item: &Save as Been Favorite - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/204 File not found
O8 - Extra context menu item: &Thumbs Down - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/202 File not found
O8 - Extra context menu item: &Thumbs Up - res://C:\Program Files (x86)\GoodShop\Basement\BackgroundEngine.exe/201 File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D795A491-5ACF-4C36-9AA9-9886A7BC9D76}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:
64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:
64bit: - AppInit_DLLs: (C:\PROGRA~3\WEBLIG~1\WEBLIG~1.DLL) - C:\ProgramData\Web Light\WebLight_x64.dll ()
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\weblig~1\weblight.dll) - File not found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4a69a9f6-8a7b-11e3-ada2-72b7c32336e4}\Shell - "" = AutoRun
O33 - MountPoints2\{4a69a9f6-8a7b-11e3-ada2-72b7c32336e4}\Shell\AutoRun\command - "" = E:\VZW_Software_upgrade_assistant.exe
O33 - MountPoints2\{60dc2547-3be0-11e3-b176-72b7c32336e4}\Shell - "" = AutoRun
O33 - MountPoints2\{60dc2547-3be0-11e3-b176-72b7c32336e4}\Shell\AutoRun\command - "" = E:\VZW_Software_upgrade_assistant.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/04/11 09:23:50 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/11 09:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/11 09:23:11 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/04/11 09:23:11 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/04/11 09:23:11 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/04/11 09:23:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/11 09:23:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/11 08:59:35 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2014/04/10 23:16:20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/10 17:21:15 | 002,212,656 | ---- | C] (ELAN Microelectronics Corp.) -- C:\windows\ETDUninst.dll
[2014/04/09 21:35:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/04/09 21:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HQ-Vpro-1.9
[2014/04/09 21:30:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Re-markit Corp
[2014/04/08 00:22:05 | 000,000,000 | ---D | C] -- C:\Users\Paul D. Aslanian\Documents\Youcam
[2014/04/08 00:22:02 | 000,000,000 | ---D | C] -- C:\Users\Paul D. Aslanian\AppData\Roaming\CyberLink
[2014/04/04 21:18:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/03/29 12:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/25 22:40:36 | 000,000,000 | ---D | C] -- C:\Users\Paul D. Aslanian\AppData\Local\Windows Live
[2014/03/21 23:18:35 | 000,000,000 | ---D | C] -- C:\Users\Paul D. Aslanian\Documents\Avery Templates
[1 C:\Users\Paul D. Aslanian\AppData\Local\*.tmp files -> C:\Users\Paul D. Aslanian\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/11 09:49:03 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/11 09:42:56 | 000,048,202 | ---- | M] () -- C:\Users\Paul D. Aslanian\Desktop\mbam.xml
[2014/04/11 09:33:54 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/11 09:33:54 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/11 09:32:22 | 000,783,464 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/04/11 09:32:22 | 000,663,102 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/04/11 09:32:22 | 000,122,680 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/04/11 09:26:27 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/04/11 09:26:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/04/11 09:26:01 | 1918,406,655 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/11 09:24:50 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/11 09:22:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/04/10 23:10:26 | 001,426,178 | ---- | M] () -- C:\Users\Paul D. Aslanian\Desktop\AdwCleaner.exe
[2014/04/10 14:04:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/04/10 10:09:39 | 000,181,151 | ---- | M] () -- C:\Users\Paul D. Aslanian\Desktop\bookmarks-2014-04-10.json
[2014/04/10 10:00:51 | 000,168,653 | ---- | M] () -- C:\Users\Paul D. Aslanian\Desktop\bookmarks3.html
[2014/04/09 21:55:34 | 000,000,378 | ---- | M] () -- C:\windows\tasks\APSnotifierPP3.job
[2014/04/09 21:51:15 | 000,000,380 | ---- | M] () -- C:\windows\tasks\APSnotifierPP1.job
[2014/04/09 21:31:52 | 000,000,378 | ---- | M] () -- C:\windows\tasks\APSnotifierPP2.job
[2014/04/09 21:31:47 | 000,002,850 | ---- | M] () -- C:\Users\Paul D. Aslanian\AppData\Roaming\aps.scan.results
[2014/04/09 21:31:47 | 000,001,198 | ---- | M] () -- C:\Users\Paul D. Aslanian\AppData\Roaming\aps.scan.quick.results
[2014/04/09 21:31:47 | 000,000,314 | ---- | M] () -- C:\Users\Paul D. Aslanian\AppData\Roaming\aps.uninstall.scan.results
[2014/04/09 21:30:18 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/03/13 10:38:46 | 000,277,504 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Paul D. Aslanian\AppData\Local\*.tmp files -> C:\Users\Paul D. Aslanian\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/11 09:49:50 | 000,048,202 | ---- | C] () -- C:\Users\Paul D. Aslanian\Desktop\mbam.xml
[2014/04/11 09:23:15 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/10 23:09:50 | 001,426,178 | ---- | C] () -- C:\Users\Paul D. Aslanian\Desktop\AdwCleaner.exe
[2014/04/10 10:09:38 | 000,181,151 | ---- | C] () -- C:\Users\Paul D. Aslanian\Desktop\bookmarks-2014-04-10.json
[2014/04/10 10:00:51 | 000,168,653 | ---- | C] () -- C:\Users\Paul D. Aslanian\Desktop\bookmarks3.html
[2014/04/09 21:49:42 | 000,000,378 | ---- | C] () -- C:\windows\tasks\APSnotifierPP3.job
[2014/04/09 21:31:52 | 000,000,378 | ---- | C] () -- C:\windows\tasks\APSnotifierPP2.job
[2014/04/09 21:31:48 | 000,000,380 | ---- | C] () -- C:\windows\tasks\APSnotifierPP1.job
[2014/04/09 21:31:41 | 000,002,850 | ---- | C] () -- C:\Users\Paul D. Aslanian\AppData\Roaming\aps.scan.results
[2014/04/09 21:31:41 | 000,001,198 | ---- | C] () -- C:\Users\Paul D. Aslanian\AppData\Roaming\aps.scan.quick.results
[2014/04/09 21:31:41 | 000,000,314 | ---- | C] () -- C:\Users\Paul D. Aslanian\AppData\Roaming\aps.uninstall.scan.results
[2014/01/30 20:58:54 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/11/04 13:35:58 | 000,776,078 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/04/18 06:31:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2012/04/18 05:51:01 | 000,001,610 | ---- | C] () -- C:\windows\HotFixList.ini
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/12/12 17:55:55 | 000,000,000 | ---D | M] -- C:\Users\Paul D. Aslanian\AppData\Roaming\Audacity
[2012/12/03 09:00:09 | 000,000,000 | ---D | M] -- C:\Users\Paul D. Aslanian\AppData\Roaming\Nico Mak Computing
[2014/04/09 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Paul D. Aslanian\AppData\Roaming\SoftGrid Client
[2012/11/06 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\Paul D. Aslanian\AppData\Roaming\SystemRequirementsLab
[2012/11/04 13:36:38 | 000,000,000 | ---D | M] -- C:\Users\Paul D. Aslanian\AppData\Roaming\TP
[2014/04/04 11:51:14 | 000,000,000 | ---D | M] -- C:\Users\Paul D. Aslanian\AppData\Roaming\uTorrent
[2012/10/28 17:03:14 | 000,000,000 | ---D | M] -- C:\Users\Paul D. Aslanian\AppData\Roaming\WildTangent
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720
< End of report >