Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD with Aol desktop9.7


  • This topic is locked This topic is locked
112 replies to this topic

#1 bobbymcgee

bobbymcgee

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:08:37 PM

Posted 06 September 2014 - 07:17 AM

Awhile back started having problems with AOL desktop. Uninstalled and reinstalled  several times but when trying to actually sign on the BSOD pops up(it says opening aol desktop and then wham up comes the BSOD It never actually opens, I don't get to sign on) I should have mentioned that I was advised to post in this forum by boopme as I had originally posted in Am I infected? What do I do?

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239  BrowserJavaVersion: 10.67.2
Run by verna at 7:56:05 on 2014-09-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3037.1713 [GMT -4:00]
.
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Users\verna\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Users\verna\Pogo Games\PGMTrusted.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Verizon\IHA_MessageCenter\bin\VzDetectAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/
mStart Page = hxxp://www.bing.com/
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - LocalServer32 - <no file>
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
uRun: [f.lux] "C:\Users\verna\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
dRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
dRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
uPolicies-Explorer: NoFolderOptions  = dword:0
uPolicies-Explorer: HideSCAVolume = dword:0
uPolicies-Explorer: TaskbarNoNotification = dword:0
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:189
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoFolderOptions  = dword:0
mPolicies-Explorer: NoCustomizeThisFolder = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:189
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: dontdisplaylastusername = dword:1
mPolicies-System: NoVirtMemPage = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: SoftwareSASGeneration = dword:3
mPolicies-Windows\System: UseOEMBackground = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-Explorer: TaskbarNoNotification = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Trusted Zone: %20rsibanking.com
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxf.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} - hxxp://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/da2/PCPitStop2.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A2F0FC13-3B3A-4166-913E-BD8C4A61EEC3} : DHCPNameServer = 192.168.1.1
Handler: javascript - <Clsid value has no data>
Handler: mailto - <Clsid value has no data>
Handler: res - <Clsid value has no data>
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - LocalServer32 - <no file>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\System32\wpdshserviceobj.dll
x64-mStart Page = hxxp://www.bing.com/
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
x64-DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Handler: javascript - <Clsid value has no data>
x64-Handler: mailto - <Clsid value has no data>
x64-Handler: res - <Clsid value has no data>
x64-Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
x64-Notify: igfxcui - igfxdev.dll
x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
x64-STS: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?ncid=hyplognew00000010&tb_uuid=7368E53DD584BAAD89A9A1501E3442C8
FF - prefs.js: keyword.URL -
FF - plugin: C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Users\verna\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Users\verna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\nppl3260.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\npqtplugin.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\npqtplugin2.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\npqtplugin3.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\npqtplugin4.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\npqtplugin5.dll
FF - plugin: C:\Users\verna\AppData\Roaming\Mozilla\plugins\nprpplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-9-3 718840]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-1-26 17720]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2014-9-3 121928]
R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-9-3 148696]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-5-7 172344]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-8-7 438616]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2014-9-3 69368]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-16 13336]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 363128]
R2 PGMTrusted;PGMTrusted;C:\Users\verna\Pogo Games\PGMTrusted.exe [2012-10-31 519920]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-9-3 593144]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-3-15 145408]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-16 236544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-9-12 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2014-6-14 41032]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-13 111616]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2014-8-18 16152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-10 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-26 1255736]
S3 WriteWatcher;WriteWatcher;C:\Windows\System32\drivers\WriteWatcher64.sys [2014-7-20 16896]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1 [UserChoice]
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-09-06 00:53:02    --------    d-----w-    C:\ProgramData\GZ
2014-09-05 18:53:42    --------    d-----w-    C:\ProgramData\Viewpoint
2014-09-05 18:53:41    --------    d-----w-    C:\Program Files (x86)\Viewpoint
2014-09-05 18:52:49    --------    d-----w-    C:\Program Files (x86)\AOL Desktop 9.7b
2014-09-05 15:20:11    --------    d-----w-    C:\Windows\System32\CatRoot2
2014-09-05 15:07:58    --------    d-----w-    C:\Windows\SysWow64\wbem\Performance
2014-09-05 14:22:41    --------    d-----w-    C:\Program Files (x86)\Tweaking.com
2014-09-03 18:48:21    --------    d-----w-    C:\Program Files (x86)\ESET
2014-09-03 18:37:52    --------    d-----w-    C:\AdwCleaner
2014-09-03 12:49:27    261056    ----a-w-    C:\Windows\System32\drivers\avchv.sys
2014-09-03 12:48:41    195651    ----a-w-    C:\ProgramData\1409748307.bdinstall.bin
2014-09-03 12:46:35    718840    ----a-w-    C:\Windows\System32\drivers\avc3.sys
2014-09-03 12:46:35    593144    ----a-w-    C:\Windows\System32\drivers\avckf.sys
2014-09-03 12:45:29    --------    d-----w-    C:\Program Files\Bitdefender
2014-09-03 12:45:18    382536    ----a-w-    C:\Windows\System32\drivers\trufos.sys
2014-09-03 12:45:18    148696    ----a-w-    C:\Windows\System32\drivers\gzflt.sys
2014-09-03 12:42:12    45426    ----a-w-    C:\ProgramData\1409748120.bdinstall.bin
2014-09-03 11:57:05    96062    ----a-w-    C:\ProgramData\1409745386.bdinstall.bin
2014-09-03 11:56:26    37823    ----a-w-    C:\ProgramData\1409745385.bdinstall.bin
2014-09-01 17:38:12    --------    d-----w-    C:\BigFishCache
2014-09-01 10:01:02    296448    ----a-w-    C:\Windows\SysWow64\mfds.dll.bak
2014-09-01 09:59:37    2050560    ----a-w-    C:\Windows\System32\VSFilter.dll.bak
2014-09-01 09:56:08    --------    d-----w-    C:\ProgramData\Advanced
2014-08-31 12:28:19    --------    d-----w-    C:\Program Files (x86)\AOL Desktop 9.7a
2014-08-30 14:54:12    --------    d-----w-    C:\Program Files (x86)\VS Revo Group
2014-08-30 14:28:47    --------    d-----w-    C:\ProgramData\PCPitstop
2014-08-30 14:28:47    --------    d-----w-    C:\Program Files (x86)\PCPitstop
2014-08-29 09:49:52    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-29 09:49:52    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-29 09:49:52    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-28 11:22:22    197878    ----a-w-    C:\ProgramData\1409224797.bdinstall.bin
2014-08-27 19:45:17    --------    d-----w-    C:\ProgramData\BoostSoftware
2014-08-24 15:25:38    --------    d-----w-    C:\Program Files (x86)\Windows Boot Genius
2014-08-24 10:32:28    --------    d-----w-    C:\Users\verna\AppData\Roaming\AOL
2014-08-24 10:31:24    --------    d-----w-    C:\Users\verna\AppData\Local\AOL
2014-08-24 10:31:14    --------    d-----w-    C:\Program Files (x86)\Common Files\AOL
2014-08-24 10:31:14    --------    d-----w-    C:\Program Files (x86)\AOL Desktop 9.7
2014-08-24 10:20:54    --------    d-----w-    C:\Users\verna\AppData\Roaming\KSafe
2014-08-24 10:20:54    --------    d-----w-    C:\ProgramData\KSafe
2014-08-24 10:20:51    --------    d-----w-    C:\Program Files (x86)\MaxUtilities
2014-08-22 19:47:20    --------    d-----w-    C:\Users\verna\AppData\Local\TaskManager
2014-08-22 19:47:17    --------    d-----w-    C:\Program Files\Free Extended Task Manager
2014-08-20 15:38:31    --------    d-----w-    C:\Program Files\WhoCrashed
2014-08-19 12:24:16    --------    d-----w-    C:\Program Files (x86)\bfgclient
2014-08-18 15:53:16    16152    ----a-w-    C:\Windows\System32\drivers\SWDUMon.sys
2014-08-18 15:53:16    --------    d-----w-    C:\Users\verna\AppData\Local\SlimWare Utilities Inc
2014-08-18 15:53:12    --------    d-----w-    C:\Program Files (x86)\SlimDrivers
2014-08-18 10:38:49    --------    d-----w-    C:\Users\verna\SystemRequirementsLab
2014-08-18 10:33:53    --------    d-----w-    C:\Intel
2014-08-14 16:37:32    --------    d-----w-    C:\Windows\ERUNT
2014-08-13 18:34:02    --------    d-----w-    C:\Program Files\Speccy
2014-08-13 10:38:47    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-08-13 10:38:47    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-08-13 10:38:47    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-13 10:38:47    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-13 10:38:45    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-08-13 10:38:45    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-13 10:38:29    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-13 10:38:29    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-13 10:36:35    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-08-11 11:32:42    --------    d-----w-    C:\ProgramData\BitDefender
2014-08-11 11:28:39    --------    d-----w-    C:\Program Files\Lavasoft
2014-08-10 18:41:19    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-10 18:39:48    111016    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2014-08-08 20:52:44    --------    d-----w-    C:\Program Files (x86)\Add Remove Pro
.
==================== Find3M  ====================
.
2014-09-05 18:51:53    58696    ----a-w-    C:\Windows\SysWow64\AOLParconLink.exe
2014-08-29 14:16:58    1521024    ----a-w-    C:\Windows\System32\VSFilter.dll
2014-08-28 20:20:39    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-25 10:53:42    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-08-14 10:42:48    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-14 10:42:48    699568    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-07 02:06:41    529920    ----a-w-    C:\Windows\System32\aepdu.dll
2014-08-07 02:01:34    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-07-25 14:02:12    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28    758272    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15    5824512    ----a-w-    C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05    72704    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47    597504    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47    4204032    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29    2087936    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49    2001920    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06    2266624    ----a-w-    C:\Windows\System32\wininet.dll
2014-07-25 10:05:23    1792512    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-07-24 12:09:18    245165    ----a-w-    C:\ProgramData\1406203439.bdinstall.bin
2014-07-24 11:52:26    74512    ----a-w-    C:\Windows\System32\bdsandboxuiskin32.dll
2014-07-24 11:50:32    458207    ----a-w-    C:\ProgramData\1406202293.bdinstall.bin
2014-07-24 11:45:12    17948    ----a-w-    C:\ProgramData\1406202293.5008.bin
2014-07-22 19:14:46    137376    ----a-w-    C:\Windows\System32\vcomp120.dll
2014-07-22 18:51:46    3502080    ----a-w-    C:\Windows\System32\x264vfw.dll
2014-07-22 18:50:28    3510784    ----a-w-    C:\Windows\SysWow64\x264vfw.dll
2014-07-21 18:29:01    175528    ----a-w-    C:\Windows\System32\drivers\tmcomm.sys
2014-07-16 03:23:41    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-07-16 02:46:02    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-07-13 13:07:35    707354    ----a-w-    C:\Windows\unins000.exe
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-06-24 17:19:36    829264    ----a-w-    C:\Windows\System32\msvcr100.dll
2014-06-24 17:19:36    608080    ----a-w-    C:\Windows\System32\msvcp100.dll
2014-06-22 18:22:59    233520    ----a-w-    C:\Windows\RegBootClean64.exe
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19    985536    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-11 15:43:16    96952    ----a-w-    C:\ProgramData\1402501351.bdinstall.bin
2014-06-11 15:42:30    37823    ----a-w-    C:\ProgramData\1402501344.bdinstall.bin
2014-06-11 15:32:49    200553    ----a-w-    C:\ProgramData\1402500663.bdinstall.bin
2013-08-18 13:28:28    4096000    ----a-w-    C:\Program Files (x86)\GUT2EEE.tmp
.
============= FINISH:  7:57:31.69 ===============
 

Attached Files


Edited by bobbymcgee, 06 September 2014 - 10:49 AM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 11 September 2014 - 07:20 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/547105 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 bobbymcgee

bobbymcgee
  • Topic Starter

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:08:37 PM

Posted 11 September 2014 - 01:31 PM

Here are the attachments

 

Attached File  attach.txt   8.48KB   0 downloads

 

Attached File  dds.zip   7.49KB   0 downloads

 

I do not have the original cd/dvd


Edited by bobbymcgee, 11 September 2014 - 01:36 PM.


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,967 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:37 PM

Posted 12 September 2014 - 09:05 AM

Greetings bobbymcgee and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

BlueScreenView

----------
  • Download BlueScreenView and save it to your desktop
  • Double click the BlueScreenView.exe file then click OK
  • Select Run, Next, then Next again
  • Click Install
  • When the scanning is complete, select Edit and Select All
  • Then click File and Save Selected Items
  • Save the report as BSOD.txt
  • Open BSOD.txt in Notepad, copy the entire content and paste it into your next reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • BSOD.txt
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 bobbymcgee

bobbymcgee
  • Topic Starter

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:08:37 PM

Posted 12 September 2014 - 12:43 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by verna (administrator) on VERNA-PC on 12-09-2014 12:53:58
Running from C:\Users\verna\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes8\DS8Srv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(iWin Inc.) C:\Users\verna\Pogo Games\PGMTrusted.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes8\Deskscapes64.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Flux Software LLC) C:\Users\verna\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions ] 0
HKLM\...\Policies\Explorer: [NoCustomizeThisFolder] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\.DEFAULT\...\RunOnce: [adawarebp] => reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
HKU\.DEFAULT\...\RunOnce: [adawarebp_XP] => reg.exe delete "HKCU\Software\adawarebp" /f
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Run: [f.lux] => C:\Users\verna\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [New Value #1] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoFolderOptions ] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoFileMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoAddPrinter] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: BaiduAntivirusIconLock -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,start page = http://www.bing.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x03FEAC6A6939CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,start page = http://www.bing.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {3062D68B-BE97-44AC-ACDA-221D469D4CF7} URL =
SearchScopes: HKCU - {41879711-B714-41BE-9A0C-EB90CFB98239} URL = https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKCU - {E0CDAF38-25DC-4212-8A51-CAA85CD22757} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} ->  No File
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} -  No File
Toolbar: HKCU - No Name - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {15B782AF-55D8-11D1-B477-006097098764} http://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxf.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {809A6301-7B40-4436-A02C-87B8D3D7D9E3} http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab
Handler: javascript - No CLSID Value -
Handler: mailto - No CLSID Value -
Handler: res - No CLSID Value -
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler: WSWSVCUchrome - No CLSID Value -
Handler-x32: javascript - No CLSID Value -
Handler-x32: mailto - No CLSID Value -
Handler-x32: res - No CLSID Value -
Handler-x32: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Handler-x32: WSWSVCUchrome - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default
FF NewTab: hxxp://www.aol.com/?mtmhp=hyplogusaolp00000081&tb_uuid=7368E53DD584BAAD89A9A1501E3442C8
FF SearchEngineOrder.3: Bing
FF Homepage: hxxp://www.aol.com/?ncid=hyplognew00000010&tb_uuid=7368E53DD584BAAD89A9A1501E3442C8
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll No File
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll (ParallelGraphics)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\verna\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\verna\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\verna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\searchplugins\aol-search.xml
FF SearchPlugin: C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\searchplugins\youtube.xml
FF Extension: FireFox Tweak - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\firefoxtweak@pribic.am [2013-12-20]
FF Extension: WOT - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-18]
FF Extension: Webmail Ad Blocker - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\gmailnoads@mywebber.com.xpi [2013-12-19]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\info@convert2mp3.net.xpi [2014-01-04]
FF Extension: Google Translate It - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\jid0-T5rLBR2f2bw85B4AYMBuRUyNBYI@jetpack.xpi [2013-12-19]
FF Extension: NO Google Analytics - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2013-12-18]
FF Extension: RememberPass - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\rememberpass@teesoft.info.xpi [2013-12-19]
FF Extension: Youtube Video Center - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{34878998-c8be-40bc-bc13-9243a2844976}.xpi [2014-06-29]
FF Extension: Stylish - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-12-18]
FF Extension: Facebook Toolbar Button - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2014-04-21]
FF Extension: NoScript - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-26]
FF Extension: YouTube High Definition - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-10]
FF Extension: Yahoo Mail Button - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{c9b4529a-eeba-4e48-976e-f3d3f9026e04}.xpi [2013-12-19]
FF Extension: Adblock Plus - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-28]
FF Extension: Greasemonkey - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-01-15]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2014-09-04]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-30] (SUPERAntiSpyware.com)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation) [File not signed]
S3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) [File not signed]
R2 DeskScapes8; C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes8\ds8srv.exe [75376 2013-01-25] (Stardock Software, Inc)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-08-18] (Microsoft Corporation) [File not signed]
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2014-08-13] (Verizon)
S3 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation) [File not signed]
R2 PGMTrusted; C:\Users\verna\Pogo Games\PGMTrusted.exe [519920 2012-10-31] (iWin Inc.)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation) [File not signed]
R3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [216576 2012-08-21] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [219136 2012-08-21] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2832384 2012-08-21] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2039296 2012-08-21] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [194560 2012-08-21] (Microsoft Corporation) [File not signed]
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 ATWPKT2; C:\Windows\system32\drivers\ATWPKT264.SYS [34520 2014-02-25] (America Online)
S3 ATWPKT2; C:\Windows\SysWOW64\drivers\ATWPKT264.SYS [34520 2014-02-25] (America Online)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2014-09-10] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S3 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 esgiguard; No ImagePath
S3 FileMonitor; No ImagePath
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-27] (Microsoft Corporation) [File not signed]
S3 RegFilter; No ImagePath
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SBRE; No ImagePath
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-06-29] () [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-28] ()
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation) [File not signed]
S0 tljkva; No ImagePath
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-01] (Microsoft Corporation) [File not signed]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 UrlFilter; No ImagePath
R3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-26] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [53248 2013-11-26] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-26] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-26] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [42496 2013-07-03] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2013-11-26] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation) [File not signed]
S3 WriteWatcher; C:\Windows\System32\DRIVERS\WriteWatcher64.sys [16896 2014-02-18] (Windows ® Win 7 DDK provider) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) [File not signed]
S2 X5XSEx_Pr135; No ImagePath
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Users\verna\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S0 eQCOlJeu; System32\drivers\eQCOlJeu.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 mdareDriver_47; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_47.sys [X]
S3 mdareDriver_48; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_48.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
S3 Spring; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Spring64.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 12:53 - 2014-09-12 12:54 - 00037602 _____ () C:\Users\verna\Downloads\FRST.txt
2014-09-12 12:53 - 2014-09-12 12:54 - 00000000 ____D () C:\FRST
2014-09-12 12:52 - 2014-09-12 12:52 - 02105856 _____ (Farbar) C:\Users\verna\Downloads\FRST64.exe
2014-09-11 14:40 - 2014-09-11 14:26 - 00007669 _____ () C:\Users\verna\Documents\dds.zip
2014-09-10 10:38 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 10:38 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 10:38 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 10:38 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 10:38 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 10:38 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 10:38 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 10:38 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 10:38 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 10:38 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 10:38 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 10:38 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 10:38 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 10:38 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 10:38 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 10:38 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 10:38 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 10:38 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 10:38 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 10:38 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 10:38 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 10:38 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 10:38 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 10:38 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 10:38 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 10:38 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 10:38 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 10:38 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 10:38 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 10:38 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 10:38 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 10:38 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 10:38 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 10:38 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 10:38 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 10:38 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 10:38 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 10:38 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 10:38 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 10:38 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 10:38 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 10:38 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 10:38 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 10:38 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 10:38 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 10:38 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 10:38 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 10:38 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 10:38 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 10:38 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 10:38 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 10:38 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 10:38 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 10:38 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 10:38 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 10:38 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 10:31 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 10:31 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 10:30 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 10:30 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 10:30 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 10:30 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 10:30 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 10:30 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 10:30 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 10:30 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 10:30 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 10:30 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 10:30 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 09:18 - 2014-09-10 09:18 - 00000000 ____D () C:\Users\verna\AppData\Roaming\NCH Software
2014-09-10 09:18 - 2014-09-10 09:18 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-10 09:17 - 2014-09-10 09:22 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-09-10 09:17 - 2014-09-10 09:17 - 00589888 _____ (NCH Software) C:\Users\verna\Downloads\prismpsetup.exe
2014-09-10 09:17 - 2014-09-10 09:17 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
2014-09-10 09:17 - 2014-09-10 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-09-10 05:38 - 2014-09-10 05:38 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-09-09 13:08 - 2014-09-09 13:08 - 01067216 _____ (RealNetworks, Inc.) C:\Users\verna\Downloads\RealPlayerCloud.exe
2014-09-09 13:06 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\verna\Documents\Wondershare Video Converter Ultimate
2014-09-09 13:06 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\verna\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-09-09 13:04 - 2014-09-09 13:04 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Wondershare Video Converter Ultimate
2014-09-09 13:03 - 2014-09-09 13:03 - 00000000 ____D () C:\Users\verna\AppData\Local\Wondershare
2014-09-09 13:02 - 2014-09-09 13:07 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-09-09 13:02 - 2014-09-09 13:06 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-09-09 12:52 - 2014-09-09 12:52 - 00000000 ____D () C:\Users\verna\Documents\Any Video Converter
2014-09-09 12:27 - 2014-09-09 12:27 - 58732312 _____ () C:\Users\verna\Downloads\DeskScapes_8.0.exe
2014-09-09 12:25 - 2014-09-09 12:25 - 00755160 _____ () C:\Users\verna\Downloads\deskscapes-setup.exe
2014-09-08 16:59 - 2014-09-08 16:59 - 00002265 _____ () C:\Program Files\INSTALL.LOG
2014-09-08 16:59 - 2010-06-26 17:17 - 00005303 _____ () C:\Program Files\eula.txt
2014-09-08 16:59 - 2010-06-15 13:40 - 00562480 _____ (Stardock) C:\Program Files\DreamMaker.exe
2014-09-08 16:59 - 2010-01-20 10:23 - 00001059 _____ () C:\Program Files\readme.txt
2014-09-08 16:59 - 2009-11-09 17:10 - 00550192 _____ (Stardock) C:\Program Files\Dreammaker.dll
2014-09-08 16:59 - 2001-05-24 13:59 - 00162304 _____ () C:\Program Files\UNWISE.EXE
2014-09-08 06:43 - 2014-09-08 06:44 - 00000000 ____D () C:\Users\verna\AppData\Roaming\HandBrake
2014-09-06 08:22 - 2014-09-11 14:20 - 00008686 _____ () C:\Users\verna\Documents\attach.txt
2014-09-06 08:16 - 2014-09-06 08:15 - 00003251 _____ () C:\Users\verna\Documents\attach.zip
2014-09-06 08:01 - 2014-09-11 14:20 - 00028826 _____ () C:\Users\verna\Documents\DDS.txt
2014-09-06 07:53 - 2014-09-06 07:53 - 00688992 ____R (Swearware) C:\Users\verna\Downloads\dds.com
2014-09-05 20:53 - 2014-09-05 20:53 - 00000000 ____D () C:\ProgramData\GZ
2014-09-05 14:58 - 2014-09-05 14:58 - 00416328 _____ () C:\Windows\Minidump\090514-25662-01.dmp
2014-09-05 14:53 - 2014-09-05 14:53 - 00000968 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk
2014-09-05 14:53 - 2014-09-05 14:53 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-09-05 14:53 - 2014-09-05 14:53 - 00000000 ____D () C:\Program Files (x86)\Viewpoint
2014-09-05 14:52 - 2014-09-05 14:54 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7b
2014-09-05 10:22 - 2014-09-05 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-05 10:22 - 2014-09-05 10:22 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-05 06:23 - 2014-09-05 06:23 - 09526552 _____ () C:\Users\verna\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-09-04 05:46 - 2014-09-04 05:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 14:48 - 2014-09-03 14:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-03 14:47 - 2014-09-03 14:47 - 02347384 _____ (ESET) C:\Users\verna\Downloads\esetsmartinstaller_enu.exe
2014-09-03 14:37 - 2014-09-03 14:40 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:37 - 2014-09-03 14:37 - 01370467 _____ () C:\Users\verna\Downloads\AdwCleaner.exe
2014-09-03 08:59 - 2014-09-03 08:59 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\verna\Downloads\tdsskiller.exe
2014-09-03 08:48 - 2014-09-03 08:48 - 00195651 _____ () C:\ProgramData\1409748307.bdinstall.bin
2014-09-03 08:46 - 2014-09-03 08:46 - 00002174 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-09-03 08:46 - 2014-09-03 08:46 - 00002174 _____ () C:\ProgramData\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-09-03 08:46 - 2014-09-03 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-09-03 08:46 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-09-03 08:46 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-09-03 08:45 - 2014-09-03 08:46 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-03 08:45 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-09-03 08:45 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-09-03 08:42 - 2014-09-03 08:42 - 00045426 _____ () C:\ProgramData\1409748120.bdinstall.bin
2014-09-03 08:42 - 2014-09-03 08:42 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-09-03 07:57 - 2014-09-03 07:57 - 00096062 _____ () C:\ProgramData\1409745386.bdinstall.bin
2014-09-03 07:56 - 2014-09-03 07:56 - 00037823 _____ () C:\ProgramData\1409745385.bdinstall.bin
2014-09-01 13:38 - 2014-09-01 13:38 - 00000000 ____D () C:\BigFishCache
2014-09-01 06:01 - 2010-11-20 08:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll.bak
2014-09-01 05:59 - 2014-06-05 14:00 - 02050560 _____ (xy-VSFilter Team) C:\Windows\system32\VSFilter.dll.bak
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Advanced
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Program Files\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Program Files (x86)\Shark007
2014-09-01 05:58 - 2014-07-22 14:51 - 03502080 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2014-09-01 05:58 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm.new
2014-09-01 05:58 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm
2014-09-01 05:58 - 2013-04-06 00:26 - 01679360 _____ () C:\Windows\SysWOW64\ac3filter.acm.new
2014-09-01 05:58 - 2012-07-21 15:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2014-09-01 05:58 - 2012-07-21 15:54 - 00361472 _____ (fccHandler) C:\Windows\system32\aacacm.acm
2014-09-01 05:58 - 2012-07-17 18:21 - 00206336 _____ () C:\Windows\system32\unrar64.dll
2014-09-01 05:58 - 2009-08-11 21:22 - 00580096 _____ () C:\Windows\system32\ac3filter.acm.old
2014-09-01 05:58 - 2009-01-23 01:51 - 00124909 _____ (Open Source Software community project) C:\Windows\system32\pthreadGC2.dll
2014-09-01 05:56 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Advanced
2014-09-01 05:53 - 2014-09-01 05:53 - 51411389 _____ () C:\Users\verna\Downloads\ADVANCED_Codecs_v474.exe
2014-08-31 08:52 - 2014-08-31 08:52 - 00416328 ___RH () C:\Windows\Minidump\083114-20467-01.dmp
2014-08-31 08:50 - 2014-08-31 08:50 - 00416328 _____ () C:\Windows\Minidump\083114-17097-01.dmp
2014-08-31 08:28 - 2014-08-31 08:30 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7a
2014-08-31 08:24 - 2014-09-05 14:53 - 00002830 ____H () C:\IPH.PH
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-30 10:53 - 2014-08-30 10:53 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\verna\Downloads\revosetup.exe
2014-08-30 10:28 - 2014-08-30 10:30 - 00000000 ____D () C:\Program Files (x86)\PCPitstop
2014-08-30 10:28 - 2014-08-30 10:29 - 00000000 ____D () C:\ProgramData\PCPitstop
2014-08-30 08:31 - 2014-08-30 08:32 - 00416328 _____ () C:\Windows\Minidump\083014-77704-01.dmp
2014-08-29 05:49 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 05:49 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 05:49 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 07:22 - 2014-08-28 07:22 - 00197878 _____ () C:\ProgramData\1409224797.bdinstall.bin
2014-08-28 07:19 - 2014-08-28 07:19 - 10447328 _____ () C:\Users\verna\Downloads\Antivirus_Free_Edition_x64.exe
2014-08-28 07:18 - 2014-08-28 07:18 - 00162208 _____ () C:\Users\verna\Downloads\Antivirus_Free_Edition.exe
2014-08-27 15:45 - 2014-08-27 15:50 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-24 11:25 - 2014-08-24 11:25 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Boot Genius
2014-08-24 11:25 - 2014-08-24 11:25 - 00000000 ____D () C:\Program Files (x86)\Windows Boot Genius
2014-08-24 10:46 - 2014-08-24 10:47 - 00000000 ____D () C:\Users\verna\Downloads\WinDlg_v1_27
2014-08-24 09:57 - 2014-09-04 16:53 - 00002960 _____ () C:\Windows\System32\Tasks\{CE155773-BFE0-4954-A811-E85FA6D177F2}
2014-08-24 06:32 - 2014-09-05 14:53 - 00000000 ____D () C:\Users\verna\AppData\Roaming\AOL
2014-08-24 06:31 - 2014-09-05 14:53 - 00000000 ____D () C:\Users\verna\AppData\Local\AOL
2014-08-24 06:31 - 2014-09-05 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
2014-08-24 06:31 - 2014-09-05 14:52 - 00000000 ____D () C:\ProgramData\AOL
2014-08-24 06:31 - 2014-08-24 06:42 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7
2014-08-24 06:31 - 2014-08-24 06:31 - 00000000 ____D () C:\ProgramData\AOL OCP
2014-08-24 06:31 - 2014-08-24 06:31 - 00000000 ____D () C:\Program Files (x86)\AOL
2014-08-24 06:30 - 2014-08-24 06:40 - 00000196 _____ () C:\Windows\Tasks\RunAsStdUser Task.job
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\Users\verna\AppData\Roaming\KSafe
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\ProgramData\KSafe
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\Program Files (x86)\MaxUtilities
2014-08-24 05:43 - 2014-09-04 16:52 - 00002960 _____ () C:\Windows\System32\Tasks\{DB9356B6-B057-4F59-A8DD-2F4FFE8CC51E}
2014-08-23 15:23 - 2014-08-23 15:23 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\Users\verna\AppData\Local\TaskManager
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Extended Task Manager
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\Program Files\Free Extended Task Manager
2014-08-22 15:46 - 2014-08-22 15:46 - 11714981 _____ (Extensoft) C:\Users\verna\Downloads\FreeTaskManager.exe
2014-08-22 15:30 - 2014-09-04 16:56 - 00002956 _____ () C:\Windows\System32\Tasks\{75F9459A-5A80-48A3-A05A-5DA5971760BB}
2014-08-22 15:03 - 2014-08-22 15:00 - 00001146 _____ () C:\Users\verna\Documents\Rename.bat - Shortcut.lnk
2014-08-22 14:58 - 2014-08-22 14:58 - 00000109 _____ () C:\Users\verna\Documents\Rename.bat
2014-08-20 11:38 - 2014-08-30 10:34 - 00000000 ____D () C:\Program Files\WhoCrashed
2014-08-20 11:38 - 2014-08-20 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2014-08-20 10:42 - 2014-08-20 10:42 - 00398408 _____ () C:\Users\verna\Downloads\VzSpeedOptimizer100.exe
2014-08-20 10:12 - 2014-08-20 10:12 - 02707808 _____ (Resplendence Software Projects Sp. ) C:\Users\verna\Downloads\whocrashedSetup.exe
2014-08-19 11:37 - 2014-09-05 05:57 - 00000464 _____ () C:\Windows\Tasks\SlimDrivers Scan.job
2014-08-19 11:37 - 2014-09-04 16:51 - 00003336 _____ () C:\Windows\System32\Tasks\SlimDrivers Scan
2014-08-19 08:24 - 2014-08-19 08:24 - 00001929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00001248 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000961 _____ () C:\Users\Public\Desktop\Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000961 _____ () C:\ProgramData\Desktop\Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000231 _____ () C:\Users\Public\Desktop\More Great Games.url
2014-08-19 08:24 - 2014-08-19 08:24 - 00000231 _____ () C:\ProgramData\Desktop\More Great Games.url
2014-08-19 08:24 - 2014-08-19 08:24 - 00000000 ____D () C:\Program Files (x86)\bfgclient
2014-08-19 08:22 - 2014-08-19 08:22 - 34483264 _____ (Big Fish Games) C:\Users\verna\Downloads\bfginstaller32_s1_l1.exe
2014-08-19 05:51 - 2014-08-19 05:51 - 00000000 ____D () C:\Program Files\Intel
2014-08-19 05:38 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 05:38 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-19 05:38 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 05:38 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 05:38 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 05:38 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 05:38 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 05:38 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 05:38 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-18 11:53 - 2014-08-28 06:30 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-18 11:53 - 2014-08-18 11:53 - 00000000 ____D () C:\Users\verna\AppData\Local\SlimWare Utilities Inc
2014-08-18 11:51 - 2014-08-18 11:51 - 00940352 _____ (SlimWare Utilities, Inc.) C:\Users\verna\Downloads\SlimDrivers-setup.exe
2014-08-18 06:38 - 2014-08-18 06:38 - 00000000 ____D () C:\Users\verna\SystemRequirementsLab
2014-08-18 06:33 - 2014-08-18 11:44 - 00000000 ____D () C:\Intel
2014-08-16 10:48 - 2014-09-11 14:56 - 00002355 _____ () C:\Users\verna\Documents\BlueScreenView.exe - Shortcut.lnk
2014-08-14 16:01 - 2014-07-12 10:58 - 00000562 _____ () C:\Users\verna\Documents\Reset_Gadgets.bat
2014-08-14 12:48 - 2014-09-01 07:41 - 00001794 _____ () C:\Users\verna\Documents\JRT.txt
2014-08-14 12:37 - 2014-08-14 12:37 - 00000000 ____D () C:\Windows\ERUNT
2014-08-14 12:36 - 2014-08-14 12:36 - 01016261 _____ (Thisisu) C:\Users\verna\Downloads\JRT.exe
2014-08-13 14:35 - 2014-08-13 14:35 - 00014259 _____ () C:\Users\verna\Documents\speccy.speccy
2014-08-13 14:34 - 2014-08-13 14:34 - 00000000 ____D () C:\Program Files\Speccy
2014-08-13 14:30 - 2014-09-03 08:58 - 00017031 _____ () C:\Users\verna\Downloads\Result.txt
2014-08-13 14:29 - 2014-08-13 14:29 - 00401920 _____ (Farbar) C:\Users\verna\Downloads\MiniToolBox.exe
2014-08-13 06:38 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 06:38 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 06:38 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 06:38 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 06:38 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 06:38 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 06:38 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 06:38 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 06:37 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 06:37 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 06:37 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 06:37 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 06:37 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 06:37 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 06:37 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 06:37 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 06:37 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 06:37 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 06:37 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 06:37 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 06:36 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 06:36 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 06:36 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 06:36 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 06:36 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 06:36 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 06:36 - 2014-07-08 22:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 06:36 - 2014-07-08 18:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 06:36 - 2014-07-08 18:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 12:54 - 2014-09-12 12:53 - 00037602 _____ () C:\Users\verna\Downloads\FRST.txt
2014-09-12 12:54 - 2014-09-12 12:53 - 00000000 ____D () C:\FRST
2014-09-12 12:52 - 2014-09-12 12:52 - 02105856 _____ (Farbar) C:\Users\verna\Downloads\FRST64.exe
2014-09-12 10:06 - 2014-05-06 15:35 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-09-12 07:00 - 2014-07-02 05:43 - 02004411 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 05:37 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-12 05:37 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-12 05:36 - 2009-07-14 01:13 - 00006684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-12 05:32 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-12 05:31 - 2014-07-31 05:30 - 00006664 _____ () C:\Windows\setupact.log
2014-09-11 17:47 - 2011-04-26 07:48 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-11 16:14 - 2014-06-18 05:30 - 00003342 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-11 16:13 - 2014-06-20 13:16 - 00003208 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-11 16:13 - 2014-06-10 05:31 - 00003364 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-11 16:13 - 2014-06-07 11:10 - 00003230 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-11 14:56 - 2014-08-16 10:48 - 00002355 _____ () C:\Users\verna\Documents\BlueScreenView.exe - Shortcut.lnk
2014-09-11 14:26 - 2014-09-11 14:40 - 00007669 _____ () C:\Users\verna\Documents\dds.zip
2014-09-11 14:20 - 2014-09-06 08:22 - 00008686 _____ () C:\Users\verna\Documents\attach.txt
2014-09-11 14:20 - 2014-09-06 08:01 - 00028826 _____ () C:\Users\verna\Documents\DDS.txt
2014-09-10 16:21 - 2012-07-02 06:35 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-09-10 10:35 - 2013-07-12 05:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 10:32 - 2011-04-29 07:08 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 10:31 - 2014-04-23 06:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 09:22 - 2014-09-10 09:17 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-09-10 09:18 - 2014-09-10 09:18 - 00000000 ____D () C:\Users\verna\AppData\Roaming\NCH Software
2014-09-10 09:18 - 2014-09-10 09:18 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-10 09:17 - 2014-09-10 09:17 - 00589888 _____ (NCH Software) C:\Users\verna\Downloads\prismpsetup.exe
2014-09-10 09:17 - 2014-09-10 09:17 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
2014-09-10 09:17 - 2014-09-10 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-09-10 09:13 - 2012-01-10 14:57 - 00012288 _____ () C:\Users\verna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-10 05:38 - 2014-09-10 05:38 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-09-09 15:19 - 2014-07-16 10:57 - 00000000 ____D () C:\Users\verna\AppData\Local\CrashDumps
2014-09-09 13:22 - 2012-03-13 09:28 - 00000000 ____D () C:\Users\verna\AppData\Roaming\RealNetworks
2014-09-09 13:22 - 2012-01-16 17:13 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Real
2014-09-09 13:22 - 2012-01-16 17:13 - 00000000 ____D () C:\ProgramData\Real
2014-09-09 13:22 - 2012-01-16 17:13 - 00000000 ____D () C:\Program Files (x86)\Real
2014-09-09 13:08 - 2014-09-09 13:08 - 01067216 _____ (RealNetworks, Inc.) C:\Users\verna\Downloads\RealPlayerCloud.exe
2014-09-09 13:07 - 2014-09-09 13:02 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-09-09 13:06 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\verna\Documents\Wondershare Video Converter Ultimate
2014-09-09 13:06 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\verna\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-09-09 13:06 - 2014-09-09 13:02 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-09-09 13:04 - 2014-09-09 13:04 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Wondershare Video Converter Ultimate
2014-09-09 13:03 - 2014-09-09 13:03 - 00000000 ____D () C:\Users\verna\AppData\Local\Wondershare
2014-09-09 12:52 - 2014-09-09 12:52 - 00000000 ____D () C:\Users\verna\Documents\Any Video Converter
2014-09-09 12:52 - 2012-10-07 10:48 - 00000000 ____D () C:\Users\verna\AppData\Roaming\AnvSoft
2014-09-09 12:28 - 2011-06-14 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-09-09 12:27 - 2014-09-09 12:27 - 58732312 _____ () C:\Users\verna\Downloads\DeskScapes_8.0.exe
2014-09-09 12:25 - 2014-09-09 12:25 - 00755160 _____ () C:\Users\verna\Downloads\deskscapes-setup.exe
2014-09-08 16:59 - 2014-09-08 16:59 - 00002265 _____ () C:\Program Files\INSTALL.LOG
2014-09-08 06:44 - 2014-09-08 06:43 - 00000000 ____D () C:\Users\verna\AppData\Roaming\HandBrake
2014-09-06 12:26 - 2014-07-29 13:01 - 00083528 _____ () C:\Users\verna\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-06 08:15 - 2014-09-06 08:16 - 00003251 _____ () C:\Users\verna\Documents\attach.zip
2014-09-06 07:53 - 2014-09-06 07:53 - 00688992 ____R (Swearware) C:\Users\verna\Downloads\dds.com
2014-09-05 20:53 - 2014-09-05 20:53 - 00000000 ____D () C:\ProgramData\GZ
2014-09-05 14:58 - 2014-09-05 14:58 - 00416328 _____ () C:\Windows\Minidump\090514-25662-01.dmp
2014-09-05 14:58 - 2011-08-15 16:06 - 00000000 ____D () C:\Windows\minidump
2014-09-05 14:57 - 2014-08-01 10:27 - 478861833 _____ () C:\Windows\MEMORY.DMP
2014-09-05 14:57 - 2014-07-31 05:29 - 00168244 _____ () C:\Windows\PFRO.log
2014-09-05 14:54 - 2014-09-05 14:52 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7b
2014-09-05 14:53 - 2014-09-05 14:53 - 00000968 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk
2014-09-05 14:53 - 2014-09-05 14:53 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-09-05 14:53 - 2014-09-05 14:53 - 00000000 ____D () C:\Program Files (x86)\Viewpoint
2014-09-05 14:53 - 2014-08-31 08:24 - 00002830 ____H () C:\IPH.PH
2014-09-05 14:53 - 2014-08-24 06:32 - 00000000 ____D () C:\Users\verna\AppData\Roaming\AOL
2014-09-05 14:53 - 2014-08-24 06:31 - 00000000 ____D () C:\Users\verna\AppData\Local\AOL
2014-09-05 14:53 - 2014-08-24 06:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
2014-09-05 14:53 - 2014-07-18 09:41 - 00544897 _____ () C:\install.log
2014-09-05 14:52 - 2014-08-24 06:31 - 00000000 ____D () C:\ProgramData\AOL
2014-09-05 14:51 - 2011-04-25 19:28 - 00058696 _____ (AOL Inc.) C:\Windows\SysWOW64\AOLParconLink.exe
2014-09-05 13:44 - 2011-04-26 10:53 - 00000000 ____D () C:\Windows\pss
2014-09-05 11:19 - 2014-07-29 09:50 - 00367056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-05 11:15 - 2009-07-13 22:34 - 00000633 _____ () C:\Windows\win.ini
2014-09-05 11:07 - 2011-07-20 08:18 - 00006684 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-05 10:55 - 2009-07-14 01:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-05 10:22 - 2014-09-05 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-05 10:22 - 2014-09-05 10:22 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-05 06:23 - 2014-09-05 06:23 - 09526552 _____ () C:\Users\verna\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-09-05 05:57 - 2014-08-19 11:37 - 00000464 _____ () C:\Windows\Tasks\SlimDrivers Scan.job
2014-09-04 22:10 - 2014-09-10 10:30 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 22:05 - 2014-09-10 10:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 17:00 - 2013-06-23 09:35 - 00002942 _____ () C:\Windows\System32\Tasks\{11FEC0CA-C38F-456F-9CC4-8E8476601AAF}
2014-09-04 17:00 - 2013-06-15 06:35 - 00003398 _____ () C:\Windows\System32\Tasks\RunAsStdUser Task
2014-09-04 17:00 - 2012-02-14 09:40 - 00002942 _____ () C:\Windows\System32\Tasks\{036603A4-23A9-48FB-A39F-78B7CEA5FABF}
2014-09-04 16:59 - 2012-04-08 10:10 - 00002942 _____ () C:\Windows\System32\Tasks\{267ADEEB-48AE-43B1-A35B-706D1693D013}
2014-09-04 16:59 - 2012-02-20 14:59 - 00002942 _____ () C:\Windows\System32\Tasks\{345F7CC0-4165-425B-88FC-CAA54522774F}
2014-09-04 16:59 - 2012-02-14 09:24 - 00002942 _____ () C:\Windows\System32\Tasks\{39C81FAE-43B3-4A08-9B73-93CBF1FFB607}
2014-09-04 16:59 - 2012-02-14 09:22 - 00002942 _____ () C:\Windows\System32\Tasks\{1B34E1BF-F254-4C86-AF0C-65C4E2D71EEE}
2014-09-04 16:58 - 2014-08-08 07:31 - 00002962 _____ () C:\Windows\System32\Tasks\{49BE6B19-4CAC-4A1A-9D8C-26054E5383E3}
2014-09-04 16:58 - 2012-04-08 10:09 - 00002942 _____ () C:\Windows\System32\Tasks\{4402D029-6030-4BCD-B350-D5B27CF069C5}
2014-09-04 16:57 - 2014-08-08 16:08 - 00002962 _____ () C:\Windows\System32\Tasks\{56019EA8-16A4-48D6-9084-8C32D48A9DFF}
2014-09-04 16:57 - 2012-04-08 10:09 - 00002942 _____ () C:\Windows\System32\Tasks\{5205966C-5B24-435E-AAD2-18D8348A2B62}
2014-09-04 16:57 - 2012-02-19 07:15 - 00002950 _____ () C:\Windows\System32\Tasks\{53EE031D-08D1-4199-B9F4-689CAA4DCF23}
2014-09-04 16:56 - 2014-08-22 15:30 - 00002956 _____ () C:\Windows\System32\Tasks\{75F9459A-5A80-48A3-A05A-5DA5971760BB}
2014-09-04 16:56 - 2012-04-08 10:07 - 00002942 _____ () C:\Windows\System32\Tasks\{5BE57F62-597B-4317-A307-755A6FA63E92}
2014-09-04 16:55 - 2014-08-08 16:13 - 00002962 _____ () C:\Windows\System32\Tasks\{958370D3-DDCD-471E-B392-2A03E90F7A05}
2014-09-04 16:55 - 2012-09-02 10:04 - 00002960 _____ () C:\Windows\System32\Tasks\{7746BA6F-BE92-4773-8C7A-C4B61675166A}
2014-09-04 16:55 - 2012-02-20 15:00 - 00002942 _____ () C:\Windows\System32\Tasks\{991E9DA0-A52E-4463-853D-DD3D77B125A4}
2014-09-04 16:55 - 2012-02-19 07:16 - 00002950 _____ () C:\Windows\System32\Tasks\{7D46843A-B61E-4F4E-8D04-37B43EA1F4E2}
2014-09-04 16:55 - 2012-02-14 09:31 - 00002942 _____ () C:\Windows\System32\Tasks\{985DFBEB-F060-437A-A070-09049DA0B28B}
2014-09-04 16:54 - 2011-12-29 20:08 - 00002968 _____ () C:\Windows\System32\Tasks\{B69A720A-867C-436F-9A2F-262507D4E26C}
2014-09-04 16:54 - 2011-08-10 17:27 - 00002960 _____ () C:\Windows\System32\Tasks\{AE0699A5-68AC-4B86-B150-850370502F6D}
2014-09-04 16:54 - 2011-05-19 09:11 - 00002968 _____ () C:\Windows\System32\Tasks\{BD748774-EACD-4293-B092-A880C0DAD27C}
2014-09-04 16:53 - 2014-08-24 09:57 - 00002960 _____ () C:\Windows\System32\Tasks\{CE155773-BFE0-4954-A811-E85FA6D177F2}
2014-09-04 16:53 - 2013-11-30 14:35 - 00002934 _____ () C:\Windows\System32\Tasks\{CEDD825F-1E59-4C38-B163-910F492AB49D}
2014-09-04 16:53 - 2012-02-22 11:45 - 00002942 _____ () C:\Windows\System32\Tasks\{DAE14204-A17A-4C82-B952-365EBC4B7639}
2014-09-04 16:53 - 2012-02-20 14:59 - 00002942 _____ () C:\Windows\System32\Tasks\{C60FF8A8-F0B7-4038-ABC7-D48C71B5238A}
2014-09-04 16:53 - 2012-02-14 09:25 - 00002942 _____ () C:\Windows\System32\Tasks\{C8CEF682-708D-400C-82D2-C21FF58EFA57}
2014-09-04 16:52 - 2014-08-24 05:43 - 00002960 _____ () C:\Windows\System32\Tasks\{DB9356B6-B057-4F59-A8DD-2F4FFE8CC51E}
2014-09-04 16:52 - 2011-08-10 17:26 - 00002960 _____ () C:\Windows\System32\Tasks\{EC511D6D-B2AD-44E0-8808-76930E76B7A4}
2014-09-04 16:51 - 2014-08-19 11:37 - 00003336 _____ () C:\Windows\System32\Tasks\SlimDrivers Scan
2014-09-04 16:51 - 2013-11-30 14:35 - 00002934 _____ () C:\Windows\System32\Tasks\{FF3E44AC-5946-4318-A08B-312F0E56567B}
2014-09-04 16:50 - 2014-03-26 16:15 - 00003550 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-09-04 16:50 - 2012-12-02 17:02 - 00003342 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-04 05:46 - 2014-09-04 05:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 16:21 - 2010-12-16 01:39 - 00000000 ____D () C:\Temp
2014-09-03 14:48 - 2014-09-03 14:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-03 14:47 - 2014-09-03 14:47 - 02347384 _____ (ESET) C:\Users\verna\Downloads\esetsmartinstaller_enu.exe
2014-09-03 14:40 - 2014-09-03 14:37 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:37 - 2014-09-03 14:37 - 01370467 _____ () C:\Users\verna\Downloads\AdwCleaner.exe
2014-09-03 08:59 - 2014-09-03 08:59 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\verna\Downloads\tdsskiller.exe
2014-09-03 08:58 - 2014-08-13 14:30 - 00017031 _____ () C:\Users\verna\Downloads\Result.txt
2014-09-03 08:48 - 2014-09-03 08:48 - 00195651 _____ () C:\ProgramData\1409748307.bdinstall.bin
2014-09-03 08:46 - 2014-09-03 08:46 - 00002174 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-09-03 08:46 - 2014-09-03 08:46 - 00002174 _____ () C:\ProgramData\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-09-03 08:46 - 2014-09-03 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-09-03 08:46 - 2014-09-03 08:45 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-03 08:45 - 2013-05-10 05:59 - 00000000 ____D () C:\Users\verna\AppData\Roaming\QuickScan
2014-09-03 08:42 - 2014-09-03 08:42 - 00045426 _____ () C:\ProgramData\1409748120.bdinstall.bin
2014-09-03 08:42 - 2014-09-03 08:42 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-09-03 07:57 - 2014-09-03 07:57 - 00096062 _____ () C:\ProgramData\1409745386.bdinstall.bin
2014-09-03 07:56 - 2014-09-03 07:56 - 00037823 _____ () C:\ProgramData\1409745385.bdinstall.bin
2014-09-01 13:38 - 2014-09-01 13:38 - 00000000 ____D () C:\BigFishCache
2014-09-01 07:41 - 2014-08-14 12:48 - 00001794 _____ () C:\Users\verna\Documents\JRT.txt
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Advanced
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Program Files\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Program Files (x86)\Shark007
2014-09-01 05:58 - 2014-09-01 05:56 - 00000000 ____D () C:\ProgramData\Advanced
2014-09-01 05:58 - 2012-01-11 08:02 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-01 05:53 - 2014-09-01 05:53 - 51411389 _____ () C:\Users\verna\Downloads\ADVANCED_Codecs_v474.exe
2014-08-31 08:52 - 2014-08-31 08:52 - 00416328 ___RH () C:\Windows\Minidump\083114-20467-01.dmp
2014-08-31 08:50 - 2014-08-31 08:50 - 00416328 _____ () C:\Windows\Minidump\083114-17097-01.dmp
2014-08-31 08:30 - 2014-08-31 08:28 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7a
2014-08-31 08:07 - 2013-08-24 08:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-30 10:53 - 2014-08-30 10:53 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\verna\Downloads\revosetup.exe
2014-08-30 10:34 - 2014-08-20 11:38 - 00000000 ____D () C:\Program Files\WhoCrashed
2014-08-30 10:30 - 2014-08-30 10:28 - 00000000 ____D () C:\Program Files (x86)\PCPitstop
2014-08-30 10:29 - 2014-08-30 10:28 - 00000000 ____D () C:\ProgramData\PCPitstop
2014-08-30 09:20 - 2012-03-14 05:48 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-08-30 08:32 - 2014-08-30 08:31 - 00416328 _____ () C:\Windows\Minidump\083014-77704-01.dmp
2014-08-29 10:16 - 2013-12-16 22:38 - 01521024 _____ (MPC-BE Team) C:\Windows\system32\VSFilter.dll
2014-08-28 16:20 - 2014-06-23 15:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 07:22 - 2014-08-28 07:22 - 00197878 _____ () C:\ProgramData\1409224797.bdinstall.bin
2014-08-28 07:19 - 2014-08-28 07:19 - 10447328 _____ () C:\Users\verna\Downloads\Antivirus_Free_Edition_x64.exe
2014-08-28 07:18 - 2014-08-28 07:18 - 00162208 _____ () C:\Users\verna\Downloads\Antivirus_Free_Edition.exe
2014-08-28 06:30 - 2014-08-18 11:53 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-27 15:50 - 2014-08-27 15:45 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-26 06:35 - 2012-03-31 13:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-26 06:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-26 06:32 - 2011-09-09 17:00 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-08-25 06:53 - 2011-04-25 19:09 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-24 11:25 - 2014-08-24 11:25 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Boot Genius
2014-08-24 11:25 - 2014-08-24 11:25 - 00000000 ____D () C:\Program Files (x86)\Windows Boot Genius
2014-08-24 10:47 - 2014-08-24 10:46 - 00000000 ____D () C:\Users\verna\Downloads\WinDlg_v1_27
2014-08-24 06:42 - 2014-08-24 06:31 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7
2014-08-24 06:40 - 2014-08-24 06:30 - 00000196 _____ () C:\Windows\Tasks\RunAsStdUser Task.job
2014-08-24 06:31 - 2014-08-24 06:31 - 00000000 ____D () C:\ProgramData\AOL OCP
2014-08-24 06:31 - 2014-08-24 06:31 - 00000000 ____D () C:\Program Files (x86)\AOL
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\Users\verna\AppData\Roaming\KSafe
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\ProgramData\KSafe
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\Program Files (x86)\MaxUtilities
2014-08-23 15:57 - 2012-01-18 11:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-23 15:23 - 2014-08-23 15:23 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-08-23 15:23 - 2011-07-04 09:03 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-08-22 22:07 - 2014-08-29 05:49 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-08-29 05:49 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 20:59 - 2014-08-29 05:49 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\Users\verna\AppData\Local\TaskManager
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Extended Task Manager
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\Program Files\Free Extended Task Manager
2014-08-22 15:46 - 2014-08-22 15:46 - 11714981 _____ (Extensoft) C:\Users\verna\Downloads\FreeTaskManager.exe
2014-08-22 15:00 - 2014-08-22 15:03 - 00001146 _____ () C:\Users\verna\Documents\Rename.bat - Shortcut.lnk
2014-08-22 14:58 - 2014-08-22 14:58 - 00000109 _____ () C:\Users\verna\Documents\Rename.bat
2014-08-20 11:38 - 2014-08-20 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2014-08-20 10:42 - 2014-08-20 10:42 - 00398408 _____ () C:\Users\verna\Downloads\VzSpeedOptimizer100.exe
2014-08-20 10:12 - 2014-08-20 10:12 - 02707808 _____ (Resplendence Software Projects Sp. ) C:\Users\verna\Downloads\whocrashedSetup.exe
2014-08-19 14:05 - 2014-09-10 10:38 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 13:39 - 2014-09-10 10:38 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 08:24 - 2014-08-19 08:24 - 00001929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00001248 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000961 _____ () C:\Users\Public\Desktop\Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000961 _____ () C:\ProgramData\Desktop\Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000231 _____ () C:\Users\Public\Desktop\More Great Games.url
2014-08-19 08:24 - 2014-08-19 08:24 - 00000231 _____ () C:\ProgramData\Desktop\More Great Games.url
2014-08-19 08:24 - 2014-08-19 08:24 - 00000000 ____D () C:\Program Files (x86)\bfgclient
2014-08-19 08:22 - 2014-08-19 08:22 - 34483264 _____ (Big Fish Games) C:\Users\verna\Downloads\bfginstaller32_s1_l1.exe
2014-08-19 05:51 - 2014-08-19 05:51 - 00000000 ____D () C:\Program Files\Intel
2014-08-19 05:51 - 2013-03-03 18:15 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 05:40 - 2011-12-07 06:58 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-08-18 19:01 - 2014-09-10 10:38 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-18 18:29 - 2014-09-10 10:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 18:29 - 2014-09-10 10:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 18:26 - 2014-09-10 10:38 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-18 18:20 - 2014-09-10 10:38 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 18:19 - 2014-09-10 10:38 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 18:15 - 2014-09-10 10:38 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 18:15 - 2014-09-10 10:38 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 18:14 - 2014-09-10 10:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 18:14 - 2014-09-10 10:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 18:08 - 2014-09-10 10:38 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-18 18:08 - 2014-09-10 10:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 18:08 - 2014-09-10 10:38 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 18:05 - 2014-09-10 10:38 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 18:03 - 2014-09-10 10:38 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 18:03 - 2014-09-10 10:38 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 18:03 - 2014-09-10 10:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 17:57 - 2014-09-10 10:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 17:56 - 2014-09-10 10:38 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 17:51 - 2014-09-10 10:38 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 17:46 - 2014-09-10 10:38 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 17:45 - 2014-09-10 10:38 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 17:45 - 2014-09-10 10:38 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 17:44 - 2014-09-10 10:38 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 17:44 - 2014-09-10 10:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 17:42 - 2014-09-10 10:38 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 17:40 - 2014-09-10 10:38 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 17:39 - 2014-09-10 10:38 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 17:39 - 2014-09-10 10:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 17:39 - 2014-09-10 10:38 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 17:38 - 2014-09-10 10:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 17:37 - 2014-09-10 10:38 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 17:36 - 2014-09-10 10:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 17:35 - 2014-09-10 10:38 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 17:27 - 2014-09-10 10:38 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 17:25 - 2014-09-10 10:38 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 17:25 - 2014-09-10 10:38 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 17:23 - 2014-09-10 10:38 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 17:23 - 2014-09-10 10:38 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 17:22 - 2014-09-10 10:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 17:19 - 2014-09-10 10:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 17:17 - 2014-09-10 10:38 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 17:17 - 2014-09-10 10:38 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 17:16 - 2014-09-10 10:38 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 17:15 - 2014-09-10 10:38 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 17:15 - 2014-09-10 10:38 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 17:09 - 2014-09-10 10:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 17:08 - 2014-09-10 10:38 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 17:07 - 2014-09-10 10:38 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 16:55 - 2014-09-10 10:38 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 16:46 - 2014-09-10 10:38 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 16:38 - 2014-09-10 10:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 16:38 - 2014-09-10 10:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 16:36 - 2014-09-10 10:38 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-18 11:53 - 2014-08-18 11:53 - 00000000 ____D () C:\Users\verna\AppData\Local\SlimWare Utilities Inc
2014-08-18 11:53 - 2012-03-03 09:14 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-18 11:53 - 2012-03-03 09:14 - 00000000 ____D () C:\ProgramData\Documents\Downloaded Installers
2014-08-18 11:51 - 2014-08-18 11:51 - 00940352 _____ (SlimWare Utilities, Inc.) C:\Users\verna\Downloads\SlimDrivers-setup.exe
2014-08-18 11:44 - 2014-08-18 06:33 - 00000000 ____D () C:\Intel
2014-08-18 06:38 - 2014-08-18 06:38 - 00000000 ____D () C:\Users\verna\SystemRequirementsLab
2014-08-18 06:38 - 2011-04-25 19:36 - 00000000 ____D () C:\Users\verna
2014-08-18 06:33 - 2011-06-12 09:15 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-14 16:03 - 2011-10-19 06:50 - 00003234 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-08-14 12:37 - 2014-08-14 12:37 - 00000000 ____D () C:\Windows\ERUNT
2014-08-14 12:36 - 2014-08-14 12:36 - 01016261 _____ (Thisisu) C:\Users\verna\Downloads\JRT.exe
2014-08-14 06:42 - 2012-03-31 06:24 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 06:42 - 2011-09-08 18:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-13 14:35 - 2014-08-13 14:35 - 00014259 _____ () C:\Users\verna\Documents\speccy.speccy
2014-08-13 14:34 - 2014-08-13 14:34 - 00000000 ____D () C:\Program Files\Speccy
2014-08-13 14:29 - 2014-08-13 14:29 - 00401920 _____ (Farbar) C:\Users\verna\Downloads\MiniToolBox.exe
2014-08-13 06:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

Files to move or delete:
====================
C:\Users\verna\DTSGFXAPO64.dll


Some content of TEMP:
====================
C:\Users\verna\AppData\Local\Temp\AcsInstall.dll
C:\Users\verna\AppData\Local\Temp\aol-desktop.exe
C:\Users\verna\AppData\Local\Temp\bitool.dll
C:\Users\verna\AppData\Local\Temp\BullGuard Internet Security Setup.exe
C:\Users\verna\AppData\Local\Temp\ffmpeg19.exe
C:\Users\verna\AppData\Local\Temp\instSup.dll
C:\Users\verna\AppData\Local\Temp\jilst5pf.dll
C:\Users\verna\AppData\Local\Temp\lowproc.exe
C:\Users\verna\AppData\Local\Temp\npp.6.6.8.Installer.exe
C:\Users\verna\AppData\Local\Temp\Quarantine.exe
C:\Users\verna\AppData\Local\Temp\SAS6_Update.exe
C:\Users\verna\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\verna\AppData\Local\Temp\stubhelper.dll
C:\Users\verna\AppData\Local\Temp\wget.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-11-14 18:21

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by verna at 2014-09-12 12:55:05
Running from C:\Users\verna\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{6E3D4FFE-9614-4E58-9DE2-F9A036EAD491}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cortona3D Viewer (HKLM-x32\...\{DEACDFFA-D424-416F-B849-FA282F55B2CE}) (Version: 7.0.188 - ParallelGraphics)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.3 - Dell Inc.)
DreamMaker (HKLM-x32\...\DreamMaker) (Version:  - )
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON NX410 Series Printer Uninstall (HKLM\...\EPSON NX410 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
f.lux (HKCU\...\Flux) (Version:  - )
Fishdom (HKLM-x32\...\Fishdom) (Version:  - Pogo.com)
Free Extended Task Manager (HKLM\...\Free Extended Task Manager) (Version: 1.0.0.46 - Extensoft)
Garmin Express (HKLM-x32\...\{aece03a3-686f-4b3c-9931-9dafb71829b7}) (Version: 3.2.9.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Gold Miner Vegas (HKLM-x32\...\BFG-Gold Miner Vegas) (Version:  - )
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
Governor of Poker 2 (HKLM-x32\...\BFG-Governor of Poker 2) (Version:  - )
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Hauppauge TV Tuner Diagnostics (1.2.7076) (HKLM-x32\...\Hauppauge TV Tuner Diagnostics) (Version: 1.2.7076 - Hauppauge Computer Works, Inc.)
HCW85 Driver Installer (x32 Version: 2.1.27205 - Hauppauge Computer Works) Hidden
IHA_MessageCenter (HKLM-x32\...\{834265C4-CDF4-44D3-BD24-31531617EFB8}) (Version: 1.8.70 - Verizon)
Intel® Chipset Device Software (Version: 10.0.13 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version:  - Daniel Rebelo)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MDL Chime/Chime Pro for Internet Explorer (HKLM-x32\...\MDL Chime/Chime Pro for Internet Explorer) (Version:  - )
MFC RunTime files x64 (Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2011.0627 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL LLC) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
OpenDNS Updater 2.2.1 (HKLM-x32\...\OpenDNS Updater) (Version: 2.2.1 - )
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Panda Antivirus Pro 2014 (x32 Version: 13.01.01 - Panda Security) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.212.0 - Tracker Software Products Ltd)
PDF-XChange Lite 2012 (HKLM\...\{25CFCE3C-5C95-49CB-B63A-E2861E6C0C98}_is1) (Version: 5.0.271.0 - Tracker Software Products Ltd)
PeaZip 5.3.1 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pogo Games (HKLM-x32\...\PogoDGC) (Version: 1.0 - ) <==== ATTENTION
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.18 - NCH Software)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Redist (HKLM-x32\...\{0F052922-4BCE-4763-A540-00857554336D}) (Version: 3.00.0000 - Verizon)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Season Match 2 (HKLM-x32\...\Season Match 2) (Version:  - Pogo.com)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.7.4 - Shark007)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Stardock DeskScapes 8 (HKLM-x32\...\Stardock DeskScapes 8) (Version: 8.00 - Stardock Software, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TechGenie (Version: 1.0.0 - iYogi) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.8.9 - Tweaking.com)
Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - InstallX, LLC) <==== ATTENTION
Uninstall Helper (x32 Version: 2.0.1.0 - InstallX, LLC) Hidden <==== ATTENTION
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
VS10Runtimex64 (Version: 1.0.0 - sourcefire) Hidden
Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.63.0 - Verizon)
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows Boot Genius  (HKLM-x32\...\Windows Boot Genius) (Version:  - Tenorshare, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)
x64 Components v4.7.4 (HKLM\...\Advanced x64Components_is1) (Version: 4.7.4 - Shark007)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4004325891-3694787017-876815027-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\verna\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4004325891-3694787017-876815027-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004325891-3694787017-876815027-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004325891-3694787017-876815027-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004325891-3694787017-876815027-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\verna\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4004325891-3694787017-876815027-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4004325891-3694787017-876815027-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\verna\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

26-08-2014 10:31:44 Removed Realtek Ethernet Controller All-In-One Windows Driver
26-08-2014 14:03:32 Windows Modules Installer
28-08-2014 10:46:44 Windows Update
29-08-2014 15:18:37 Windows Update
30-08-2014 14:55:04 Revo Uninstaller's restore point - AOL Uninstaller (Choose which Products to Remove)
01-09-2014 09:57:36 Installed Shark007 Advanced Codecs.
05-09-2014 14:58:43 Tweaking.com - Windows Repair
05-09-2014 15:44:28 Windows Update
05-09-2014 19:15:18 Revo Uninstaller's restore point - AOL Uninstaller (Choose which Products to Remove)
09-09-2014 09:37:10 Windows Update
10-09-2014 14:30:59 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-09-05 11:15 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0000EB61-F2F9-4A2D-890D-19697496D0CD} - System32\Tasks\{1B34E1BF-F254-4C86-AF0C-65C4E2D71EEE} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {0083147F-9E42-4F01-877A-871CAEE97901} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: {060913F0-2DD4-4FF3-977B-F341FEE19D87} - System32\Tasks\{345F7CC0-4165-425B-88FC-CAA54522774F} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {0E9EA72D-AB38-4C3F-A9C6-EAAFE17122A1} - System32\Tasks\{FF21409D-F4B5-4800-AB72-09FD313D4CD7} => C:\Users\verna\Downloads\Donkey_Kong_Country_2\snes9x.exe
Task: {0FE36FA1-85B1-46EA-9E2A-95E3D962D61E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {10EF5366-72A4-412A-8815-1657DB4CAAE4} - System32\Tasks\{267ADEEB-48AE-43B1-A35B-706D1693D013} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {126FA78D-E376-4300-AA57-7A273B345D3B} - System32\Tasks\{71E27DEB-7AE3-4BD8-88D5-20E883D87A5A} => C:\Program Files (x86)\AOL Desktop 9.7c\aol.exe
Task: {139930B5-F14E-46B7-AE1A-0E51F6DA330D} - System32\Tasks\{DAE14204-A17A-4C82-B952-365EBC4B7639} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {16AA6F98-3123-42A3-B58E-9AD1900E0D8B} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4004325891-3694787017-876815027-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {1A3323DE-2A8F-4901-9056-04F181266543} - System32\Tasks\{5205966C-5B24-435E-AAD2-18D8348A2B62} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {1BACB0D1-4BA1-4523-92F0-FA9E7136B7F1} - System32\Tasks\{036603A4-23A9-48FB-A39F-78B7CEA5FABF} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {21F84D11-E920-4C0E-BB8F-28DEDE65FE72} - System32\Tasks\{E1C75577-6327-4D10-80C0-53F30C38B6A9} => C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe [2013-02-05] (Microsoft Corporation)
Task: {253505D9-6787-412D-85EA-6D07AD0037E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4004325891-3694787017-876815027-1001Core => C:\Users\verna\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-21] (Google Inc.)
Task: {26A087CB-EBD1-41A7-8DC7-BFF557B15F3E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4004325891-3694787017-876815027-1001UA => C:\Users\verna\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-21] (Google Inc.)
Task: {280AE379-D974-4943-942B-D8BA5782CE1B} - System32\Tasks\{EB138B6B-222E-45F7-B700-615BE277AE3F} => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe [2010-12-13] (Microsoft Corporation)
Task: {2BD53A02-5785-4793-A937-4B2386A68BAB} - System32\Tasks\SlimDrivers Scan => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {35203E90-37EC-468C-BCD1-0D4DC4AE23B4} - System32\Tasks\{4402D029-6030-4BCD-B350-D5B27CF069C5} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {3D2DAAA1-8503-4AEB-9FC1-76A4EEAC9BD3} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {3E8A1667-4F25-4631-AB41-A5A9F4268045} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {40D0A547-E691-45DE-A4FF-695A24E09CC5} - System32\Tasks\{7746BA6F-BE92-4773-8C7A-C4B61675166A} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe [2014-07-02] (AOL Inc.)
Task: {44620214-CDAF-4C3C-A4AD-EA2AF1357AE7} - System32\Tasks\{5BE57F62-597B-4317-A307-755A6FA63E92} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {461B9CB5-1E10-42C6-B987-A713423B6B88} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4004325891-3694787017-876815027-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {47DF67AC-28DD-4902-AC5B-1C1F75CC1764} - System32\Tasks\{49BE6B19-4CAC-4A1A-9D8C-26054E5383E3} => C:\Program Files (x86)\AOL Desktop 9.7a\aol.exe [2014-07-02] (AOL Inc.)
Task: {48F9C047-7592-4876-9BEC-11DC73130FB9} - System32\Tasks\{1D264E14-DF20-4A9C-93F5-BCB1FB54ACEC} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {4913B9AB-64B4-4D54-81C3-8B16B8A6F070} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {4CB75A0E-21B0-4151-A2C2-DD5D5BB3CA97} - System32\Tasks\{EC511D6D-B2AD-44E0-8808-76930E76B7A4} => C:\Program Files (x86)\bfgclient\bfgclient.exe [2014-03-05] ()
Task: {4CC29827-5A2D-4E47-B4AC-95B64E4C61AE} - System32\Tasks\{CE155773-BFE0-4954-A811-E85FA6D177F2} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe [2014-07-02] (AOL Inc.)
Task: {5705DC68-39DF-483C-8C20-3D92B19C9D5A} - System32\Tasks\{AE0699A5-68AC-4B86-B150-850370502F6D} => C:\Program Files (x86)\bfgclient\bfgclient.exe [2014-03-05] ()
Task: {5CD09ED3-2210-4303-9308-E7DB5AAEBEB5} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4004325891-3694787017-876815027-1001
Task: {5F8F49F5-2488-48D1-91EC-E4E09B4DE89F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {67EBB92D-A995-4B3B-B49B-D1ED823DA368} - System32\Tasks\{39C81FAE-43B3-4A08-9B73-93CBF1FFB607} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {69101A73-9E00-4627-B86D-8A8737DD36D8} - System32\Tasks\{7D46843A-B61E-4F4E-8D04-37B43EA1F4E2} => C:\Users\verna\Pogo Games\AdminWorker.exe [2012-10-31] ()
Task: {6AC0C32E-EC14-436D-A301-79A1F6C04701} - System32\Tasks\{2E51D215-CAD4-4233-BDE8-E4889E5755F0} => C:\Program Files\Frameworkx\FxVisor\FxVisor.exe [2007-10-10] (Frameworkx.com)
Task: {7178C9FE-979A-4090-978F-D9F226E488F3} - System32\Tasks\{188663F3-D0D7-4767-990A-FB8EF6E6A777} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {76FA2565-8214-44CD-9B8F-F6A49327EC0B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {795197CE-C498-4340-A1F0-3DC0FEBDF633} - System32\Tasks\{B69A720A-867C-436F-9A2F-262507D4E26C} => C:\Program Files\Microsoft Games\HoldEm\HoldEm.exe [2011-12-30] (Microsoft Corporation)
Task: {7C6988D2-AD97-44A5-85E0-31726A47C462} - System32\Tasks\{53EE031D-08D1-4199-B9F4-689CAA4DCF23} => C:\Users\verna\Pogo Games\AdminWorker.exe [2012-10-31] ()
Task: {81151F1F-0100-4E97-B3B5-594B0A839A0B} - System32\Tasks\{991E9DA0-A52E-4463-853D-DD3D77B125A4} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {8A678F88-3EDC-439F-9FDD-3C56492B96FC} - System32\Tasks\{CEDD825F-1E59-4C38-B163-910F492AB49D} => C:\Program Files\Webroot\WRSA.exe [2014-04-13] (Webroot)
Task: {8BDED104-CE15-4445-A61F-D4628B2D13E6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {8EDC2287-78E5-48F9-BEE5-9CE0B85B6024} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4004325891-3694787017-876815027-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {9D4881DC-1FA7-4CB4-91A1-E1A90699BB82} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {B0FA49B5-9CA9-46D2-9E87-1AEA37811BCD} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {B535D547-BDD3-470F-B6F6-2A3D27470C4A} - System32\Tasks\{DF2D2340-FC4D-4098-A669-EB352D3FEAF0} => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe [2010-12-13] (Microsoft Corporation)
Task: {B9B1102A-31CA-4E39-BEFE-C61D2A9A71EF} - System32\Tasks\{56019EA8-16A4-48D6-9084-8C32D48A9DFF} => C:\Program Files (x86)\AOL Desktop 9.7a\aol.exe [2014-07-02] (AOL Inc.)
Task: {C56FEC5D-6E46-4C7D-888F-BFA26BF80724} - System32\Tasks\{985DFBEB-F060-437A-A070-09049DA0B28B} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {CAED60AE-CC68-4D5D-9EE6-102429E32643} - System32\Tasks\{11FEC0CA-C38F-456F-9CC4-8E8476601AAF} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {D1B5D37F-0505-4F07-8214-7C9BDB421694} - System32\Tasks\{FF3E44AC-5946-4318-A08B-312F0E56567B} => C:\Program Files\Webroot\WRSA.exe [2014-04-13] (Webroot)
Task: {D3B045BD-CD0E-4315-B7DC-43E956F91297} - System32\Tasks\{C60FF8A8-F0B7-4038-ABC7-D48C71B5238A} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {D42D5235-4668-400D-A9C5-FEBBB6C71170} - System32\Tasks\{B85475F5-874B-43D4-ADEB-4C089B83360D} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {D81FDF74-A4AC-4C18-9A2E-E6E3DB4D5072} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DD63FC58-6950-455E-B922-D2F942D4A96D} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe
Task: {E05A23B8-4C5B-401A-952B-9F7935E8CFA7} - System32\Tasks\{DB9356B6-B057-4F59-A8DD-2F4FFE8CC51E} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe [2014-07-02] (AOL Inc.)
Task: {E3138A11-88D1-4FD3-8B3E-2EC0DE03A115} - System32\Tasks\RunAsStdUser Task => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: {E8138EF0-2331-4055-AA5C-CB7CA90CAB10} - System32\Tasks\{958370D3-DDCD-471E-B392-2A03E90F7A05} => C:\Program Files (x86)\AOL Desktop 9.7a\aol.exe [2014-07-02] (AOL Inc.)
Task: {EB58A6E0-11CD-4EB4-B36C-14E11A421CE1} - System32\Tasks\{BD748774-EACD-4293-B092-A880C0DAD27C} => C:\Program Files\Microsoft Games\HoldEm\HoldEm.exe [2011-12-30] (Microsoft Corporation)
Task: {EC5C112D-2BC1-4C93-902A-A4AAEE82E0D0} - System32\Tasks\{75F9459A-5A80-48A3-A05A-5DA5971760BB} => C:\Users\verna\Downloads\FreeTaskManager.exe [2014-08-22] (Extensoft)
Task: {ED7837A3-1741-4D25-831C-73CD2CE5017A} - System32\Tasks\{879F1D7D-9D8E-4999-A16A-B03BFA760C24} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {EF21B5FC-BFEC-487F-9626-9D85A758F59A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F6FAFADC-2188-4353-A525-E4C7648C7179} - System32\Tasks\{C8CEF682-708D-400C-82D2-C21FF58EFA57} => C:\Users\verna\Pogo Games\PogoDGC.exe [2012-10-31] (iWin Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4004325891-3694787017-876815027-1001Core.job => C:\Users\verna\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4004325891-3694787017-876815027-1001UA.job => C:\Users\verna\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RunAsStdUser Task.job => C:\Users\verna\Pogo Games\PogoDGC.exe
Task: C:\Windows\Tasks\SlimDrivers Scan.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2014-09-03 08:46 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-09-03 08:46 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2014-09-10 11:45 - 2014-09-10 11:45 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\03d9e855a8969bf00dd1bfeafa5d055e\IsdiInterop.ni.dll
2010-12-16 01:34 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-09-04 05:46 - 2014-09-04 05:46 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-10 14:41 - 2014-08-10 14:41 - 00018856 _____ () C:\Program Files (x86)\Java\jre7\bin\jp2native.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:tix.Identifier
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:0F64164E
AlternateDataStreams: C:\ProgramData\TEMP:2211E7A0
AlternateDataStreams: C:\ProgramData\TEMP:298B27F3
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4
AlternateDataStreams: C:\ProgramData\TEMP:363E775E
AlternateDataStreams: C:\ProgramData\TEMP:3F9A3DFF
AlternateDataStreams: C:\ProgramData\TEMP:43F5FA9D
AlternateDataStreams: C:\ProgramData\TEMP:45C55624
AlternateDataStreams: C:\ProgramData\TEMP:4F7D133D
AlternateDataStreams: C:\ProgramData\TEMP:51F7E368
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:67B858FB
AlternateDataStreams: C:\ProgramData\TEMP:71004506
AlternateDataStreams: C:\ProgramData\TEMP:7E0EFF7B
AlternateDataStreams: C:\ProgramData\TEMP:80BD5645
AlternateDataStreams: C:\ProgramData\TEMP:8B09E09D
AlternateDataStreams: C:\ProgramData\TEMP:9AB56A06
AlternateDataStreams: C:\ProgramData\TEMP:9BAC4211
AlternateDataStreams: C:\ProgramData\TEMP:A02025CE
AlternateDataStreams: C:\ProgramData\TEMP:A6D6E537
AlternateDataStreams: C:\ProgramData\TEMP:B3A5945E
AlternateDataStreams: C:\ProgramData\TEMP:B66227B5
AlternateDataStreams: C:\ProgramData\TEMP:BF6A2C54
AlternateDataStreams: C:\ProgramData\TEMP:C434694E
AlternateDataStreams: C:\ProgramData\TEMP:C5CE2DF6
AlternateDataStreams: C:\ProgramData\TEMP:C94D51B1
AlternateDataStreams: C:\ProgramData\TEMP:CC81AA95
AlternateDataStreams: C:\ProgramData\TEMP:CE3AADB7
AlternateDataStreams: C:\ProgramData\TEMP:D0757AAB
AlternateDataStreams: C:\ProgramData\TEMP:D682946C
AlternateDataStreams: C:\ProgramData\TEMP:E6C6EB3B
AlternateDataStreams: C:\ProgramData\TEMP:E73B14E2
AlternateDataStreams: C:\ProgramData\TEMP:E8AEB2BF
AlternateDataStreams: C:\ProgramData\TEMP:EE2DD6CC
AlternateDataStreams: C:\Users\verna\Downloads\ADVANCED_Codecs_v474.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\dds.com:BDU
AlternateDataStreams: C:\Users\verna\Downloads\deskscapes-setup.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\esetsmartinstaller_enu.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\prismpsetup.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\RealPlayerCloud.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\revosetup.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\tdsskiller.exe:BDU
AlternateDataStreams: C:\Users\verna\Downloads\tweaking.com_windows_repair_aio_setup.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: PCAppStoreSvc_{PCAppStore_4.5.1.6176} => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SetPoint.lnk => C:\Windows\pss\SetPoint.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^verna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^verna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: 20131121 =>
MSCONFIG\startupreg: Ad-Aware Browsing Protection =>
MSCONFIG\startupreg: Adobe ARM =>
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.7b\AOL.EXE" -b
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot
MSCONFIG\startupreg: DellSystemDetect => C:\Users\verna\AppData\Local\Apps\2.0\HNO8J96C.2B6\83A774J1.1DQ\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
MSCONFIG\startupreg: DependencyCheck => Performed
MSCONFIG\startupreg: DivXMediaServer =>
MSCONFIG\startupreg: EPSON NX410 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCA.EXE /FU "C:\Windows\TEMP\E_S8373.tmp" /EF "HKCU"
MSCONFIG\startupreg: Facebook Update =>
MSCONFIG\startupreg: FlashPlayerUpdate =>
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\verna\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1303774094\ee\AOLSoftware.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: ISW =>
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: Launcher =>
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MPlayerForWindows_UpdateReminder =>
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: OpenDNS Updater => "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl =>
MSCONFIG\startupreg: SAAppWhitelistingNotifier =>
MSCONFIG\startupreg: Search Protection =>
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: TkBellExe =>
MSCONFIG\startupreg: Uninstall C: =>
MSCONFIG\startupreg: ypagerps =>

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2014 00:50:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/12/2014 05:36:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (09/12/2014 05:36:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/11/2014 02:18:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/11/2014 05:46:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (09/11/2014 05:46:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/10/2014 10:58:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (09/10/2014 10:58:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/10/2014 10:37:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: verna-PC)
Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.

Error: (09/10/2014 10:37:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: verna-PC)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (09/12/2014 05:32:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eQCOlJeu
SBRE
tljkva

Error: (09/12/2014 05:32:51 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (09/12/2014 05:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx_Pr135 service failed to start due to the following error:
%%2

Error: (09/11/2014 05:42:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eQCOlJeu
SBRE
tljkva

Error: (09/11/2014 05:42:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx_Pr135 service failed to start due to the following error:
%%2

Error: (09/10/2014 10:53:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eQCOlJeu
SBRE
tljkva

Error: (09/10/2014 10:53:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx_Pr135 service failed to start due to the following error:
%%2

Error: (09/10/2014 05:32:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eQCOlJeu
SBRE
tljkva

Error: (09/10/2014 05:32:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx_Pr135 service failed to start due to the following error:
%%2

Error: (09/09/2014 03:21:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eQCOlJeu
SBRE
tljkva


Microsoft Office Sessions:
=========================
Error: (09/12/2014 00:50:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\verna\Downloads\esetsmartinstaller_enu.exe

Error: (09/12/2014 05:36:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (09/12/2014 05:36:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (09/11/2014 02:18:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\verna\Downloads\esetsmartinstaller_enu.exe

Error: (09/11/2014 05:46:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (09/11/2014 05:46:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (09/10/2014 10:58:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (09/10/2014 10:58:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (09/10/2014 10:37:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: verna-PC)
Description: ASP.NETASP.NET8F20300004D070000

Error: (09/10/2014 10:37:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: verna-PC)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2014-07-20 07:57:02.113
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\WriteWatcher64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-20 07:57:02.015
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\WriteWatcher64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-22 10:44:17.582
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\WriteWatcher64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-22 10:44:17.498
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\WriteWatcher64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-05-02 06:07:32.393
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-05-02 06:07:32.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-25 13:31:08.655
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-25 10:52:17.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-12-29 13:40:18.819
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-12-25 16:15:55.259
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5800 @ 3.20GHz
Percentage of memory in use: 58%
Total physical RAM: 3036.98 MB
Available physical RAM: 1247.02 MB
Total Pagefile: 6072.15 MB
Available Pagefile: 3894.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:455.84 GB) (Free:405.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: EC0328C2)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=9.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

[General]
ShowGridLines=0
SaveFilterIndex=1
ShowInfoTip=1
ShowTimeInGMT=0
VerSplitLoc=16383
LowerPaneMode=1
MarkDriversInStack=1
AddExportHeaderLine=0
ComputersFile=
LoadFrom=1
DumpChkCommand=""%programfiles%\Debugging Tools for Windows\DumpChk.exe" "%1""
MarkOddEvenRows=0
SingleDumpFile=
WinPos=2C 00 00 00 00 00 00 00 01 00 00 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF F0 01 00 00 36 01 00 00 70 04 00 00 16 03 00 00
Columns=B4 00 00 00 78 00 01 00 96 00 02 00 6E 00 03 00 6E 00 04 00 6E 00 05 00 6E 00 06 00 6E 00 07 00 96 00 08 00 78 00 09 00 8C 00 0A 00 82 00 0B 00 78 00 0C 00 78 00 0D 00 50 00 0E 00 78 00 0F 00 78 00 10 00 78 00 11 00 78 00 12 00 50 00 13 00 50 00 14 00 5A 00 15 00 5A 00 16 00 5A 00 17 00 5A 00 18 00 5A 00 19 00
Sort=4097
ModulesColumns=B4 00 00 00 78 00 01 00 78 00 02 00 78 00 03 00 78 00 04 00 78 00 05 00 78 00 06 00 78 00 07 00 78 00 08 00 78 00 09 00 78 00 0A 00 78 00 0B 00
ModulesSort=4096
 

 

 

 

 

 

 

 

 

 

Attached Files



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,967 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:37 PM

Posted 12 September 2014 - 02:39 PM

Greetings and thank you for the information. Were you able to run Blue Screen View?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 bobbymcgee

bobbymcgee
  • Topic Starter

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:08:37 PM

Posted 13 September 2014 - 06:53 AM

Sry,

 

Crash List
Created by using BlueScreenView Dump File Crash Time Bug Check String Bug Check Code Parameter 1 Parameter 2 Parameter 3 Parameter 4 Caused By Driver Caused By Address File Description Product Name Company File Version Processor Crash Address Stack Address 1 Stack Address 2 Stack Address 3 Computer Name Full Path Processors Count Major Version Minor Version Dump File Size Dump File Time 090514-25662-01.dmp 9/5/2014 2:57:08 PM BAD_POOL_HEADER 0x00000019 00000000`00000020 fffffa80`04823190 fffffa80`048231b0 00000000`04020019 ATWPKT264.SYS ATWPKT264.SYS+1804 ATW Protocol Driver ATW Protocol Driver America Online 4.10.1.9 x64 ntoskrnl.exe+75bc0         C:\Windows\Minidump\090514-25662-01.dmp 2 15 7601 416,328 9/5/2014 2:58:06 PM 083114-20467-01.dmp 8/31/2014 8:51:12 AM BAD_POOL_HEADER 0x00000019 00000000`00000020 fffffa80`04b20210 fffffa80`04b20230 00000000`04020021 ATWPKT264.SYS ATWPKT264.SYS+1804 ATW Protocol Driver ATW Protocol Driver America Online 4.10.1.9 x64 ntoskrnl.exe+75bc0         C:\Windows\Minidump\083114-20467-01.dmp 2 15 7601 416,328 8/31/2014 8:52:02 AM 083114-17097-01.dmp 8/31/2014 8:49:15 AM BAD_POOL_HEADER 0x00000019 00000000`00000020 fffffa80`05cc5ca0 fffffa80`05cc5cc0 00000000`0402000e ATWPKT264.SYS ATWPKT264.SYS+1c17 ATW Protocol Driver ATW Protocol Driver America Online 4.10.1.9 x64 ntoskrnl.exe+75bc0         C:\Windows\Minidump\083114-17097-01.dmp 2 15 7601 416,328 8/31/2014 8:50:02 AM 083014-77704-01.dmp 8/30/2014 8:29:42 AM BAD_POOL_HEADER 0x00000019 00000000`00000020 fffffa80`056d7b80 fffffa80`056d7ba0 00000000`0402001c ATWPKT264.SYS ATWPKT264.SYS+1804 ATW Protocol Driver ATW Protocol Driver America Online 4.10.1.9 x64 ntoskrnl.exe+75bc0         C:\Windows\Minidump\083014-77704-01.dmp 2 15 7601 416,328 8/30/2014 8:32:02 AM

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,967 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:37 PM

Posted 13 September 2014 - 02:40 PM

The formatting is not right and so it is difficult to read. Can you attach the report file to your reply?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 bobbymcgee

bobbymcgee
  • Topic Starter

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:08:37 PM

Posted 14 September 2014 - 06:45 AM

==================================================
Dump File         : 090514-25662-01.dmp
Crash Time        : 9/5/2014 2:57:08 PM
Bug Check String  : BAD_POOL_HEADER
Bug Check Code    : 0x00000019
Parameter 1       : 00000000`00000020
Parameter 2       : fffffa80`04823190
Parameter 3       : fffffa80`048231b0
Parameter 4       : 00000000`04020019
Caused By Driver  : ATWPKT264.SYS
Caused By Address : ATWPKT264.SYS+1804
File Description  : ATW Protocol Driver
Product Name      : ATW Protocol Driver
Company           : America Online
File Version      : 4.10.1.9
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\090514-25662-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 416,328
Dump File Time    : 9/5/2014 2:58:06 PM
==================================================

==================================================
 


Edited by bobbymcgee, 14 September 2014 - 06:47 AM.


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,967 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:37 PM

Posted 14 September 2014 - 09:12 AM

Thank your for the information.

We are going to start with this please.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: BaiduAntivirusIconLock -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  No File
SearchScopes: HKCU - {3062D68B-BE97-44AC-ACDA-221D469D4CF7} URL =
BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} ->  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} -  No File
Toolbar: HKCU - No Name - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
Handler: javascript - No CLSID Value -
Handler: mailto - No CLSID Value -
Handler: res - No CLSID Value -
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler: WSWSVCUchrome - No CLSID Value -
Handler-x32: javascript - No CLSID Value -
Handler-x32: mailto - No CLSID Value -
Handler-x32: res - No CLSID Value -
Handler-x32: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler-x32: WSWSVCUchrome - No CLSID Value -
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 esgiguard; No ImagePath
S3 FileMonitor; No ImagePath
S3 RegFilter; No ImagePath
S1 SBRE; No ImagePath
S0 tljkva; No ImagePath
S3 UrlFilter; No ImagePath
S2 X5XSEx_Pr135; No ImagePath
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Users\verna\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S0 eQCOlJeu; System32\drivers\eQCOlJeu.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 mdareDriver_47; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_47.sys [X]
S3 mdareDriver_48; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_48.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
S3 Spring; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Spring64.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
C:\Users\verna\AppData\Local\Temp\AcsInstall.dll
C:\Users\verna\AppData\Local\Temp\aol-desktop.exe
C:\Users\verna\AppData\Local\Temp\bitool.dll
C:\Users\verna\AppData\Local\Temp\BullGuard Internet Security Setup.exe
C:\Users\verna\AppData\Local\Temp\ffmpeg19.exe
C:\Users\verna\AppData\Local\Temp\instSup.dll
C:\Users\verna\AppData\Local\Temp\jilst5pf.dll
C:\Users\verna\AppData\Local\Temp\lowproc.exe
C:\Users\verna\AppData\Local\Temp\npp.6.6.8.Installer.exe
C:\Users\verna\AppData\Local\Temp\Quarantine.exe
C:\Users\verna\AppData\Local\Temp\SAS6_Update.exe
C:\Users\verna\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\verna\AppData\Local\Temp\stubhelper.dll
C:\Users\verna\AppData\Local\Temp\wget.exe
AlternateDataStreams: C:\Windows:tix.Identifier
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:0F64164E
AlternateDataStreams: C:\ProgramData\TEMP:2211E7A0
AlternateDataStreams: C:\ProgramData\TEMP:298B27F3
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4
AlternateDataStreams: C:\ProgramData\TEMP:363E775E
AlternateDataStreams: C:\ProgramData\TEMP:3F9A3DFF
AlternateDataStreams: C:\ProgramData\TEMP:43F5FA9D
AlternateDataStreams: C:\ProgramData\TEMP:45C55624
AlternateDataStreams: C:\ProgramData\TEMP:4F7D133D
AlternateDataStreams: C:\ProgramData\TEMP:51F7E368
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:67B858FB
AlternateDataStreams: C:\ProgramData\TEMP:71004506
AlternateDataStreams: C:\ProgramData\TEMP:7E0EFF7B
AlternateDataStreams: C:\ProgramData\TEMP:80BD5645
AlternateDataStreams: C:\ProgramData\TEMP:8B09E09D
AlternateDataStreams: C:\ProgramData\TEMP:9AB56A06
AlternateDataStreams: C:\ProgramData\TEMP:9BAC4211
AlternateDataStreams: C:\ProgramData\TEMP:A02025CE
AlternateDataStreams: C:\ProgramData\TEMP:A6D6E537
AlternateDataStreams: C:\ProgramData\TEMP:B3A5945E
AlternateDataStreams: C:\ProgramData\TEMP:B66227B5
AlternateDataStreams: C:\ProgramData\TEMP:BF6A2C54
AlternateDataStreams: C:\ProgramData\TEMP:C434694E
AlternateDataStreams: C:\ProgramData\TEMP:C5CE2DF6
AlternateDataStreams: C:\ProgramData\TEMP:C94D51B1
AlternateDataStreams: C:\ProgramData\TEMP:CC81AA95
AlternateDataStreams: C:\ProgramData\TEMP:CE3AADB7
AlternateDataStreams: C:\ProgramData\TEMP:D0757AAB
AlternateDataStreams: C:\ProgramData\TEMP:D682946C
AlternateDataStreams: C:\ProgramData\TEMP:E6C6EB3B
AlternateDataStreams: C:\ProgramData\TEMP:E73B14E2
AlternateDataStreams: C:\ProgramData\TEMP:E8AEB2BF
AlternateDataStreams: C:\ProgramData\TEMP:EE2DD6CC
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!
S3 WriteWatcher; C:\Windows\System32\DRIVERS\WriteWatcher64.sys [16896 2014-02-18] (Windows ® Win 7 DDK provider) [File not signed]
C:\Windows\System32\DRIVERS\WriteWatcher64.sys
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Attempt to launch AOL
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Does AOL work properly?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 bobbymcgee

bobbymcgee
  • Topic Starter

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:08:37 PM

Posted 14 September 2014 - 12:47 PM

Greetings, Cannot paste fixlog because the folder is empty. (not the whole folder just the quarantine portion)

 Tried to install AOL again,didn't get BSOD what I did get (several attempts)was Aol will now install the files required for you to connect to the service.Click yes to install the files.You may be asked to restart your pc otherwise you will not be able to connect.(got this on several attempts)



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,967 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:37 PM

Posted 14 September 2014 - 02:09 PM

After you run FRST as instructed you should see a Notepad document appear on your desktop. Did this happen?

Please do not take any steps other than the ones I provide. We need to be in sync otherwise my efforts will be very inefficient.

You don't say whether AOL is working or not after the latest reinstall. I am assuming not but need to verify (your comments tried several times).
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 bobbymcgee

bobbymcgee
  • Topic Starter

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:08:37 PM

Posted 14 September 2014 - 04:37 PM

Greetings, as stated no AOL is still not working.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by verna (administrator) on VERNA-PC on 12-09-2014 12:53:58
Running from C:\Users\verna\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes8\DS8Srv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(iWin Inc.) C:\Users\verna\Pogo Games\PGMTrusted.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes8\Deskscapes64.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Flux Software LLC) C:\Users\verna\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions ] 0
HKLM\...\Policies\Explorer: [NoCustomizeThisFolder] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\.DEFAULT\...\RunOnce: [adawarebp] => reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
HKU\.DEFAULT\...\RunOnce: [adawarebp_XP] => reg.exe delete "HKCU\Software\adawarebp" /f
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Run: [f.lux] => C:\Users\verna\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [New Value #1] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoFolderOptions ] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoFileMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoAddPrinter] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-4004325891-3694787017-876815027-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: BaiduAntivirusIconLock -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,start page = http://www.bing.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x03FEAC6A6939CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,start page = http://www.bing.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {3062D68B-BE97-44AC-ACDA-221D469D4CF7} URL =
SearchScopes: HKCU - {41879711-B714-41BE-9A0C-EB90CFB98239} URL = https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKCU - {E0CDAF38-25DC-4212-8A51-CAA85CD22757} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} ->  No File
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} -  No File
Toolbar: HKCU - No Name - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {15B782AF-55D8-11D1-B477-006097098764} http://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxf.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {809A6301-7B40-4436-A02C-87B8D3D7D9E3} http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab
Handler: javascript - No CLSID Value -
Handler: mailto - No CLSID Value -
Handler: res - No CLSID Value -
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler: WSWSVCUchrome - No CLSID Value -
Handler-x32: javascript - No CLSID Value -
Handler-x32: mailto - No CLSID Value -
Handler-x32: res - No CLSID Value -
Handler-x32: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Handler-x32: WSWSVCUchrome - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default
FF NewTab: hxxp://www.aol.com/?mtmhp=hyplogusaolp00000081&tb_uuid=7368E53DD584BAAD89A9A1501E3442C8
FF SearchEngineOrder.3: Bing
FF Homepage: hxxp://www.aol.com/?ncid=hyplognew00000010&tb_uuid=7368E53DD584BAAD89A9A1501E3442C8
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll No File
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll (ParallelGraphics)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\verna\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\verna\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\verna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\verna\AppData\Roaming\mozilla\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\searchplugins\aol-search.xml
FF SearchPlugin: C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\searchplugins\youtube.xml
FF Extension: FireFox Tweak - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\firefoxtweak@pribic.am [2013-12-20]
FF Extension: WOT - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-18]
FF Extension: Webmail Ad Blocker - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\gmailnoads@mywebber.com.xpi [2013-12-19]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\info@convert2mp3.net.xpi [2014-01-04]
FF Extension: Google Translate It - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\jid0-T5rLBR2f2bw85B4AYMBuRUyNBYI@jetpack.xpi [2013-12-19]
FF Extension: NO Google Analytics - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2013-12-18]
FF Extension: RememberPass - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\rememberpass@teesoft.info.xpi [2013-12-19]
FF Extension: Youtube Video Center - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{34878998-c8be-40bc-bc13-9243a2844976}.xpi [2014-06-29]
FF Extension: Stylish - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-12-18]
FF Extension: Facebook Toolbar Button - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2014-04-21]
FF Extension: NoScript - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-26]
FF Extension: YouTube High Definition - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-10]
FF Extension: Yahoo Mail Button - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{c9b4529a-eeba-4e48-976e-f3d3f9026e04}.xpi [2013-12-19]
FF Extension: Adblock Plus - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-28]
FF Extension: Greasemonkey - C:\Users\verna\AppData\Roaming\Mozilla\Firefox\Profiles\tfzgu68q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-01-15]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2014-09-04]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-30] (SUPERAntiSpyware.com)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation) [File not signed]
S3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) [File not signed]
R2 DeskScapes8; C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes8\ds8srv.exe [75376 2013-01-25] (Stardock Software, Inc)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-08-18] (Microsoft Corporation) [File not signed]
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2014-08-13] (Verizon)
S3 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation) [File not signed]
R2 PGMTrusted; C:\Users\verna\Pogo Games\PGMTrusted.exe [519920 2012-10-31] (iWin Inc.)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation) [File not signed]
R3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [216576 2012-08-21] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [219136 2012-08-21] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2832384 2012-08-21] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2039296 2012-08-21] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [194560 2012-08-21] (Microsoft Corporation) [File not signed]
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 ATWPKT2; C:\Windows\system32\drivers\ATWPKT264.SYS [34520 2014-02-25] (America Online)
S3 ATWPKT2; C:\Windows\SysWOW64\drivers\ATWPKT264.SYS [34520 2014-02-25] (America Online)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2014-09-10] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S3 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 esgiguard; No ImagePath
S3 FileMonitor; No ImagePath
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-27] (Microsoft Corporation) [File not signed]
S3 RegFilter; No ImagePath
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SBRE; No ImagePath
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-06-29] () [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-28] ()
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation) [File not signed]
S0 tljkva; No ImagePath
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-01] (Microsoft Corporation) [File not signed]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 UrlFilter; No ImagePath
R3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-26] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [53248 2013-11-26] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-26] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-26] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [42496 2013-07-03] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2013-11-26] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation) [File not signed]
S3 WriteWatcher; C:\Windows\System32\DRIVERS\WriteWatcher64.sys [16896 2014-02-18] (Windows ® Win 7 DDK provider) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) [File not signed]
S2 X5XSEx_Pr135; No ImagePath
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Users\verna\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S0 eQCOlJeu; System32\drivers\eQCOlJeu.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 mdareDriver_47; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_47.sys [X]
S3 mdareDriver_48; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_48.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
S3 Spring; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Spring64.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 12:53 - 2014-09-12 12:54 - 00037602 _____ () C:\Users\verna\Downloads\FRST.txt
2014-09-12 12:53 - 2014-09-12 12:54 - 00000000 ____D () C:\FRST
2014-09-12 12:52 - 2014-09-12 12:52 - 02105856 _____ (Farbar) C:\Users\verna\Downloads\FRST64.exe
2014-09-11 14:40 - 2014-09-11 14:26 - 00007669 _____ () C:\Users\verna\Documents\dds.zip
2014-09-10 10:38 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 10:38 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 10:38 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 10:38 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 10:38 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 10:38 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 10:38 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 10:38 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 10:38 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 10:38 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 10:38 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 10:38 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 10:38 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 10:38 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 10:38 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 10:38 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 10:38 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 10:38 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 10:38 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 10:38 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 10:38 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 10:38 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 10:38 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 10:38 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 10:38 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 10:38 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 10:38 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 10:38 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 10:38 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 10:38 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 10:38 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 10:38 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 10:38 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 10:38 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 10:38 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 10:38 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 10:38 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 10:38 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 10:38 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 10:38 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 10:38 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 10:38 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 10:38 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 10:38 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 10:38 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 10:38 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 10:38 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 10:38 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 10:38 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 10:38 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 10:38 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 10:38 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 10:38 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 10:38 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 10:38 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 10:38 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 10:31 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 10:31 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 10:30 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 10:30 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 10:30 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 10:30 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 10:30 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 10:30 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 10:30 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 10:30 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 10:30 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 10:30 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 10:30 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 09:18 - 2014-09-10 09:18 - 00000000 ____D () C:\Users\verna\AppData\Roaming\NCH Software
2014-09-10 09:18 - 2014-09-10 09:18 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-10 09:17 - 2014-09-10 09:22 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-09-10 09:17 - 2014-09-10 09:17 - 00589888 _____ (NCH Software) C:\Users\verna\Downloads\prismpsetup.exe
2014-09-10 09:17 - 2014-09-10 09:17 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
2014-09-10 09:17 - 2014-09-10 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-09-10 05:38 - 2014-09-10 05:38 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-09-09 13:08 - 2014-09-09 13:08 - 01067216 _____ (RealNetworks, Inc.) C:\Users\verna\Downloads\RealPlayerCloud.exe
2014-09-09 13:06 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\verna\Documents\Wondershare Video Converter Ultimate
2014-09-09 13:06 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\verna\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-09-09 13:04 - 2014-09-09 13:04 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Wondershare Video Converter Ultimate
2014-09-09 13:03 - 2014-09-09 13:03 - 00000000 ____D () C:\Users\verna\AppData\Local\Wondershare
2014-09-09 13:02 - 2014-09-09 13:07 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-09-09 13:02 - 2014-09-09 13:06 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-09-09 12:52 - 2014-09-09 12:52 - 00000000 ____D () C:\Users\verna\Documents\Any Video Converter
2014-09-09 12:27 - 2014-09-09 12:27 - 58732312 _____ () C:\Users\verna\Downloads\DeskScapes_8.0.exe
2014-09-09 12:25 - 2014-09-09 12:25 - 00755160 _____ () C:\Users\verna\Downloads\deskscapes-setup.exe
2014-09-08 16:59 - 2014-09-08 16:59 - 00002265 _____ () C:\Program Files\INSTALL.LOG
2014-09-08 16:59 - 2010-06-26 17:17 - 00005303 _____ () C:\Program Files\eula.txt
2014-09-08 16:59 - 2010-06-15 13:40 - 00562480 _____ (Stardock) C:\Program Files\DreamMaker.exe
2014-09-08 16:59 - 2010-01-20 10:23 - 00001059 _____ () C:\Program Files\readme.txt
2014-09-08 16:59 - 2009-11-09 17:10 - 00550192 _____ (Stardock) C:\Program Files\Dreammaker.dll
2014-09-08 16:59 - 2001-05-24 13:59 - 00162304 _____ () C:\Program Files\UNWISE.EXE
2014-09-08 06:43 - 2014-09-08 06:44 - 00000000 ____D () C:\Users\verna\AppData\Roaming\HandBrake
2014-09-06 08:22 - 2014-09-11 14:20 - 00008686 _____ () C:\Users\verna\Documents\attach.txt
2014-09-06 08:16 - 2014-09-06 08:15 - 00003251 _____ () C:\Users\verna\Documents\attach.zip
2014-09-06 08:01 - 2014-09-11 14:20 - 00028826 _____ () C:\Users\verna\Documents\DDS.txt
2014-09-06 07:53 - 2014-09-06 07:53 - 00688992 ____R (Swearware) C:\Users\verna\Downloads\dds.com
2014-09-05 20:53 - 2014-09-05 20:53 - 00000000 ____D () C:\ProgramData\GZ
2014-09-05 14:58 - 2014-09-05 14:58 - 00416328 _____ () C:\Windows\Minidump\090514-25662-01.dmp
2014-09-05 14:53 - 2014-09-05 14:53 - 00000968 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk
2014-09-05 14:53 - 2014-09-05 14:53 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-09-05 14:53 - 2014-09-05 14:53 - 00000000 ____D () C:\Program Files (x86)\Viewpoint
2014-09-05 14:52 - 2014-09-05 14:54 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7b
2014-09-05 10:22 - 2014-09-05 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-05 10:22 - 2014-09-05 10:22 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-05 06:23 - 2014-09-05 06:23 - 09526552 _____ () C:\Users\verna\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-09-04 05:46 - 2014-09-04 05:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 14:48 - 2014-09-03 14:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-03 14:47 - 2014-09-03 14:47 - 02347384 _____ (ESET) C:\Users\verna\Downloads\esetsmartinstaller_enu.exe
2014-09-03 14:37 - 2014-09-03 14:40 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:37 - 2014-09-03 14:37 - 01370467 _____ () C:\Users\verna\Downloads\AdwCleaner.exe
2014-09-03 08:59 - 2014-09-03 08:59 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\verna\Downloads\tdsskiller.exe
2014-09-03 08:48 - 2014-09-03 08:48 - 00195651 _____ () C:\ProgramData\1409748307.bdinstall.bin
2014-09-03 08:46 - 2014-09-03 08:46 - 00002174 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-09-03 08:46 - 2014-09-03 08:46 - 00002174 _____ () C:\ProgramData\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-09-03 08:46 - 2014-09-03 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-09-03 08:46 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-09-03 08:46 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-09-03 08:45 - 2014-09-03 08:46 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-03 08:45 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-09-03 08:45 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-09-03 08:42 - 2014-09-03 08:42 - 00045426 _____ () C:\ProgramData\1409748120.bdinstall.bin
2014-09-03 08:42 - 2014-09-03 08:42 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-09-03 07:57 - 2014-09-03 07:57 - 00096062 _____ () C:\ProgramData\1409745386.bdinstall.bin
2014-09-03 07:56 - 2014-09-03 07:56 - 00037823 _____ () C:\ProgramData\1409745385.bdinstall.bin
2014-09-01 13:38 - 2014-09-01 13:38 - 00000000 ____D () C:\BigFishCache
2014-09-01 06:01 - 2010-11-20 08:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll.bak
2014-09-01 05:59 - 2014-06-05 14:00 - 02050560 _____ (xy-VSFilter Team) C:\Windows\system32\VSFilter.dll.bak
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Advanced
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Program Files\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Program Files (x86)\Shark007
2014-09-01 05:58 - 2014-07-22 14:51 - 03502080 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2014-09-01 05:58 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm.new
2014-09-01 05:58 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm
2014-09-01 05:58 - 2013-04-06 00:26 - 01679360 _____ () C:\Windows\SysWOW64\ac3filter.acm.new
2014-09-01 05:58 - 2012-07-21 15:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2014-09-01 05:58 - 2012-07-21 15:54 - 00361472 _____ (fccHandler) C:\Windows\system32\aacacm.acm
2014-09-01 05:58 - 2012-07-17 18:21 - 00206336 _____ () C:\Windows\system32\unrar64.dll
2014-09-01 05:58 - 2009-08-11 21:22 - 00580096 _____ () C:\Windows\system32\ac3filter.acm.old
2014-09-01 05:58 - 2009-01-23 01:51 - 00124909 _____ (Open Source Software community project) C:\Windows\system32\pthreadGC2.dll
2014-09-01 05:56 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Advanced
2014-09-01 05:53 - 2014-09-01 05:53 - 51411389 _____ () C:\Users\verna\Downloads\ADVANCED_Codecs_v474.exe
2014-08-31 08:52 - 2014-08-31 08:52 - 00416328 ___RH () C:\Windows\Minidump\083114-20467-01.dmp
2014-08-31 08:50 - 2014-08-31 08:50 - 00416328 _____ () C:\Windows\Minidump\083114-17097-01.dmp
2014-08-31 08:28 - 2014-08-31 08:30 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7a
2014-08-31 08:24 - 2014-09-05 14:53 - 00002830 ____H () C:\IPH.PH
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-30 10:53 - 2014-08-30 10:53 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\verna\Downloads\revosetup.exe
2014-08-30 10:28 - 2014-08-30 10:30 - 00000000 ____D () C:\Program Files (x86)\PCPitstop
2014-08-30 10:28 - 2014-08-30 10:29 - 00000000 ____D () C:\ProgramData\PCPitstop
2014-08-30 08:31 - 2014-08-30 08:32 - 00416328 _____ () C:\Windows\Minidump\083014-77704-01.dmp
2014-08-29 05:49 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 05:49 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 05:49 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 07:22 - 2014-08-28 07:22 - 00197878 _____ () C:\ProgramData\1409224797.bdinstall.bin
2014-08-28 07:19 - 2014-08-28 07:19 - 10447328 _____ () C:\Users\verna\Downloads\Antivirus_Free_Edition_x64.exe
2014-08-28 07:18 - 2014-08-28 07:18 - 00162208 _____ () C:\Users\verna\Downloads\Antivirus_Free_Edition.exe
2014-08-27 15:45 - 2014-08-27 15:50 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-24 11:25 - 2014-08-24 11:25 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Boot Genius
2014-08-24 11:25 - 2014-08-24 11:25 - 00000000 ____D () C:\Program Files (x86)\Windows Boot Genius
2014-08-24 10:46 - 2014-08-24 10:47 - 00000000 ____D () C:\Users\verna\Downloads\WinDlg_v1_27
2014-08-24 09:57 - 2014-09-04 16:53 - 00002960 _____ () C:\Windows\System32\Tasks\{CE155773-BFE0-4954-A811-E85FA6D177F2}
2014-08-24 06:32 - 2014-09-05 14:53 - 00000000 ____D () C:\Users\verna\AppData\Roaming\AOL
2014-08-24 06:31 - 2014-09-05 14:53 - 00000000 ____D () C:\Users\verna\AppData\Local\AOL
2014-08-24 06:31 - 2014-09-05 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
2014-08-24 06:31 - 2014-09-05 14:52 - 00000000 ____D () C:\ProgramData\AOL
2014-08-24 06:31 - 2014-08-24 06:42 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7
2014-08-24 06:31 - 2014-08-24 06:31 - 00000000 ____D () C:\ProgramData\AOL OCP
2014-08-24 06:31 - 2014-08-24 06:31 - 00000000 ____D () C:\Program Files (x86)\AOL
2014-08-24 06:30 - 2014-08-24 06:40 - 00000196 _____ () C:\Windows\Tasks\RunAsStdUser Task.job
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\Users\verna\AppData\Roaming\KSafe
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\ProgramData\KSafe
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\Program Files (x86)\MaxUtilities
2014-08-24 05:43 - 2014-09-04 16:52 - 00002960 _____ () C:\Windows\System32\Tasks\{DB9356B6-B057-4F59-A8DD-2F4FFE8CC51E}
2014-08-23 15:23 - 2014-08-23 15:23 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\Users\verna\AppData\Local\TaskManager
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Extended Task Manager
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\Program Files\Free Extended Task Manager
2014-08-22 15:46 - 2014-08-22 15:46 - 11714981 _____ (Extensoft) C:\Users\verna\Downloads\FreeTaskManager.exe
2014-08-22 15:30 - 2014-09-04 16:56 - 00002956 _____ () C:\Windows\System32\Tasks\{75F9459A-5A80-48A3-A05A-5DA5971760BB}
2014-08-22 15:03 - 2014-08-22 15:00 - 00001146 _____ () C:\Users\verna\Documents\Rename.bat - Shortcut.lnk
2014-08-22 14:58 - 2014-08-22 14:58 - 00000109 _____ () C:\Users\verna\Documents\Rename.bat
2014-08-20 11:38 - 2014-08-30 10:34 - 00000000 ____D () C:\Program Files\WhoCrashed
2014-08-20 11:38 - 2014-08-20 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2014-08-20 10:42 - 2014-08-20 10:42 - 00398408 _____ () C:\Users\verna\Downloads\VzSpeedOptimizer100.exe
2014-08-20 10:12 - 2014-08-20 10:12 - 02707808 _____ (Resplendence Software Projects Sp. ) C:\Users\verna\Downloads\whocrashedSetup.exe
2014-08-19 11:37 - 2014-09-05 05:57 - 00000464 _____ () C:\Windows\Tasks\SlimDrivers Scan.job
2014-08-19 11:37 - 2014-09-04 16:51 - 00003336 _____ () C:\Windows\System32\Tasks\SlimDrivers Scan
2014-08-19 08:24 - 2014-08-19 08:24 - 00001929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00001248 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000961 _____ () C:\Users\Public\Desktop\Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000961 _____ () C:\ProgramData\Desktop\Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000231 _____ () C:\Users\Public\Desktop\More Great Games.url
2014-08-19 08:24 - 2014-08-19 08:24 - 00000231 _____ () C:\ProgramData\Desktop\More Great Games.url
2014-08-19 08:24 - 2014-08-19 08:24 - 00000000 ____D () C:\Program Files (x86)\bfgclient
2014-08-19 08:22 - 2014-08-19 08:22 - 34483264 _____ (Big Fish Games) C:\Users\verna\Downloads\bfginstaller32_s1_l1.exe
2014-08-19 05:51 - 2014-08-19 05:51 - 00000000 ____D () C:\Program Files\Intel
2014-08-19 05:38 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 05:38 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 05:38 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-19 05:38 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 05:38 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 05:38 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 05:38 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 05:38 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 05:38 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 05:38 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-18 11:53 - 2014-08-28 06:30 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-18 11:53 - 2014-08-18 11:53 - 00000000 ____D () C:\Users\verna\AppData\Local\SlimWare Utilities Inc
2014-08-18 11:51 - 2014-08-18 11:51 - 00940352 _____ (SlimWare Utilities, Inc.) C:\Users\verna\Downloads\SlimDrivers-setup.exe
2014-08-18 06:38 - 2014-08-18 06:38 - 00000000 ____D () C:\Users\verna\SystemRequirementsLab
2014-08-18 06:33 - 2014-08-18 11:44 - 00000000 ____D () C:\Intel
2014-08-16 10:48 - 2014-09-11 14:56 - 00002355 _____ () C:\Users\verna\Documents\BlueScreenView.exe - Shortcut.lnk
2014-08-14 16:01 - 2014-07-12 10:58 - 00000562 _____ () C:\Users\verna\Documents\Reset_Gadgets.bat
2014-08-14 12:48 - 2014-09-01 07:41 - 00001794 _____ () C:\Users\verna\Documents\JRT.txt
2014-08-14 12:37 - 2014-08-14 12:37 - 00000000 ____D () C:\Windows\ERUNT
2014-08-14 12:36 - 2014-08-14 12:36 - 01016261 _____ (Thisisu) C:\Users\verna\Downloads\JRT.exe
2014-08-13 14:35 - 2014-08-13 14:35 - 00014259 _____ () C:\Users\verna\Documents\speccy.speccy
2014-08-13 14:34 - 2014-08-13 14:34 - 00000000 ____D () C:\Program Files\Speccy
2014-08-13 14:30 - 2014-09-03 08:58 - 00017031 _____ () C:\Users\verna\Downloads\Result.txt
2014-08-13 14:29 - 2014-08-13 14:29 - 00401920 _____ (Farbar) C:\Users\verna\Downloads\MiniToolBox.exe
2014-08-13 06:38 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 06:38 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 06:38 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 06:38 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 06:38 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 06:38 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 06:38 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 06:38 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 06:37 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 06:37 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 06:37 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 06:37 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 06:37 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 06:37 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 06:37 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 06:37 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 06:37 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 06:37 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 06:37 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 06:37 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 06:36 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 06:36 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 06:36 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 06:36 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 06:36 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 06:36 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 06:36 - 2014-07-08 22:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 06:36 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 06:36 - 2014-07-08 18:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 06:36 - 2014-07-08 18:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 12:54 - 2014-09-12 12:53 - 00037602 _____ () C:\Users\verna\Downloads\FRST.txt
2014-09-12 12:54 - 2014-09-12 12:53 - 00000000 ____D () C:\FRST
2014-09-12 12:52 - 2014-09-12 12:52 - 02105856 _____ (Farbar) C:\Users\verna\Downloads\FRST64.exe
2014-09-12 10:06 - 2014-05-06 15:35 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-09-12 07:00 - 2014-07-02 05:43 - 02004411 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 05:37 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-12 05:37 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-12 05:36 - 2009-07-14 01:13 - 00006684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-12 05:32 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-12 05:31 - 2014-07-31 05:30 - 00006664 _____ () C:\Windows\setupact.log
2014-09-11 17:47 - 2011-04-26 07:48 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-11 16:14 - 2014-06-18 05:30 - 00003342 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-11 16:13 - 2014-06-20 13:16 - 00003208 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-11 16:13 - 2014-06-10 05:31 - 00003364 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-11 16:13 - 2014-06-07 11:10 - 00003230 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-11 14:56 - 2014-08-16 10:48 - 00002355 _____ () C:\Users\verna\Documents\BlueScreenView.exe - Shortcut.lnk
2014-09-11 14:26 - 2014-09-11 14:40 - 00007669 _____ () C:\Users\verna\Documents\dds.zip
2014-09-11 14:20 - 2014-09-06 08:22 - 00008686 _____ () C:\Users\verna\Documents\attach.txt
2014-09-11 14:20 - 2014-09-06 08:01 - 00028826 _____ () C:\Users\verna\Documents\DDS.txt
2014-09-10 16:21 - 2012-07-02 06:35 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-09-10 10:35 - 2013-07-12 05:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 10:32 - 2011-04-29 07:08 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 10:31 - 2014-04-23 06:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 09:22 - 2014-09-10 09:17 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-09-10 09:18 - 2014-09-10 09:18 - 00000000 ____D () C:\Users\verna\AppData\Roaming\NCH Software
2014-09-10 09:18 - 2014-09-10 09:18 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-10 09:17 - 2014-09-10 09:17 - 00589888 _____ (NCH Software) C:\Users\verna\Downloads\prismpsetup.exe
2014-09-10 09:17 - 2014-09-10 09:17 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
2014-09-10 09:17 - 2014-09-10 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-09-10 09:13 - 2012-01-10 14:57 - 00012288 _____ () C:\Users\verna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-10 05:38 - 2014-09-10 05:38 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-09-09 15:19 - 2014-07-16 10:57 - 00000000 ____D () C:\Users\verna\AppData\Local\CrashDumps
2014-09-09 13:22 - 2012-03-13 09:28 - 00000000 ____D () C:\Users\verna\AppData\Roaming\RealNetworks
2014-09-09 13:22 - 2012-01-16 17:13 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Real
2014-09-09 13:22 - 2012-01-16 17:13 - 00000000 ____D () C:\ProgramData\Real
2014-09-09 13:22 - 2012-01-16 17:13 - 00000000 ____D () C:\Program Files (x86)\Real
2014-09-09 13:08 - 2014-09-09 13:08 - 01067216 _____ (RealNetworks, Inc.) C:\Users\verna\Downloads\RealPlayerCloud.exe
2014-09-09 13:07 - 2014-09-09 13:02 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-09-09 13:06 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\verna\Documents\Wondershare Video Converter Ultimate
2014-09-09 13:06 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\verna\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-09-09 13:06 - 2014-09-09 13:02 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-09-09 13:04 - 2014-09-09 13:04 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Wondershare Video Converter Ultimate
2014-09-09 13:03 - 2014-09-09 13:03 - 00000000 ____D () C:\Users\verna\AppData\Local\Wondershare
2014-09-09 12:52 - 2014-09-09 12:52 - 00000000 ____D () C:\Users\verna\Documents\Any Video Converter
2014-09-09 12:52 - 2012-10-07 10:48 - 00000000 ____D () C:\Users\verna\AppData\Roaming\AnvSoft
2014-09-09 12:28 - 2011-06-14 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-09-09 12:27 - 2014-09-09 12:27 - 58732312 _____ () C:\Users\verna\Downloads\DeskScapes_8.0.exe
2014-09-09 12:25 - 2014-09-09 12:25 - 00755160 _____ () C:\Users\verna\Downloads\deskscapes-setup.exe
2014-09-08 16:59 - 2014-09-08 16:59 - 00002265 _____ () C:\Program Files\INSTALL.LOG
2014-09-08 06:44 - 2014-09-08 06:43 - 00000000 ____D () C:\Users\verna\AppData\Roaming\HandBrake
2014-09-06 12:26 - 2014-07-29 13:01 - 00083528 _____ () C:\Users\verna\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-06 08:15 - 2014-09-06 08:16 - 00003251 _____ () C:\Users\verna\Documents\attach.zip
2014-09-06 07:53 - 2014-09-06 07:53 - 00688992 ____R (Swearware) C:\Users\verna\Downloads\dds.com
2014-09-05 20:53 - 2014-09-05 20:53 - 00000000 ____D () C:\ProgramData\GZ
2014-09-05 14:58 - 2014-09-05 14:58 - 00416328 _____ () C:\Windows\Minidump\090514-25662-01.dmp
2014-09-05 14:58 - 2011-08-15 16:06 - 00000000 ____D () C:\Windows\minidump
2014-09-05 14:57 - 2014-08-01 10:27 - 478861833 _____ () C:\Windows\MEMORY.DMP
2014-09-05 14:57 - 2014-07-31 05:29 - 00168244 _____ () C:\Windows\PFRO.log
2014-09-05 14:54 - 2014-09-05 14:52 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7b
2014-09-05 14:53 - 2014-09-05 14:53 - 00000968 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk
2014-09-05 14:53 - 2014-09-05 14:53 - 00000000 ____D () C:\ProgramData\Viewpoint
2014-09-05 14:53 - 2014-09-05 14:53 - 00000000 ____D () C:\Program Files (x86)\Viewpoint
2014-09-05 14:53 - 2014-08-31 08:24 - 00002830 ____H () C:\IPH.PH
2014-09-05 14:53 - 2014-08-24 06:32 - 00000000 ____D () C:\Users\verna\AppData\Roaming\AOL
2014-09-05 14:53 - 2014-08-24 06:31 - 00000000 ____D () C:\Users\verna\AppData\Local\AOL
2014-09-05 14:53 - 2014-08-24 06:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
2014-09-05 14:53 - 2014-07-18 09:41 - 00544897 _____ () C:\install.log
2014-09-05 14:52 - 2014-08-24 06:31 - 00000000 ____D () C:\ProgramData\AOL
2014-09-05 14:51 - 2011-04-25 19:28 - 00058696 _____ (AOL Inc.) C:\Windows\SysWOW64\AOLParconLink.exe
2014-09-05 13:44 - 2011-04-26 10:53 - 00000000 ____D () C:\Windows\pss
2014-09-05 11:19 - 2014-07-29 09:50 - 00367056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-05 11:15 - 2009-07-13 22:34 - 00000633 _____ () C:\Windows\win.ini
2014-09-05 11:07 - 2011-07-20 08:18 - 00006684 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-05 10:55 - 2009-07-14 01:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-05 10:22 - 2014-09-05 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-05 10:22 - 2014-09-05 10:22 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-05 06:23 - 2014-09-05 06:23 - 09526552 _____ () C:\Users\verna\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-09-05 05:57 - 2014-08-19 11:37 - 00000464 _____ () C:\Windows\Tasks\SlimDrivers Scan.job
2014-09-04 22:10 - 2014-09-10 10:30 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 22:05 - 2014-09-10 10:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 17:00 - 2013-06-23 09:35 - 00002942 _____ () C:\Windows\System32\Tasks\{11FEC0CA-C38F-456F-9CC4-8E8476601AAF}
2014-09-04 17:00 - 2013-06-15 06:35 - 00003398 _____ () C:\Windows\System32\Tasks\RunAsStdUser Task
2014-09-04 17:00 - 2012-02-14 09:40 - 00002942 _____ () C:\Windows\System32\Tasks\{036603A4-23A9-48FB-A39F-78B7CEA5FABF}
2014-09-04 16:59 - 2012-04-08 10:10 - 00002942 _____ () C:\Windows\System32\Tasks\{267ADEEB-48AE-43B1-A35B-706D1693D013}
2014-09-04 16:59 - 2012-02-20 14:59 - 00002942 _____ () C:\Windows\System32\Tasks\{345F7CC0-4165-425B-88FC-CAA54522774F}
2014-09-04 16:59 - 2012-02-14 09:24 - 00002942 _____ () C:\Windows\System32\Tasks\{39C81FAE-43B3-4A08-9B73-93CBF1FFB607}
2014-09-04 16:59 - 2012-02-14 09:22 - 00002942 _____ () C:\Windows\System32\Tasks\{1B34E1BF-F254-4C86-AF0C-65C4E2D71EEE}
2014-09-04 16:58 - 2014-08-08 07:31 - 00002962 _____ () C:\Windows\System32\Tasks\{49BE6B19-4CAC-4A1A-9D8C-26054E5383E3}
2014-09-04 16:58 - 2012-04-08 10:09 - 00002942 _____ () C:\Windows\System32\Tasks\{4402D029-6030-4BCD-B350-D5B27CF069C5}
2014-09-04 16:57 - 2014-08-08 16:08 - 00002962 _____ () C:\Windows\System32\Tasks\{56019EA8-16A4-48D6-9084-8C32D48A9DFF}
2014-09-04 16:57 - 2012-04-08 10:09 - 00002942 _____ () C:\Windows\System32\Tasks\{5205966C-5B24-435E-AAD2-18D8348A2B62}
2014-09-04 16:57 - 2012-02-19 07:15 - 00002950 _____ () C:\Windows\System32\Tasks\{53EE031D-08D1-4199-B9F4-689CAA4DCF23}
2014-09-04 16:56 - 2014-08-22 15:30 - 00002956 _____ () C:\Windows\System32\Tasks\{75F9459A-5A80-48A3-A05A-5DA5971760BB}
2014-09-04 16:56 - 2012-04-08 10:07 - 00002942 _____ () C:\Windows\System32\Tasks\{5BE57F62-597B-4317-A307-755A6FA63E92}
2014-09-04 16:55 - 2014-08-08 16:13 - 00002962 _____ () C:\Windows\System32\Tasks\{958370D3-DDCD-471E-B392-2A03E90F7A05}
2014-09-04 16:55 - 2012-09-02 10:04 - 00002960 _____ () C:\Windows\System32\Tasks\{7746BA6F-BE92-4773-8C7A-C4B61675166A}
2014-09-04 16:55 - 2012-02-20 15:00 - 00002942 _____ () C:\Windows\System32\Tasks\{991E9DA0-A52E-4463-853D-DD3D77B125A4}
2014-09-04 16:55 - 2012-02-19 07:16 - 00002950 _____ () C:\Windows\System32\Tasks\{7D46843A-B61E-4F4E-8D04-37B43EA1F4E2}
2014-09-04 16:55 - 2012-02-14 09:31 - 00002942 _____ () C:\Windows\System32\Tasks\{985DFBEB-F060-437A-A070-09049DA0B28B}
2014-09-04 16:54 - 2011-12-29 20:08 - 00002968 _____ () C:\Windows\System32\Tasks\{B69A720A-867C-436F-9A2F-262507D4E26C}
2014-09-04 16:54 - 2011-08-10 17:27 - 00002960 _____ () C:\Windows\System32\Tasks\{AE0699A5-68AC-4B86-B150-850370502F6D}
2014-09-04 16:54 - 2011-05-19 09:11 - 00002968 _____ () C:\Windows\System32\Tasks\{BD748774-EACD-4293-B092-A880C0DAD27C}
2014-09-04 16:53 - 2014-08-24 09:57 - 00002960 _____ () C:\Windows\System32\Tasks\{CE155773-BFE0-4954-A811-E85FA6D177F2}
2014-09-04 16:53 - 2013-11-30 14:35 - 00002934 _____ () C:\Windows\System32\Tasks\{CEDD825F-1E59-4C38-B163-910F492AB49D}
2014-09-04 16:53 - 2012-02-22 11:45 - 00002942 _____ () C:\Windows\System32\Tasks\{DAE14204-A17A-4C82-B952-365EBC4B7639}
2014-09-04 16:53 - 2012-02-20 14:59 - 00002942 _____ () C:\Windows\System32\Tasks\{C60FF8A8-F0B7-4038-ABC7-D48C71B5238A}
2014-09-04 16:53 - 2012-02-14 09:25 - 00002942 _____ () C:\Windows\System32\Tasks\{C8CEF682-708D-400C-82D2-C21FF58EFA57}
2014-09-04 16:52 - 2014-08-24 05:43 - 00002960 _____ () C:\Windows\System32\Tasks\{DB9356B6-B057-4F59-A8DD-2F4FFE8CC51E}
2014-09-04 16:52 - 2011-08-10 17:26 - 00002960 _____ () C:\Windows\System32\Tasks\{EC511D6D-B2AD-44E0-8808-76930E76B7A4}
2014-09-04 16:51 - 2014-08-19 11:37 - 00003336 _____ () C:\Windows\System32\Tasks\SlimDrivers Scan
2014-09-04 16:51 - 2013-11-30 14:35 - 00002934 _____ () C:\Windows\System32\Tasks\{FF3E44AC-5946-4318-A08B-312F0E56567B}
2014-09-04 16:50 - 2014-03-26 16:15 - 00003550 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-09-04 16:50 - 2012-12-02 17:02 - 00003342 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4004325891-3694787017-876815027-1001
2014-09-04 05:46 - 2014-09-04 05:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 16:21 - 2010-12-16 01:39 - 00000000 ____D () C:\Temp
2014-09-03 14:48 - 2014-09-03 14:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-03 14:47 - 2014-09-03 14:47 - 02347384 _____ (ESET) C:\Users\verna\Downloads\esetsmartinstaller_enu.exe
2014-09-03 14:40 - 2014-09-03 14:37 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:37 - 2014-09-03 14:37 - 01370467 _____ () C:\Users\verna\Downloads\AdwCleaner.exe
2014-09-03 08:59 - 2014-09-03 08:59 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\verna\Downloads\tdsskiller.exe
2014-09-03 08:58 - 2014-08-13 14:30 - 00017031 _____ () C:\Users\verna\Downloads\Result.txt
2014-09-03 08:48 - 2014-09-03 08:48 - 00195651 _____ () C:\ProgramData\1409748307.bdinstall.bin
2014-09-03 08:46 - 2014-09-03 08:46 - 00002174 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-09-03 08:46 - 2014-09-03 08:46 - 00002174 _____ () C:\ProgramData\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-09-03 08:46 - 2014-09-03 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-09-03 08:46 - 2014-09-03 08:45 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-03 08:45 - 2013-05-10 05:59 - 00000000 ____D () C:\Users\verna\AppData\Roaming\QuickScan
2014-09-03 08:42 - 2014-09-03 08:42 - 00045426 _____ () C:\ProgramData\1409748120.bdinstall.bin
2014-09-03 08:42 - 2014-09-03 08:42 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-09-03 07:57 - 2014-09-03 07:57 - 00096062 _____ () C:\ProgramData\1409745386.bdinstall.bin
2014-09-03 07:56 - 2014-09-03 07:56 - 00037823 _____ () C:\ProgramData\1409745385.bdinstall.bin
2014-09-01 13:38 - 2014-09-01 13:38 - 00000000 ____D () C:\BigFishCache
2014-09-01 07:41 - 2014-08-14 12:48 - 00001794 _____ () C:\Users\verna\Documents\JRT.txt
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Advanced
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Program Files\Shark007
2014-09-01 05:58 - 2014-09-01 05:58 - 00000000 ____D () C:\Program Files (x86)\Shark007
2014-09-01 05:58 - 2014-09-01 05:56 - 00000000 ____D () C:\ProgramData\Advanced
2014-09-01 05:58 - 2012-01-11 08:02 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-01 05:53 - 2014-09-01 05:53 - 51411389 _____ () C:\Users\verna\Downloads\ADVANCED_Codecs_v474.exe
2014-08-31 08:52 - 2014-08-31 08:52 - 00416328 ___RH () C:\Windows\Minidump\083114-20467-01.dmp
2014-08-31 08:50 - 2014-08-31 08:50 - 00416328 _____ () C:\Windows\Minidump\083114-17097-01.dmp
2014-08-31 08:30 - 2014-08-31 08:28 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7a
2014-08-31 08:07 - 2013-08-24 08:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-30 10:53 - 2014-08-30 10:53 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\verna\Downloads\revosetup.exe
2014-08-30 10:34 - 2014-08-20 11:38 - 00000000 ____D () C:\Program Files\WhoCrashed
2014-08-30 10:30 - 2014-08-30 10:28 - 00000000 ____D () C:\Program Files (x86)\PCPitstop
2014-08-30 10:29 - 2014-08-30 10:28 - 00000000 ____D () C:\ProgramData\PCPitstop
2014-08-30 09:20 - 2012-03-14 05:48 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-08-30 08:32 - 2014-08-30 08:31 - 00416328 _____ () C:\Windows\Minidump\083014-77704-01.dmp
2014-08-29 10:16 - 2013-12-16 22:38 - 01521024 _____ (MPC-BE Team) C:\Windows\system32\VSFilter.dll
2014-08-28 16:20 - 2014-06-23 15:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 07:22 - 2014-08-28 07:22 - 00197878 _____ () C:\ProgramData\1409224797.bdinstall.bin
2014-08-28 07:19 - 2014-08-28 07:19 - 10447328 _____ () C:\Users\verna\Downloads\Antivirus_Free_Edition_x64.exe
2014-08-28 07:18 - 2014-08-28 07:18 - 00162208 _____ () C:\Users\verna\Downloads\Antivirus_Free_Edition.exe
2014-08-28 06:30 - 2014-08-18 11:53 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-27 15:50 - 2014-08-27 15:45 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-08-26 06:35 - 2012-03-31 13:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-26 06:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-26 06:32 - 2011-09-09 17:00 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-08-25 06:53 - 2011-04-25 19:09 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-24 11:25 - 2014-08-24 11:25 - 00000000 ____D () C:\Users\verna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Boot Genius
2014-08-24 11:25 - 2014-08-24 11:25 - 00000000 ____D () C:\Program Files (x86)\Windows Boot Genius
2014-08-24 10:47 - 2014-08-24 10:46 - 00000000 ____D () C:\Users\verna\Downloads\WinDlg_v1_27
2014-08-24 06:42 - 2014-08-24 06:31 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7
2014-08-24 06:40 - 2014-08-24 06:30 - 00000196 _____ () C:\Windows\Tasks\RunAsStdUser Task.job
2014-08-24 06:31 - 2014-08-24 06:31 - 00000000 ____D () C:\ProgramData\AOL OCP
2014-08-24 06:31 - 2014-08-24 06:31 - 00000000 ____D () C:\Program Files (x86)\AOL
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\Users\verna\AppData\Roaming\KSafe
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\ProgramData\KSafe
2014-08-24 06:20 - 2014-08-24 06:20 - 00000000 ____D () C:\Program Files (x86)\MaxUtilities
2014-08-23 15:57 - 2012-01-18 11:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-23 15:23 - 2014-08-23 15:23 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-08-23 15:23 - 2011-07-04 09:03 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-08-22 22:07 - 2014-08-29 05:49 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-08-29 05:49 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 20:59 - 2014-08-29 05:49 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\Users\verna\AppData\Local\TaskManager
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Extended Task Manager
2014-08-22 15:47 - 2014-08-22 15:47 - 00000000 ____D () C:\Program Files\Free Extended Task Manager
2014-08-22 15:46 - 2014-08-22 15:46 - 11714981 _____ (Extensoft) C:\Users\verna\Downloads\FreeTaskManager.exe
2014-08-22 15:00 - 2014-08-22 15:03 - 00001146 _____ () C:\Users\verna\Documents\Rename.bat - Shortcut.lnk
2014-08-22 14:58 - 2014-08-22 14:58 - 00000109 _____ () C:\Users\verna\Documents\Rename.bat
2014-08-20 11:38 - 2014-08-20 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2014-08-20 10:42 - 2014-08-20 10:42 - 00398408 _____ () C:\Users\verna\Downloads\VzSpeedOptimizer100.exe
2014-08-20 10:12 - 2014-08-20 10:12 - 02707808 _____ (Resplendence Software Projects Sp. ) C:\Users\verna\Downloads\whocrashedSetup.exe
2014-08-19 14:05 - 2014-09-10 10:38 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 13:39 - 2014-09-10 10:38 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 08:24 - 2014-08-19 08:24 - 00001929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00001248 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000961 _____ () C:\Users\Public\Desktop\Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000961 _____ () C:\ProgramData\Desktop\Games.lnk
2014-08-19 08:24 - 2014-08-19 08:24 - 00000231 _____ () C:\Users\Public\Desktop\More Great Games.url
2014-08-19 08:24 - 2014-08-19 08:24 - 00000231 _____ () C:\ProgramData\Desktop\More Great Games.url
2014-08-19 08:24 - 2014-08-19 08:24 - 00000000 ____D () C:\Program Files (x86)\bfgclient
2014-08-19 08:22 - 2014-08-19 08:22 - 34483264 _____ (Big Fish Games) C:\Users\verna\Downloads\bfginstaller32_s1_l1.exe
2014-08-19 05:51 - 2014-08-19 05:51 - 00000000 ____D () C:\Program Files\Intel
2014-08-19 05:51 - 2013-03-03 18:15 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 05:40 - 2011-12-07 06:58 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-08-18 19:01 - 2014-09-10 10:38 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-18 18:29 - 2014-09-10 10:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 18:29 - 2014-09-10 10:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 18:26 - 2014-09-10 10:38 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-18 18:20 - 2014-09-10 10:38 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 18:19 - 2014-09-10 10:38 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 18:15 - 2014-09-10 10:38 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 18:15 - 2014-09-10 10:38 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 18:14 - 2014-09-10 10:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 18:14 - 2014-09-10 10:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 18:08 - 2014-09-10 10:38 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-18 18:08 - 2014-09-10 10:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 18:08 - 2014-09-10 10:38 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 18:05 - 2014-09-10 10:38 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 18:03 - 2014-09-10 10:38 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 18:03 - 2014-09-10 10:38 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 18:03 - 2014-09-10 10:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 17:57 - 2014-09-10 10:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 17:56 - 2014-09-10 10:38 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 17:51 - 2014-09-10 10:38 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 17:46 - 2014-09-10 10:38 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 17:45 - 2014-09-10 10:38 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 17:45 - 2014-09-10 10:38 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 17:44 - 2014-09-10 10:38 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 17:44 - 2014-09-10 10:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 17:42 - 2014-09-10 10:38 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 17:40 - 2014-09-10 10:38 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 17:39 - 2014-09-10 10:38 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 17:39 - 2014-09-10 10:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 17:39 - 2014-09-10 10:38 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 17:38 - 2014-09-10 10:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 17:37 - 2014-09-10 10:38 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 17:36 - 2014-09-10 10:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 17:35 - 2014-09-10 10:38 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 17:27 - 2014-09-10 10:38 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 17:25 - 2014-09-10 10:38 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 17:25 - 2014-09-10 10:38 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 17:23 - 2014-09-10 10:38 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 17:23 - 2014-09-10 10:38 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 17:22 - 2014-09-10 10:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 17:19 - 2014-09-10 10:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 17:17 - 2014-09-10 10:38 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 17:17 - 2014-09-10 10:38 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 17:16 - 2014-09-10 10:38 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 17:15 - 2014-09-10 10:38 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 17:15 - 2014-09-10 10:38 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 17:09 - 2014-09-10 10:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 17:08 - 2014-09-10 10:38 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 17:07 - 2014-09-10 10:38 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 16:55 - 2014-09-10 10:38 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 16:46 - 2014-09-10 10:38 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 16:38 - 2014-09-10 10:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 16:38 - 2014-09-10 10:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 16:36 - 2014-09-10 10:38 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-18 11:53 - 2014-08-18 11:53 - 00000000 ____D () C:\Users\verna\AppData\Local\SlimWare Utilities Inc
2014-08-18 11:53 - 2012-03-03 09:14 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-18 11:53 - 2012-03-03 09:14 - 00000000 ____D () C:\ProgramData\Documents\Downloaded Installers
2014-08-18 11:51 - 2014-08-18 11:51 - 00940352 _____ (SlimWare Utilities, Inc.) C:\Users\verna\Downloads\SlimDrivers-setup.exe
2014-08-18 11:44 - 2014-08-18 06:33 - 00000000 ____D () C:\Intel
2014-08-18 06:38 - 2014-08-18 06:38 - 00000000 ____D () C:\Users\verna\SystemRequirementsLab
2014-08-18 06:38 - 2011-04-25 19:36 - 00000000 ____D () C:\Users\verna
2014-08-18 06:33 - 2011-06-12 09:15 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-14 16:03 - 2011-10-19 06:50 - 00003234 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-08-14 12:37 - 2014-08-14 12:37 - 00000000 ____D () C:\Windows\ERUNT
2014-08-14 12:36 - 2014-08-14 12:36 - 01016261 _____ (Thisisu) C:\Users\verna\Downloads\JRT.exe
2014-08-14 06:42 - 2012-03-31 06:24 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 06:42 - 2011-09-08 18:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-13 14:35 - 2014-08-13 14:35 - 00014259 _____ () C:\Users\verna\Documents\speccy.speccy
2014-08-13 14:34 - 2014-08-13 14:34 - 00000000 ____D () C:\Program Files\Speccy
2014-08-13 14:29 - 2014-08-13 14:29 - 00401920 _____ (Farbar) C:\Users\verna\Downloads\MiniToolBox.exe
2014-08-13 06:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

Files to move or delete:
====================
C:\Users\verna\DTSGFXAPO64.dll


Some content of TEMP:
====================
C:\Users\verna\AppData\Local\Temp\AcsInstall.dll
C:\Users\verna\AppData\Local\Temp\aol-desktop.exe
C:\Users\verna\AppData\Local\Temp\bitool.dll
C:\Users\verna\AppData\Local\Temp\BullGuard Internet Security Setup.exe
C:\Users\verna\AppData\Local\Temp\ffmpeg19.exe
C:\Users\verna\AppData\Local\Temp\instSup.dll
C:\Users\verna\AppData\Local\Temp\jilst5pf.dll
C:\Users\verna\AppData\Local\Temp\lowproc.exe
C:\Users\verna\AppData\Local\Temp\npp.6.6.8.Installer.exe
C:\Users\verna\AppData\Local\Temp\Quarantine.exe
C:\Users\verna\AppData\Local\Temp\SAS6_Update.exe
C:\Users\verna\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\verna\AppData\Local\Temp\stubhelper.dll
C:\Users\verna\AppData\Local\Temp\wget.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-11-14 18:21

==================== End Of Log ============================



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,967 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:37 PM

Posted 14 September 2014 - 04:58 PM

Thanks on AOL. Regarding Post #10, you need to copy and paste the FRST program from the Downloads folder to the desktop.

Running from C:\Users\verna\Downloads

The fix will not work unless we do that.  Please move FRST to the Desktop then try Post #10 again.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 bobbymcgee

bobbymcgee
  • Topic Starter

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:08:37 PM

Posted 15 September 2014 - 11:06 AM

Greetings, I must be doing something wrong,did as requested regarding Post#10, (moved FRST to desktop repeated as requested ,hit fix once, said file not found.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users