Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer Crashes or Shuts Down without Warning

Started by periwinkle , Jun 30 2014 07:22 PM

  • Please log in to reply

#16
periwinkle
Posted 06 July 2014 - 12:48 PM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts

Are you still having shut down / restart issues too ? What if you tried another browser to do the OTL thing ?

I'm not having shut down/restart issues lately.  The shutting down thing is so random.  It will do it frequently for a short while, then it's okay for some time, like a month or so.  Then it starts again.  It has not shut down on its own lately though - not since we've been working on it.  My cat did walk on the power strip and I thought it was shutting down on its own, but the box fan also went off and then both went back on immediately as I think he toggled the power strip for just a moment.  My computer stayed on after that though.  It did give me a scare though!


  • 0

Advertisements

#17
zep516
Posted 06 July 2014 - 07:30 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

You're getting Low on free space, Windows should have 20% free space.
Drive C: | 580.72 Gb Total Space | 62.23 Gb Free Space | 10.72% Space Free | Partition Type: NTFS

To create more free space:

Remove programs you don't use, move photos, videos etc to another drive. You need to start taking care of that, and you should remove 1 of those Anti Virus programs.

We need to fix a Chrome extension because it's adware, can cause adds to pop up and interfere with browsing experience in general see below to do that.

Note CHR - Extension: GetSavin = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl\5.0_0\

1 Remove GetSavin extension from Google Chrome

Click the Chrome menu Chrome menu button on the browser toolbar, select Tools and then click on Extensions.

In the Extensions tab, remove GetSavin by clicking on the Recycle Bin at the end of the row.

Next

Please remove these programs, from your programs & Features list:
1-iLivid
2-GetSavin

Next

We need to do another fix to delete some files using OTL
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


    :COMMANDS
[CREATERESTOREPOINT]

:OTL
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O8:64bit: - Extra context menu item: &Search - ?p=GRfox000 File not found
O8 - Extra context menu item: &Search - ?p=GRfox000 File not found
IE - HKLM\..\SearchScopes\{A0B271A9-D8AA-8E74-7392-2164D6A1C03C}: "URL" = http://www.iesearch....q={searchTerms}
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O1364bit: - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

:Files
netsh int ip reset c:\resetlog.txt /c
ipconfig /flushdns /c
ipconfig /release /c
ipconfig /renew /c 


:Commands

[emptytemp]
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.
In your next reply post.

1-OTL Fix log
2-New Otl log after quick scan

Joe
  • 0

#18
periwinkle
Posted 06 July 2014 - 09:15 PM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts

Joe, I cannot find ilivid in my program files or applications.  I did a search in the two program files areas, also in the control panel programs and a general search of my computer and the only thing that turned up was an empty folder labeled "ilivid".  I'm certain I tried to get rid of this one before.  

 

Freeing up some space is gonna take some time.  I bought a terabyte drive a long time ago and it's still inside the box.  Guess it's time to take it out and transfer all my photos...I still am not seeing my J: & K: drives being recognized when I click on "computer", but they're both inside my computer physically.  Any idea how they "disappeared"?
 

 

Here is the OTL log after the fix:

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0B271A9-D8AA-8E74-7392-2164D6A1C03C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0B271A9-D8AA-8E74-7392-2164D6A1C03C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001\ deleted successfully.
File move failed. C:\Windows\SysNative\plsapp64.dll scheduled to be moved on reboot.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002\ deleted successfully.
File move failed. C:\Windows\SysNative\plsapp64.dll scheduled to be moved on reboot.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003\ deleted successfully.
File move failed. C:\Windows\SysNative\plsapp64.dll scheduled to be moved on reboot.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004\ deleted successfully.
File move failed. C:\Windows\SysNative\plsapp64.dll scheduled to be moved on reboot.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000015\ deleted successfully.
File move failed. C:\Windows\SysNative\plsapp64.dll scheduled to be moved on reboot.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
========== FILES ==========
< netsh int ip reset c:\resetlog.txt /c >
Reseting Echo Request, failed.
Access is denied.
Reseting Interface, OK!
A reboot is required to complete this action.
C:\Users\Veronica\Desktop\cmd.bat deleted successfully.
C:\Users\Veronica\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Veronica\Desktop\cmd.bat deleted successfully.
C:\Users\Veronica\Desktop\cmd.txt deleted successfully.
< ipconfig /release /c >
Windows IP Configuration
Wireless LAN adapter Wireless Network Connection:
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : fd00::49ff:ad8f:4e1d:1b44
   Temporary IPv6 Address. . . . . . : fd00::40ed:e25e:70cd:9ba
   Link-local IPv6 Address . . . . . : fe80::49ff:ad8f:4e1d:1b44%11
   Default Gateway . . . . . . . . . : 
Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : fd00::c523:fe48:8194:1f62
   Temporary IPv6 Address. . . . . . : fd00::5c23:f496:e20c:b0a9
   Link-local IPv6 Address . . . . . : fe80::c523:fe48:8194:1f62%10
   Default Gateway . . . . . . . . . : 
Tunnel adapter Local Area Connection* 6:
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:10d7:1769:3f57:fffd
   Link-local IPv6 Address . . . . . : fe80::10d7:1769:3f57:fffd%12
   Default Gateway . . . . . . . . . : 
Tunnel adapter Local Area Connection* 7:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
Tunnel adapter Local Area Connection* 11:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
C:\Users\Veronica\Desktop\cmd.bat deleted successfully.
C:\Users\Veronica\Desktop\cmd.txt deleted successfully.
< ipconfig /renew /c  >
Windows IP Configuration
Wireless LAN adapter Wireless Network Connection:
   Connection-specific DNS Suffix  . : Home
   IPv6 Address. . . . . . . . . . . : fd00::49ff:ad8f:4e1d:1b44
   Temporary IPv6 Address. . . . . . : fd00::40ed:e25e:70cd:9ba
   Link-local IPv6 Address . . . . . : fe80::49ff:ad8f:4e1d:1b44%11
   IPv4 Address. . . . . . . . . . . : 192.168.0.5
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  . : Home
   IPv6 Address. . . . . . . . . . . : fd00::c523:fe48:8194:1f62
   Temporary IPv6 Address. . . . . . : fd00::5c23:f496:e20c:b0a9
   Link-local IPv6 Address . . . . . : fe80::c523:fe48:8194:1f62%10
   IPv4 Address. . . . . . . . . . . : 192.168.0.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
Tunnel adapter Local Area Connection* 6:
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:83e:3229:3f57:fffd
   Link-local IPv6 Address . . . . . : fe80::83e:3229:3f57:fffd%12
   Default Gateway . . . . . . . . . : 
Tunnel adapter Local Area Connection* 7:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
Tunnel adapter Local Area Connection* 11:
   Connection-specific DNS Suffix  . : Home
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.2%14
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.5%14
   Default Gateway . . . . . . . . . : 
C:\Users\Veronica\Desktop\cmd.bat deleted successfully.
C:\Users\Veronica\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Veronica
->Temp folder emptied: 5298293 bytes
->Temporary Internet Files folder emptied: 48346 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 94906379 bytes
->Flash cache emptied: 249 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10961788 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 106.00 mb
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.
 
OTL by OldTimer - Version 3.2.69.0 log created on 07062014_191507
 
Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\plsapp64.dll scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
 
 
Here is the OTL quick scan:
 

OTL logfile created on: 7/6/2014 7:33:03 PM - Run 8
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Veronica\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 41.07% Memory free
7.70 Gb Paging File | 5.01 Gb Available in Paging File | 65.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.72 Gb Total Space | 62.62 Gb Free Space | 10.78% Space Free | Partition Type: NTFS
Drive D: | 15.45 Gb Total Space | 7.90 Gb Free Space | 51.14% Space Free | Partition Type: NTFS
 
Computer Name: VERONICA-PC | User Name: Veronica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Veronica\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
PRC - C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
PRC - C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)
PRC - C:\Program Files (x86)\AGI\core\4.2.0.10752\AGCoreService.exe (AG Interactive)
PRC - C:\Program Files (x86)\Webshots\Webshots.scr (Webshots.com)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
PRC - C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
PRC - C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
MOD - C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (LavasoftAdAwareService11) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AGCoreService) -- C:\Program Files (x86)\AGI\core\4.2.0.10752\AGCoreService.exe (AG Interactive)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\DRIVERS\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (hcdriver) -- C:\Windows\SysNative\DRIVERS\hcdriver.sys (Intel Corporation)
DRV:64bit: - (ZCLDRV) -- C:\Windows\SysNative\DRIVERS\ZclDrv64.sys (TechnoScope Co., Ltd.)
DRV:64bit: - (amdide64) -- C:\Windows\SysNative\DRIVERS\amdide64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV:64bit: - (amdkmafd) -- C:\Windows\SysNative\DRIVERS\amdkmafd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\DRIVERS\LPCFilter.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW86.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\DRIVERS\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (74385989) -- C:\Windows\SysNative\DRIVERS\74385989.sys (Kaspersky Lab ZAO)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\DRIVERS\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (BlackBox) -- C:\Windows\SysNative\blackbox.dll (Microsoft Corporation)
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (Pnp680) -- C:\Windows\SysNative\DRIVERS\pnp680.sys (Silicon Image, Inc)
DRV:64bit: - (PAC7302) -- C:\Windows\SysNative\DRIVERS\PAC7302.SYS (PixArt Imaging Inc.)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys (Conexant Systems, Inc.)
DRV:64bit: - (CAXHWBS2) -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV:64bit: - (BCM43XV) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV - (Normandy) -- C:\Windows\SysWow64\drivers\Normandy.sys ()
DRV - (BlackBox) -- C:\Windows\SysWow64\drivers\BlackBox.sys ()
DRV - (IDSvia64) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081023.002\IDSviA64.sys (Symantec Corporation)
DRV - (RTL8187B) -- C:\Windows\SysWOW64\drivers\rtl8187B.sys (Realtek Semiconductor Corporation                           )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page Restore = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\..\SearchScopes,DefaultScope = {0BC6E3FA-78EF-4886-842C-5A1258C4455A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch...81A9653B9CFE3B7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {DAAF7918-570D-4407-A264-57D857AE91E9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{DAAF7918-570D-4407-A264-57D857AE91E9}: "URL" = http://www.google.co...ie7&rlz=1I7GWYE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/06/19 17:20:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/06 03:30:36 | 000,000,000 | ---D | M]
 
[2010/04/30 22:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Extensions
[2010/04/30 22:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/06 15:36:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\25qs7hd5.default-1404101501971\extensions
[2014/07/06 15:36:12 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\25qs7hd5.default-1404101501971\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/07/06 03:31:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/04/06 07:40:00 | 000,182,936 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMcAfeeSRPlgn.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: McAfeeScanAndRepair (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\plugins\npMcAfeeSRPlgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java Deployment Toolkit 7.0.550.13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U55 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: Google Wallet = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/07/06 03:44:45 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [BrowserPlugInHelper] "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe" File not found
O4 - HKLM..\Run: [ButtonMonitor] C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [Facebook Update] "C:\Users\Veronica\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)
O4 - HKCU..\Run: [RSD_HDDThermo] C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.maricopa....in/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FBEC332-55DA-4912-8DF7-4AB47DEDE417}: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FBEC332-55DA-4912-8DF7-4AB47DEDE417}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB6D127E-1638-46AA-BE60-19496E8DBAD3}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Veronica\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Veronica\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/16 07:49:12 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/06 15:39:30 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\LavasoftStatistics
[2014/07/06 15:39:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/07/06 15:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/07/06 15:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2014/07/06 15:36:34 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Local\adawarebp
[2014/07/06 15:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2014/07/06 15:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2014/07/06 12:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/07/06 03:38:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/06 03:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/05 20:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/07/05 20:10:55 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2014/07/05 20:10:54 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/07/05 20:10:50 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014/07/05 20:10:50 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014/07/05 20:10:49 | 000,724,728 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2014/07/05 20:10:49 | 000,246,008 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2014/07/05 20:10:49 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014/07/05 20:10:49 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014/07/05 20:10:48 | 001,048,824 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2014/07/05 20:10:48 | 000,889,592 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2014/07/05 20:10:48 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2014/07/05 20:10:47 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2014/07/05 20:10:47 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2014/07/05 20:10:47 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2014/07/05 20:10:40 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014/07/05 20:10:40 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014/07/05 20:10:40 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014/07/05 20:10:40 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014/07/05 20:10:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014/07/05 20:10:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014/07/05 20:10:14 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2014/07/05 20:10:14 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2014/07/05 20:10:13 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2014/07/05 20:10:13 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2014/07/05 20:10:13 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2014/07/05 20:10:12 | 005,751,048 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2014/07/05 20:10:12 | 000,942,384 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2014/07/05 20:10:11 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2014/07/05 20:10:10 | 012,894,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2014/07/05 20:10:09 | 000,956,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2014/07/05 20:10:08 | 003,959,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnN64.dll
[2014/07/05 20:10:08 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2014/07/05 20:10:06 | 028,343,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll
[2014/07/05 20:10:00 | 014,863,448 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2014/07/05 20:09:58 | 001,934,424 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2014/07/05 20:09:57 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/07/05 20:09:56 | 001,317,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2014/07/05 20:09:56 | 001,063,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/07/05 20:09:56 | 000,900,696 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
[2014/07/05 20:09:55 | 001,168,472 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2014/07/05 20:09:55 | 001,136,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2014/07/05 20:09:55 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2014/07/05 20:09:55 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2014/07/05 20:09:55 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014/07/05 20:09:54 | 000,291,488 | ---- | C] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2014/07/05 20:09:53 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/07/05 20:09:52 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2014/07/05 20:09:52 | 000,501,184 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2014/07/05 20:09:52 | 000,415,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2014/07/05 20:09:51 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2014/07/05 20:09:51 | 000,487,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2014/07/05 20:09:50 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2014/07/05 20:09:50 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2014/07/05 20:09:50 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2014/07/05 20:09:50 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2014/07/05 20:09:49 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2014/07/05 20:09:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2014/07/05 20:09:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2014/07/05 20:09:49 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2014/07/05 20:09:48 | 006,218,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2014/07/05 20:09:48 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2014/07/05 20:09:48 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2014/07/05 20:09:47 | 000,315,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2014/07/05 20:09:46 | 001,939,800 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2014/07/05 20:09:46 | 000,261,464 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2014/07/05 20:09:44 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2014/07/04 18:39:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Veronica\Desktop\OTL.exe
[2014/07/03 01:57:17 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\spelling
[2014/07/03 01:56:56 | 000,000,000 | ---D | C] -- C:\Users\Veronica\.lawson
[2014/07/03 01:56:47 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\repository
[2014/07/02 22:34:48 | 000,031,024 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\LPCFilter.sys
[2014/07/01 18:38:24 | 000,425,472 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\Zcl64.dll
[2014/07/01 18:38:24 | 000,071,680 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\drivers\ZCLDrv64.sys
[2014/07/01 18:38:24 | 000,042,496 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\ZclDrv64.dll
[2014/07/01 18:38:24 | 000,036,352 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysWow64\ZclDrv.dll
[2014/07/01 18:38:23 | 000,393,216 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysWow64\Zcl.dll
[2014/07/01 18:38:23 | 000,040,960 | ---- | C] (TechnoScope) -- C:\Windows\SysWow64\Ccm.dll
[2014/07/01 07:34:19 | 000,390,112 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk60x64.sys
[2014/06/30 23:47:21 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Documents\My Drivers
[2014/06/30 20:13:27 | 000,826,368 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_64.dll
[2014/06/30 20:12:29 | 000,054,784 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/06/30 20:12:29 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/06/30 20:10:57 | 000,110,080 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\DelayAPO.dll
[2014/06/30 00:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2014/06/30 00:49:12 | 000,000,000 | ---D | C] -- C:\cpqsystem
[2014/06/29 21:21:52 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\DriverMax Recommended Drivers
[2014/06/29 21:20:57 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\AdAware Scans
[2014/06/29 21:11:58 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\Old Firefox Data
[2014/06/29 19:30:27 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Local\Innovative Solutions
[2014/06/29 19:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2014/06/29 19:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions
[2014/06/29 18:17:36 | 005,288,408 | ---- | C] (Innovative Solutions                                        ) -- C:\Users\Veronica\Desktop\drivermax_7_34_cnet.exe
[2014/06/28 00:47:31 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\ImgBurn
[2014/06/28 00:31:03 | 000,439,296 | ---- | C] (Sendori) -- C:\Windows\SysNative\plsapp64.dll
[2014/06/28 00:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2014/06/28 00:25:48 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\OpenCandy
[2014/06/27 23:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Memory Test
[2014/06/27 23:56:06 | 003,469,871 | ---- | C] (LIGHTNING UK!) -- C:\Users\Veronica\Desktop\SetupImgBurn_2.5.8.0.exe
[2014/06/26 22:19:18 | 094,714,880 | ---- | C] (AVAST Software) -- C:\Users\Veronica\Desktop\avast_free_antivirus_setup.exe
[2014/06/25 21:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWMonitor
[2014/06/25 21:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2014/06/25 21:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2014/06/25 20:58:24 | 002,668,480 | ---- | C] (Resplendence Software Projects Sp.                          ) -- C:\Users\Veronica\Desktop\whocrashedSetup.exe
[2014/06/25 20:37:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[4 C:\Users\Veronica\Documents\*.tmp files -> C:\Users\Veronica\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/06 19:22:25 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/07/06 19:22:01 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/06 19:22:01 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/06 19:21:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/06 19:21:50 | 4025,667,584 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/06 18:11:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000UA.job
[2014/07/06 17:59:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/06 16:20:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000UA.job
[2014/07/06 12:37:55 | 001,707,144 | ---- | M] () -- C:\Users\Veronica\Desktop\Adaware_Installer.exe
[2014/07/06 12:27:18 | 000,000,084 | -H-- | M] () -- C:\aaw7boot.cmd
[2014/07/06 10:10:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000Core.job
[2014/07/06 07:19:59 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000Core.job
[2014/07/06 03:35:59 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2014/07/05 20:16:07 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2014/07/05 20:12:51 | 000,707,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/05 20:12:51 | 000,607,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/05 20:12:51 | 000,105,046 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/05 13:18:43 | 002,909,752 | ---- | M] () -- C:\Users\Veronica\Desktop\Gia Video July 2014.AVI
[2014/07/04 20:23:58 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2014/07/04 20:23:58 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2014/07/04 18:39:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Veronica\Desktop\OTL.exe
[2014/07/04 13:19:46 | 000,393,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/03 19:45:10 | 000,000,823 | ---- | M] () -- C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2014/07/01 01:05:38 | 000,000,732 | ---- | M] () -- C:\Users\Veronica\AppData\Local\d3d9caps64.dat
[2014/06/29 19:30:27 | 000,001,040 | ---- | M] () -- C:\Users\Veronica\Desktop\DriverMax.lnk
[2014/06/29 19:16:28 | 000,190,178 | ---- | M] () -- C:\Users\Veronica\Desktop\PitStop Results.jpg
[2014/06/29 18:17:38 | 005,288,408 | ---- | M] (Innovative Solutions                                        ) -- C:\Users\Veronica\Desktop\drivermax_7_34_cnet.exe
[2014/06/28 00:25:52 | 000,001,699 | ---- | M] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,675 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2014/06/27 23:56:07 | 003,469,871 | ---- | M] (LIGHTNING UK!) -- C:\Users\Veronica\Desktop\SetupImgBurn_2.5.8.0.exe
[2014/06/27 23:53:17 | 000,069,043 | ---- | M] () -- C:\Users\Veronica\Desktop\memtest86+-4.20.iso.zip
[2014/06/26 22:20:43 | 094,714,880 | ---- | M] (AVAST Software) -- C:\Users\Veronica\Desktop\avast_free_antivirus_setup.exe
[2014/06/25 21:21:48 | 000,158,387 | ---- | M] () -- C:\Users\Veronica\Desktop\Speedfan Results.jpg
[2014/06/25 21:17:34 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/06/25 21:00:26 | 001,141,408 | ---- | M] (                                                            ) -- C:\Users\Veronica\Desktop\hwmonitor_1.25-setup.exe
[2014/06/25 20:58:26 | 002,668,480 | ---- | M] (Resplendence Software Projects Sp.                          ) -- C:\Users\Veronica\Desktop\whocrashedSetup.exe
[2014/06/25 20:36:29 | 000,141,480 | ---- | M] () -- C:\Users\Veronica\Desktop\bluescreenview_setup.exe
[2014/06/17 16:08:18 | 001,205,934 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/06/10 21:53:41 | 000,002,112 | ---- | M] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/08 07:58:00 | 002,852,480 | ---- | M] () -- C:\Windows\SysWow64\aticldxva.cap
[2014/06/08 07:58:00 | 002,818,784 | ---- | M] () -- C:\Windows\SysNative\aticldx6a.cap
[2014/06/08 07:58:00 | 000,550,456 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014/06/08 07:58:00 | 000,550,456 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2014/06/08 07:58:00 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/06/08 07:58:00 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2014/06/08 07:58:00 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/06/08 07:58:00 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2014/06/08 07:58:00 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\atitmp64.dll
[4 C:\Users\Veronica\Documents\*.tmp files -> C:\Users\Veronica\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/06 17:45:01 | 006,416,928 | ---- | C] () -- C:\Windows\System\DriveIcon.dll
[2014/07/06 15:39:24 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/07/06 12:37:27 | 001,707,144 | ---- | C] () -- C:\Users\Veronica\Desktop\Adaware_Installer.exe
[2014/07/06 12:27:18 | 000,000,084 | -H-- | C] () -- C:\aaw7boot.cmd
[2014/07/05 20:16:07 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/07/05 20:10:51 | 002,119,472 | ---- | C] () -- C:\Windows\SysNative\SStudio.dll
[2014/07/05 20:10:47 | 005,804,772 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2014/07/05 20:10:38 | 001,205,934 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/07/05 20:09:42 | 000,096,568 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2014/07/05 20:09:41 | 000,109,848 | ---- | C] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2014/07/05 13:18:39 | 002,909,752 | ---- | C] () -- C:\Users\Veronica\Desktop\Gia Video July 2014.AVI
[2014/07/04 13:19:25 | 4025,667,584 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/30 20:13:27 | 000,230,912 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2014/06/30 20:13:27 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/06/30 20:13:27 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2014/06/30 20:13:27 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/06/30 20:13:27 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2014/06/30 20:13:13 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\atitmp64.dll
[2014/06/30 20:13:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014/06/30 20:13:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2014/06/30 20:12:39 | 002,852,480 | ---- | C] () -- C:\Windows\SysWow64\aticldxva.cap
[2014/06/30 20:12:38 | 002,818,784 | ---- | C] () -- C:\Windows\SysNative\aticldx6a.cap
[2014/06/30 20:12:30 | 000,550,456 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014/06/30 20:12:30 | 000,550,456 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2014/06/30 20:12:28 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as.exe
[2014/06/30 20:12:28 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld.exe
[2014/06/30 20:12:28 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld.exe
[2014/06/30 20:12:27 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as.exe
[2014/06/29 19:30:27 | 000,001,040 | ---- | C] () -- C:\Users\Veronica\Desktop\DriverMax.lnk
[2014/06/29 19:16:27 | 000,190,178 | ---- | C] () -- C:\Users\Veronica\Desktop\PitStop Results.jpg
[2014/06/28 00:25:52 | 000,001,699 | ---- | C] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,687 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,675 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2014/06/28 00:09:15 | 001,839,104 | ---- | C] () -- C:\Users\Veronica\Desktop\mt420.iso
[2014/06/27 23:53:07 | 000,069,043 | ---- | C] () -- C:\Users\Veronica\Desktop\memtest86+-4.20.iso.zip
[2014/06/25 21:21:47 | 000,158,387 | ---- | C] () -- C:\Users\Veronica\Desktop\Speedfan Results.jpg
[2014/06/25 21:00:24 | 001,141,408 | ---- | C] (                                                            ) -- C:\Users\Veronica\Desktop\hwmonitor_1.25-setup.exe
[2014/06/25 20:35:50 | 000,141,480 | ---- | C] () -- C:\Users\Veronica\Desktop\bluescreenview_setup.exe
[2012/10/25 01:12:15 | 000,727,952 | ---- | C] () -- C:\Windows\SysWow64\WSCM64.dll
[2012/10/16 00:41:08 | 139,883,880 | ---- | C] () -- C:\Users\Veronica\Kaspersky Online Scanner.exe
[2012/06/13 09:21:43 | 000,151,166 | ---- | C] () -- C:\ProgramData\1339604266.bdinstall.bin
[2012/06/08 04:28:08 | 000,148,808 | ---- | C] () -- C:\ProgramData\1339154345.bdinstall.bin
[2012/06/07 20:55:06 | 000,224,937 | ---- | C] () -- C:\ProgramData\1339125945.bdinstall.bin
[2011/12/04 22:42:09 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/10/18 22:10:03 | 000,000,732 | ---- | C] () -- C:\Users\Veronica\AppData\Local\d3d9caps64.dat
[2010/03/27 01:20:09 | 000,000,000 | ---- | C] () -- C:\Users\Veronica\AppData\Local\prvlcl.dat
[2009/09/03 17:56:18 | 000,072,080 | ---- | C] () -- C:\Users\Veronica\g2mdlhlpx.exe
[2008/10/27 04:41:56 | 000,007,649 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2008/10/20 06:09:47 | 000,000,139 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2008/09/03 08:32:00 | 000,000,873 | ---- | C] () -- C:\Program Files (x86)\WinRAR.lnk
[2008/08/30 21:45:48 | 000,001,356 | ---- | C] () -- C:\Users\Veronica\AppData\Local\d3d9caps.dat
[2008/08/29 04:24:49 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/08/28 17:13:44 | 000,189,952 | ---- | C] () -- C:\Users\Veronica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 09:30:37 | 012,900,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 06:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2008/12/16 15:27:35 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\agi
[2013/12/30 22:23:35 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Audacity
[2010/02/20 01:12:51 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\AVG9
[2011/08/15 18:28:14 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\BeadTool
[2011/08/18 13:11:50 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\BitTorrent
[2011/08/03 23:44:04 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Cache
[2010/03/14 01:17:24 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Desktopicon
[2013/07/14 23:35:00 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Dropbox
[2011/07/26 14:12:49 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\eFax Messenger
[2008/08/23 23:13:31 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\HDD Thermometer
[2014/06/29 02:19:12 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\ImgBurn
[2011/07/26 14:15:24 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\j2 Global
[2013/06/17 21:47:20 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Lawson
[2011/10/08 18:33:04 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\MP3SkypeRecorder
[2009/11/25 21:08:44 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\NCH Swift Sound
[2014/06/29 19:30:23 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\OpenCandy
[2013/10/29 21:25:05 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Oracle
[2009/03/18 14:23:42 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\OverDrive
[2012/06/07 20:21:43 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\QuickScan
[2009/10/20 03:59:29 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Recordpad
[2014/07/03 01:56:47 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\repository
[2010/07/03 07:30:37 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Returnil
[2014/07/03 01:57:17 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\spelling
[2008/08/24 00:39:26 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Webshots
[2012/10/25 01:13:33 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Wondershare Video Converter Ultimate
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011/10/24 15:21:29 | 000,010,039 | ---- | M] ()(C:\Users\Veronica\Documents\? Om Symbol.docx) -- C:\Users\Veronica\Documents\ॐ Om Symbol.docx
[2011/10/24 15:21:22 | 000,010,039 | ---- | C] ()(C:\Users\Veronica\Documents\? Om Symbol.docx) -- C:\Users\Veronica\Documents\ॐ Om Symbol.docx
 
< End of report >
 
 
 

Edited by periwinkle, 06 July 2014 - 09:16 PM.

  • 0

#19
zep516
Posted 06 July 2014 - 09:27 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
OK.

Not sure about J& K Drives. Let me look the log over in the mean time. The scan below may show the drives.

Please download Listparts from here--> http://www.bleepingc...istparts/dl/78/ Save the file to the desktop and:

Run the tool, click Scan and post the log (Result.txt) it makes.

Running 2 Anti Virus programs can make for problems so make a decision on what one you will uninstall let me know about that.
  • 0

#20
periwinkle
Posted 06 July 2014 - 09:40 PM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts

Running 2 Anti Virus programs can make for problems so make a decision on what one you will uninstall let me know about that.

 

 

I got rid of Avira, so I only have AdAware now.  

 

Here is the scan by ListParts:  

 

ListParts by Farbar Version: 17-04-2014
Ran by Veronica (administrator) on 06-07-2014 at 20:34:35
Windows Vista (X64)
Running From: C:\Users\Veronica\Desktop
Language: 0409
************************************************************
 
========================= Memory info ====================== 
 
Percentage of memory in use: 75%
Total physical RAM: 3838.27 MB
Available physical RAM: 942.28 MB
Total Pagefile: 7883.02 MB
Available Pagefile: 3790.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
 
======================= Partitions =========================
 
1 Drive c: (Partition_1) (Fixed) (Total:580.72 GB) (Free:62.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (Recovery) (Fixed) (Total:15.45 GB) (Free:7.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
  Disk ###  Status      Size     Free     Dyn  Gpt
  --------  ----------  -------  -------  ---  ---
  Disk 0    Online       596 GB      0 B         
  Disk 1    No Media        0 B      0 B         
  Disk 2    No Media        0 B      0 B         
  Disk 3    No Media        0 B      0 B         
  Disk 4    No Media        0 B      0 B         
 
Partitions of Disk 0:
===============
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary             15 GB    32 KB
  Partition 2    Primary            581 GB    15 GB
 
======================================================================================================
 
Disk: 0
Partition 1
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     D   Recovery     NTFS   Partition     15 GB  Healthy            
 
======================================================================================================
 
Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     C   Partition_1  NTFS   Partition    581 GB  Healthy    System (partition with boot components)  
 
======================================================================================================
============================== MBR Partition Table ==================
 
==============================
Partitions of Disk 0:
===============
Disk ID: CF22C39A
Partition 1: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=581 GB) - (Type=07 NTFS)
 
 
****** End Of Log ****** 
 

Edited by periwinkle, 06 July 2014 - 09:44 PM.

  • 0

#21
zep516
Posted 06 July 2014 - 09:51 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Thanks.

Lets keep looking at the malware and get back to the drive issue.

SO

Another fix is needed. And we will run 2 more tools, adwCleaner and jrt see below:

Next

We need to do a fix to delete some files using OTL
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


    :COMMANDS
[CREATERESTOREPOINT]

:OTL
IE - HKCU\..\URLSearchHook: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - No CLSID value found
O2 - BHO: (no name) - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4 - HKCU..\Run: [Facebook Update] "C:\Users\Veronica\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found

:Files

C:\Windows\SysNative\plsapp64.dll
C:\Users\Veronica\AppData\Roaming\OpenCandy

:Commands

[emptytemp]
[resethosts]
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.
  • Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the Report button and the report will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner
    Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    In your next reply post:

    1- OTL fix log
    2- New OTL after quick scan
    3- Adwcleaner[s1] .txt
    4- JRT.txt.

    Thanks
    Joe :)





  • 0

#22
periwinkle
Posted 06 July 2014 - 10:05 PM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts


  • thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts.

 

Do you want me to turn off AdAware?  I don't know how to turn it off.  I just downloaded AdAware AV, so it's no longer just the little Internet Security tool that I used to have, which I knew how to turn off.


  • 0

#23
zep516
Posted 06 July 2014 - 10:12 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Go ahead an run JRT, you should be ok
  • 0

#24
periwinkle
Posted 07 July 2014 - 01:54 AM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts

Here's the OTL After the Fix Scan:  

 

OTL logfile created on: 7/6/2014 4:12:33 AM - Run 7

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Veronica\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 24.75% Memory free
7.71 Gb Paging File | 4.36 Gb Available in Paging File | 56.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.72 Gb Total Space | 62.23 Gb Free Space | 10.72% Space Free | Partition Type: NTFS
Drive D: | 15.45 Gb Total Space | 7.90 Gb Free Space | 51.14% Space Free | Partition Type: NTFS
 
Computer Name: VERONICA-PC | User Name: Veronica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Veronica\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\AGI\core\4.2.0.10752\AGCoreService.exe (AG Interactive)
PRC - C:\Program Files (x86)\Webshots\Webshots.scr (Webshots.com)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
PRC - C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
PRC - C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
MOD - C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AGCoreService) -- C:\Program Files (x86)\AGI\core\4.2.0.10752\AGCoreService.exe (AG Interactive)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (hcdriver) -- C:\Windows\SysNative\DRIVERS\hcdriver.sys (Intel Corporation)
DRV:64bit: - (ZCLDRV) -- C:\Windows\SysNative\DRIVERS\ZclDrv64.sys (TechnoScope Co., Ltd.)
DRV:64bit: - (amdide64) -- C:\Windows\SysNative\DRIVERS\amdide64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV:64bit: - (amdkmafd) -- C:\Windows\SysNative\DRIVERS\amdkmafd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\DRIVERS\LPCFilter.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW86.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\DRIVERS\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB)
DRV:64bit: - (74385989) -- C:\Windows\SysNative\DRIVERS\74385989.sys (Kaspersky Lab ZAO)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\DRIVERS\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (BlackBox) -- C:\Windows\SysNative\blackbox.dll (Microsoft Corporation)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (Pnp680) -- C:\Windows\SysNative\DRIVERS\pnp680.sys (Silicon Image, Inc)
DRV:64bit: - (PAC7302) -- C:\Windows\SysNative\DRIVERS\PAC7302.SYS (PixArt Imaging Inc.)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys (Conexant Systems, Inc.)
DRV:64bit: - (CAXHWBS2) -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV:64bit: - (BCM43XV) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
DRV - (Normandy) -- C:\Windows\SysWow64\drivers\Normandy.sys ()
DRV - (BlackBox) -- C:\Windows\SysWow64\drivers\BlackBox.sys ()
DRV - (IDSvia64) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081023.002\IDSviA64.sys (Symantec Corporation)
DRV - (RTL8187B) -- C:\Windows\SysWOW64\drivers\rtl8187B.sys (Realtek Semiconductor Corporation                           )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page Restore = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\..\SearchScopes,DefaultScope = {0BC6E3FA-78EF-4886-842C-5A1258C4455A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKLM\..\SearchScopes\{A0B271A9-D8AA-8E74-7392-2164D6A1C03C}: "URL" = http://www.iesearch....q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {DAAF7918-570D-4407-A264-57D857AE91E9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{DAAF7918-570D-4407-A264-57D857AE91E9}: "URL" = http://www.google.co...ie7&rlz=1I7GWYE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/06/19 17:20:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/06 03:30:36 | 000,000,000 | ---D | M]
 
[2010/04/30 22:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Extensions
[2010/04/30 22:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/04 21:42:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\25qs7hd5.default-1404101501971\extensions
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/07/06 03:31:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/04/06 07:40:00 | 000,182,936 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMcAfeeSRPlgn.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: McAfeeScanAndRepair (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\plugins\npMcAfeeSRPlgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java Deployment Toolkit 7.0.550.13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U55 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: GetSavin = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl\5.0_0\
CHR - Extension: Google Wallet = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo> = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Gmail = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/07/06 03:44:45 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BrowserPlugInHelper] "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe" File not found
O4 - HKLM..\Run: [ButtonMonitor] C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [Facebook Update] "C:\Users\Veronica\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)
O4 - HKCU..\Run: [RSD_HDDThermo] C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: &Search - ?p=GRfox000 File not found
O8 - Extra context menu item: &Search - ?p=GRfox000 File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O1364bit: - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.maricopa....in/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FBEC332-55DA-4912-8DF7-4AB47DEDE417}: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FBEC332-55DA-4912-8DF7-4AB47DEDE417}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB6D127E-1638-46AA-BE60-19496E8DBAD3}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Veronica\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Veronica\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk D:\
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/06 03:38:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/06 03:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/05 20:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/07/05 20:10:55 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2014/07/05 20:10:54 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/07/05 20:10:52 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2014/07/05 20:10:52 | 000,871,856 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaeapo64.dll
[2014/07/05 20:10:52 | 000,582,056 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosasfapo64.dll
[2014/07/05 20:10:52 | 000,162,224 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\toseaeapo64.dll
[2014/07/05 20:10:51 | 000,856,992 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2014/07/05 20:10:51 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2014/07/05 20:10:51 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2014/07/05 20:10:50 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014/07/05 20:10:50 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014/07/05 20:10:49 | 000,724,728 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2014/07/05 20:10:49 | 000,246,008 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2014/07/05 20:10:49 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014/07/05 20:10:49 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014/07/05 20:10:48 | 001,048,824 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2014/07/05 20:10:48 | 000,947,760 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2014/07/05 20:10:48 | 000,889,592 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2014/07/05 20:10:48 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2014/07/05 20:10:47 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2014/07/05 20:10:47 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2014/07/05 20:10:47 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2014/07/05 20:10:46 | 001,959,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014/07/05 20:10:45 | 002,860,248 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014/07/05 20:10:44 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2014/07/05 20:10:42 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2014/07/05 20:10:42 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2014/07/05 20:10:41 | 001,024,728 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014/07/05 20:10:40 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014/07/05 20:10:40 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014/07/05 20:10:40 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014/07/05 20:10:40 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014/07/05 20:10:39 | 000,628,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2014/07/05 20:10:38 | 002,804,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2014/07/05 20:10:38 | 001,286,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/07/05 20:10:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014/07/05 20:10:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014/07/05 20:10:33 | 064,228,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2014/07/05 20:10:22 | 000,949,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/07/05 20:10:14 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2014/07/05 20:10:14 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2014/07/05 20:10:13 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2014/07/05 20:10:13 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2014/07/05 20:10:13 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2014/07/05 20:10:12 | 005,751,048 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2014/07/05 20:10:12 | 000,942,384 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2014/07/05 20:10:11 | 000,906,800 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\MISS_APO.dll
[2014/07/05 20:10:11 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2014/07/05 20:10:10 | 012,894,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2014/07/05 20:10:09 | 000,956,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2014/07/05 20:10:08 | 003,959,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnN64.dll
[2014/07/05 20:10:08 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2014/07/05 20:10:06 | 028,343,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll
[2014/07/05 20:10:00 | 014,863,448 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2014/07/05 20:09:58 | 001,934,424 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2014/07/05 20:09:57 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/07/05 20:09:56 | 001,317,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2014/07/05 20:09:56 | 001,063,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/07/05 20:09:56 | 000,900,696 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
[2014/07/05 20:09:55 | 001,168,472 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2014/07/05 20:09:55 | 001,136,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2014/07/05 20:09:55 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2014/07/05 20:09:55 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2014/07/05 20:09:55 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014/07/05 20:09:54 | 000,291,488 | ---- | C] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2014/07/05 20:09:53 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/07/05 20:09:52 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2014/07/05 20:09:52 | 000,501,184 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2014/07/05 20:09:52 | 000,415,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2014/07/05 20:09:51 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2014/07/05 20:09:51 | 000,487,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2014/07/05 20:09:50 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2014/07/05 20:09:50 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2014/07/05 20:09:50 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2014/07/05 20:09:50 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2014/07/05 20:09:49 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2014/07/05 20:09:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2014/07/05 20:09:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2014/07/05 20:09:49 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2014/07/05 20:09:48 | 006,218,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2014/07/05 20:09:48 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2014/07/05 20:09:48 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2014/07/05 20:09:47 | 000,315,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2014/07/05 20:09:46 | 001,939,800 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2014/07/05 20:09:46 | 000,261,464 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2014/07/05 20:09:45 | 001,530,048 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2014/07/05 20:09:44 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2014/07/05 20:09:41 | 000,560,328 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2014/07/05 20:09:41 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2014/07/04 18:39:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Veronica\Desktop\OTL.exe
[2014/07/04 15:35:37 | 000,011,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\amdide64.sys
[2014/07/04 03:05:56 | 000,073,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\hcdriver.sys
[2014/07/03 01:57:17 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\spelling
[2014/07/03 01:56:56 | 000,000,000 | ---D | C] -- C:\Users\Veronica\.lawson
[2014/07/03 01:56:47 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\repository
[2014/07/02 22:34:48 | 000,031,024 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\LPCFilter.sys
[2014/07/02 22:15:45 | 000,157,696 | ---- | C] (Matrox Graphics Inc.) -- C:\Windows\SysNative\drivers\MxEFUF64.sys
[2014/07/01 22:10:30 | 002,338,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/01 22:10:28 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/07/01 22:10:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/07/01 22:10:28 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/01 22:10:28 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/01 22:10:27 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/07/01 22:10:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/07/01 22:10:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/01 22:10:27 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/01 22:10:21 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/07/01 22:10:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/07/01 22:10:16 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/07/01 22:10:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/07/01 22:10:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/01 22:10:11 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/01 22:10:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/07/01 22:10:08 | 001,494,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/01 22:10:07 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/07/01 22:10:05 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/07/01 22:10:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/07/01 22:09:54 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/07/01 18:38:24 | 000,425,472 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\Zcl64.dll
[2014/07/01 18:38:24 | 000,071,680 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\drivers\ZCLDrv64.sys
[2014/07/01 18:38:24 | 000,042,496 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\ZclDrv64.dll
[2014/07/01 18:38:24 | 000,036,352 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysWow64\ZclDrv.dll
[2014/07/01 18:38:23 | 000,393,216 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysWow64\Zcl.dll
[2014/07/01 18:38:23 | 000,040,960 | ---- | C] (TechnoScope) -- C:\Windows\SysWow64\Ccm.dll
[2014/07/01 07:34:19 | 000,390,112 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk60x64.sys
[2014/06/30 23:47:21 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Documents\My Drivers
[2014/06/30 20:13:28 | 000,099,840 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2014/06/30 20:13:28 | 000,086,528 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2014/06/30 20:13:28 | 000,083,968 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2014/06/30 20:13:28 | 000,073,728 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2014/06/30 20:13:27 | 000,826,368 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_64.dll
[2014/06/30 20:13:26 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2014/06/30 20:13:26 | 000,142,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2014/06/30 20:13:26 | 000,125,824 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2014/06/30 20:13:25 | 006,036,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdagA.dll
[2014/06/30 20:13:25 | 003,839,488 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdagB.dll
[2014/06/30 20:13:23 | 005,205,504 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64B.dll
[2014/06/30 20:13:23 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2014/06/30 20:13:22 | 007,040,928 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64A.dll
[2014/06/30 20:13:14 | 000,051,152 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2014/06/30 20:13:14 | 000,038,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2014/06/30 20:13:12 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2014/06/30 20:13:12 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2014/06/30 20:13:11 | 011,513,856 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysWow64\atioglxxB.dll
[2014/06/30 20:13:09 | 022,157,824 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxxA.dll
[2014/06/30 20:13:04 | 015,983,104 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\atio6axxB.dll
[2014/06/30 20:13:01 | 026,352,128 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axxA.dll
[2014/06/30 20:12:54 | 000,612,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpagA.sys
[2014/06/30 20:12:54 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atildimgx.dll
[2014/06/30 20:12:54 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atildimgy.dll
[2014/06/30 20:12:53 | 005,357,080 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdagB.sys
[2014/06/30 20:12:53 | 000,331,288 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2014/06/30 20:12:52 | 011,837,976 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdagA.sys
[2014/06/30 20:12:47 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2014/06/30 20:12:47 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2014/06/30 20:12:46 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2014/06/30 20:12:46 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2014/06/30 20:12:41 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2014/06/30 20:12:40 | 004,782,960 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticldxva.dll
[2014/06/30 20:12:40 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2014/06/30 20:12:39 | 004,292,192 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticldx6a.dll
[2014/06/30 20:12:37 | 001,094,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2014/06/30 20:12:37 | 000,929,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2014/06/30 20:12:31 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2014/06/30 20:12:30 | 000,368,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2014/06/30 20:12:30 | 000,291,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2014/06/30 20:12:29 | 000,054,784 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/06/30 20:12:29 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/06/30 20:12:27 | 016,457,216 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2014/06/30 20:12:25 | 013,008,384 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2014/06/30 20:12:21 | 000,095,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2014/06/30 20:12:21 | 000,090,112 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2014/06/30 20:10:57 | 000,110,080 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\DelayAPO.dll
[2014/06/30 20:10:56 | 000,237,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\AtihdW86.sys
[2014/06/30 20:08:45 | 000,021,160 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\amdkmafd.sys
[2014/06/30 00:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2014/06/30 00:49:12 | 000,000,000 | ---D | C] -- C:\cpqsystem
[2014/06/29 21:21:52 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\DriverMax Recommended Drivers
[2014/06/29 21:20:57 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\AdAware Scans
[2014/06/29 21:11:58 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\Old Firefox Data
[2014/06/29 19:30:27 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Local\Innovative Solutions
[2014/06/29 19:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2014/06/29 19:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions
[2014/06/29 18:17:36 | 005,288,408 | ---- | C] (Innovative Solutions                                        ) -- C:\Users\Veronica\Desktop\drivermax_7_34_cnet.exe
[2014/06/28 00:47:31 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\ImgBurn
[2014/06/28 00:31:03 | 000,439,296 | ---- | C] (Sendori) -- C:\Windows\SysNative\plsapp64.dll
[2014/06/28 00:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2014/06/28 00:25:48 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\OpenCandy
[2014/06/27 23:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Memory Test
[2014/06/27 23:56:06 | 003,469,871 | ---- | C] (LIGHTNING UK!) -- C:\Users\Veronica\Desktop\SetupImgBurn_2.5.8.0.exe
[2014/06/26 22:19:18 | 094,714,880 | ---- | C] (AVAST Software) -- C:\Users\Veronica\Desktop\avast_free_antivirus_setup.exe
[2014/06/25 21:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWMonitor
[2014/06/25 21:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2014/06/25 21:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2014/06/25 20:58:24 | 002,668,480 | ---- | C] (Resplendence Software Projects Sp.                          ) -- C:\Users\Veronica\Desktop\whocrashedSetup.exe
[2014/06/25 20:37:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[4 C:\Users\Veronica\Documents\*.tmp files -> C:\Users\Veronica\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/06 04:20:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000UA.job
[2014/07/06 04:11:11 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000UA.job
[2014/07/06 03:59:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/06 03:50:40 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/06 03:50:40 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/06 03:50:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/06 03:50:15 | 4025,667,584 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/06 03:35:59 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2014/07/05 20:16:07 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2014/07/05 20:12:51 | 000,707,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/05 20:12:51 | 000,607,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/05 20:12:51 | 000,105,046 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/05 13:18:43 | 002,909,752 | ---- | M] () -- C:\Users\Veronica\Desktop\Gia Video July 2014.AVI
[2014/07/05 10:10:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000Core.job
[2014/07/05 07:20:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000Core.job
[2014/07/04 20:23:58 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2014/07/04 20:23:58 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2014/07/04 18:39:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Veronica\Desktop\OTL.exe
[2014/07/04 13:19:46 | 000,393,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/03 19:45:10 | 000,000,823 | ---- | M] () -- C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2014/07/01 01:05:38 | 000,000,732 | ---- | M] () -- C:\Users\Veronica\AppData\Local\d3d9caps64.dat
[2014/06/29 19:30:27 | 000,001,040 | ---- | M] () -- C:\Users\Veronica\Desktop\DriverMax.lnk
[2014/06/29 19:16:28 | 000,190,178 | ---- | M] () -- C:\Users\Veronica\Desktop\PitStop Results.jpg
[2014/06/29 18:17:38 | 005,288,408 | ---- | M] (Innovative Solutions                                        ) -- C:\Users\Veronica\Desktop\drivermax_7_34_cnet.exe
[2014/06/29 14:09:11 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/29 14:09:11 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/28 00:25:52 | 000,001,699 | ---- | M] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,675 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2014/06/27 23:56:07 | 003,469,871 | ---- | M] (LIGHTNING UK!) -- C:\Users\Veronica\Desktop\SetupImgBurn_2.5.8.0.exe
[2014/06/27 23:53:17 | 000,069,043 | ---- | M] () -- C:\Users\Veronica\Desktop\memtest86+-4.20.iso.zip
[2014/06/26 22:20:43 | 094,714,880 | ---- | M] (AVAST Software) -- C:\Users\Veronica\Desktop\avast_free_antivirus_setup.exe
[2014/06/25 21:21:48 | 000,158,387 | ---- | M] () -- C:\Users\Veronica\Desktop\Speedfan Results.jpg
[2014/06/25 21:17:34 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/06/25 21:00:26 | 001,141,408 | ---- | M] (                                                            ) -- C:\Users\Veronica\Desktop\hwmonitor_1.25-setup.exe
[2014/06/25 20:58:26 | 002,668,480 | ---- | M] (Resplendence Software Projects Sp.                          ) -- C:\Users\Veronica\Desktop\whocrashedSetup.exe
[2014/06/25 20:36:29 | 000,141,480 | ---- | M] () -- C:\Users\Veronica\Desktop\bluescreenview_setup.exe
[2014/06/17 19:17:54 | 000,856,992 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2014/06/17 16:08:18 | 001,205,934 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/06/17 15:41:56 | 064,228,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2014/06/17 13:32:10 | 001,286,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/06/13 16:24:02 | 002,804,952 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2014/06/11 17:08:08 | 000,949,464 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/06/11 11:44:24 | 001,024,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014/06/10 21:53:41 | 000,002,112 | ---- | M] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/09 16:57:14 | 002,860,248 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014/06/09 13:52:44 | 001,530,048 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2014/06/09 10:59:12 | 000,560,328 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2014/06/08 07:58:00 | 026,352,128 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axxA.dll
[2014/06/08 07:58:00 | 022,157,824 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxxA.dll
[2014/06/08 07:58:00 | 015,983,104 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\atio6axxB.dll
[2014/06/08 07:58:00 | 011,837,976 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdagA.sys
[2014/06/08 07:58:00 | 011,513,856 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysWow64\atioglxxB.dll
[2014/06/08 07:58:00 | 007,040,928 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64A.dll
[2014/06/08 07:58:00 | 006,036,160 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdagA.dll
[2014/06/08 07:58:00 | 005,357,080 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdagB.sys
[2014/06/08 07:58:00 | 005,205,504 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64B.dll
[2014/06/08 07:58:00 | 004,782,960 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticldxva.dll
[2014/06/08 07:58:00 | 004,292,192 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticldx6a.dll
[2014/06/08 07:58:00 | 003,839,488 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdagB.dll
[2014/06/08 07:58:00 | 002,852,480 | ---- | M] () -- C:\Windows\SysWow64\aticldxva.cap
[2014/06/08 07:58:00 | 002,818,784 | ---- | M] () -- C:\Windows\SysNative\aticldx6a.cap
[2014/06/08 07:58:00 | 001,828,864 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2014/06/08 07:58:00 | 001,113,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2014/06/08 07:58:00 | 001,094,024 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2014/06/08 07:58:00 | 000,929,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2014/06/08 07:58:00 | 000,612,888 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpagA.sys
[2014/06/08 07:58:00 | 000,550,456 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014/06/08 07:58:00 | 000,550,456 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2014/06/08 07:58:00 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atildimgx.dll
[2014/06/08 07:58:00 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atildimgy.dll
[2014/06/08 07:58:00 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2014/06/08 07:58:00 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2014/06/08 07:58:00 | 000,331,288 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2014/06/08 07:58:00 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/06/08 07:58:00 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2014/06/08 07:58:00 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/06/08 07:58:00 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2014/06/08 07:58:00 | 000,142,280 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2014/06/08 07:58:00 | 000,125,824 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2014/06/08 07:58:00 | 000,118,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2014/06/08 07:58:00 | 000,095,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2014/06/08 07:58:00 | 000,090,112 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2014/06/08 07:58:00 | 000,089,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2014/06/08 07:58:00 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2014/06/08 07:58:00 | 000,051,152 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2014/06/08 07:58:00 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\atitmp64.dll
[2014/06/08 07:58:00 | 000,041,984 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2014/06/08 07:58:00 | 000,038,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2014/06/08 07:58:00 | 000,033,280 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2014/06/08 07:58:00 | 000,017,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2014/06/08 07:58:00 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[4 C:\Users\Veronica\Documents\*.tmp files -> C:\Users\Veronica\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/05 20:16:07 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/07/05 20:10:51 | 002,119,472 | ---- | C] () -- C:\Windows\SysNative\SStudio.dll
[2014/07/05 20:10:47 | 005,804,772 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2014/07/05 20:10:38 | 001,205,934 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/07/05 20:09:42 | 000,096,568 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2014/07/05 20:09:41 | 000,109,848 | ---- | C] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2014/07/05 13:18:39 | 002,909,752 | ---- | C] () -- C:\Users\Veronica\Desktop\Gia Video July 2014.AVI
[2014/07/04 13:19:25 | 4025,667,584 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/30 20:13:27 | 000,230,912 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2014/06/30 20:13:27 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/06/30 20:13:27 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2014/06/30 20:13:27 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/06/30 20:13:27 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2014/06/30 20:13:13 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\atitmp64.dll
[2014/06/30 20:13:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014/06/30 20:13:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2014/06/30 20:12:39 | 002,852,480 | ---- | C] () -- C:\Windows\SysWow64\aticldxva.cap
[2014/06/30 20:12:38 | 002,818,784 | ---- | C] () -- C:\Windows\SysNative\aticldx6a.cap
[2014/06/30 20:12:30 | 000,550,456 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014/06/30 20:12:30 | 000,550,456 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2014/06/30 20:12:28 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as.exe
[2014/06/30 20:12:28 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld.exe
[2014/06/30 20:12:28 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld.exe
[2014/06/30 20:12:27 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as.exe
[2014/06/29 19:30:27 | 000,001,040 | ---- | C] () -- C:\Users\Veronica\Desktop\DriverMax.lnk
[2014/06/29 19:16:27 | 000,190,178 | ---- | C] () -- C:\Users\Veronica\Desktop\PitStop Results.jpg
[2014/06/28 00:25:52 | 000,001,699 | ---- | C] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,687 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,675 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2014/06/28 00:09:15 | 001,839,104 | ---- | C] () -- C:\Users\Veronica\Desktop\mt420.iso
[2014/06/27 23:53:07 | 000,069,043 | ---- | C] () -- C:\Users\Veronica\Desktop\memtest86+-4.20.iso.zip
[2014/06/25 21:21:47 | 000,158,387 | ---- | C] () -- C:\Users\Veronica\Desktop\Speedfan Results.jpg
[2014/06/25 21:00:24 | 001,141,408 | ---- | C] (                                                            ) -- C:\Users\Veronica\Desktop\hwmonitor_1.25-setup.exe
[2014/06/25 20:35:50 | 000,141,480 | ---- | C] () -- C:\Users\Veronica\Desktop\bluescreenview_setup.exe
[2012/10/25 01:12:15 | 000,727,952 | ---- | C] () -- C:\Windows\SysWow64\WSCM64.dll
[2012/10/16 00:41:08 | 139,883,880 | ---- | C] () -- C:\Users\Veronica\Kaspersky Online Scanner.exe
[2012/06/13 09:21:43 | 000,151,166 | ---- | C] () -- C:\ProgramData\1339604266.bdinstall.bin
[2012/06/08 04:28:08 | 000,148,808 | ---- | C] () -- C:\ProgramData\1339154345.bdinstall.bin
[2012/06/07 20:55:06 | 000,224,937 | ---- | C] () -- C:\ProgramData\1339125945.bdinstall.bin
[2011/12/04 22:42:09 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/10/18 22:10:03 | 000,000,732 | ---- | C] () -- C:\Users\Veronica\AppData\Local\d3d9caps64.dat
[2010/03/27 01:20:09 | 000,000,000 | ---- | C] () -- C:\Users\Veronica\AppData\Local\prvlcl.dat
[2009/09/03 17:56:18 | 000,072,080 | ---- | C] () -- C:\Users\Veronica\g2mdlhlpx.exe
[2008/10/27 04:41:56 | 000,007,649 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2008/10/20 06:09:47 | 000,000,139 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2008/09/03 08:32:00 | 000,000,873 | ---- | C] () -- C:\Program Files (x86)\WinRAR.lnk
[2008/08/30 21:45:48 | 000,001,356 | ---- | C] () -- C:\Users\Veronica\AppData\Local\d3d9caps.dat
[2008/08/29 04:24:49 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/08/28 17:13:44 | 000,189,952 | ---- | C] () -- C:\Users\Veronica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 09:30:37 | 012,900,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 06:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2011/10/24 15:21:29 | 000,010,039 | ---- | M] ()(C:\Users\Veronica\Documents\? Om Symbol.docx) -- C:\Users\Veronica\Documents\ॐ Om Symbol.docx
[2011/10/24 15:21:22 | 000,010,039 | ---- | C] ()(C:\Users\Veronica\Documents\? Om Symbol.docx) -- C:\Users\Veronica\Documents\ॐ Om Symbol.docx
 
< End of report >
 
 
Here's the OTL Log:
 

OTL logfile created on: 7/6/2014 11:24:38 PM - Run 9
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Veronica\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 0.50 Gb Available Physical Memory | 13.33% Memory free
7.71 Gb Paging File | 3.77 Gb Available in Paging File | 48.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.72 Gb Total Space | 61.67 Gb Free Space | 10.62% Space Free | Partition Type: NTFS
Drive D: | 15.45 Gb Total Space | 7.90 Gb Free Space | 51.14% Space Free | Partition Type: NTFS
 
Computer Name: VERONICA-PC | User Name: Veronica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Veronica\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
PRC - C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
PRC - C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)
PRC - C:\Program Files (x86)\AGI\core\4.2.0.10752\AGCoreService.exe (AG Interactive)
PRC - C:\Program Files (x86)\Webshots\Webshots.scr (Webshots.com)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
PRC - C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
PRC - C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
MOD - C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
MOD - C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (LavasoftAdAwareService11) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AGCoreService) -- C:\Program Files (x86)\AGI\core\4.2.0.10752\AGCoreService.exe (AG Interactive)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\DRIVERS\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (gzflt) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys (BitDefender LLC)
DRV:64bit: - (hcdriver) -- C:\Windows\SysNative\DRIVERS\hcdriver.sys (Intel Corporation)
DRV:64bit: - (ZCLDRV) -- C:\Windows\SysNative\DRIVERS\ZclDrv64.sys (TechnoScope Co., Ltd.)
DRV:64bit: - (amdide64) -- C:\Windows\SysNative\DRIVERS\amdide64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV:64bit: - (amdkmafd) -- C:\Windows\SysNative\DRIVERS\amdkmafd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\DRIVERS\LPCFilter.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW86.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\DRIVERS\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (74385989) -- C:\Windows\SysNative\DRIVERS\74385989.sys (Kaspersky Lab ZAO)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\DRIVERS\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (BlackBox) -- C:\Windows\SysNative\blackbox.dll (Microsoft Corporation)
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (Pnp680) -- C:\Windows\SysNative\DRIVERS\pnp680.sys (Silicon Image, Inc)
DRV:64bit: - (PAC7302) -- C:\Windows\SysNative\DRIVERS\PAC7302.SYS (PixArt Imaging Inc.)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys (Conexant Systems, Inc.)
DRV:64bit: - (CAXHWBS2) -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV:64bit: - (BCM43XV) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV - (Normandy) -- C:\Windows\SysWow64\drivers\Normandy.sys ()
DRV - (BlackBox) -- C:\Windows\SysWow64\drivers\BlackBox.sys ()
DRV - (IDSvia64) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081023.002\IDSviA64.sys (Symantec Corporation)
DRV - (RTL8187B) -- C:\Windows\SysWOW64\drivers\rtl8187B.sys (Realtek Semiconductor Corporation                           )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page Restore = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKLM\..\SearchScopes,DefaultScope = {0BC6E3FA-78EF-4886-842C-5A1258C4455A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5694
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {DAAF7918-570D-4407-A264-57D857AE91E9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{DAAF7918-570D-4407-A264-57D857AE91E9}: "URL" = http://www.google.co...ie7&rlz=1I7GWYE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/06/19 17:20:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/06 03:30:36 | 000,000,000 | ---D | M]
 
[2010/04/30 22:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Extensions
[2010/04/30 22:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/06 15:36:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\25qs7hd5.default-1404101501971\extensions
[2014/07/06 15:36:12 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\25qs7hd5.default-1404101501971\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/06 03:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/07/06 03:31:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/04/06 07:40:00 | 000,182,936 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMcAfeeSRPlgn.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: McAfeeScanAndRepair (Enabled) = C:\Users\Veronica\AppData\Local\Google\Chrome\Application\plugins\npMcAfeeSRPlgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java Deployment Toolkit 7.0.550.13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U55 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Veronica\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Veronica\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: PasswordBox - Log in with 1-Click = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgnnllmjadopdlmpplonojbfogkjlcl\1.34.0.3557_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: Google Wallet = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/07/06 23:12:05 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [BrowserPlugInHelper] "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe" File not found
O4 - HKLM..\Run: [ButtonMonitor] C:\Program Files (x86)\IOI\ButtonMonitor.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)
O4 - HKCU..\Run: [RSD_HDDThermo] C:\Program Files (x86)\HDD Thermometer\HDD Thermometer.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.maricopa....in/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FBEC332-55DA-4912-8DF7-4AB47DEDE417}: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FBEC332-55DA-4912-8DF7-4AB47DEDE417}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB6D127E-1638-46AA-BE60-19496E8DBAD3}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Veronica\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Veronica\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/16 07:49:12 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/06 20:55:17 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Veronica\Desktop\JRT.exe
[2014/07/06 20:51:31 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\Lavasoft
[2014/07/06 20:32:44 | 001,025,536 | ---- | C] (Farbar) -- C:\Users\Veronica\Desktop\ListParts64.exe
[2014/07/06 15:39:30 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\LavasoftStatistics
[2014/07/06 15:39:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/07/06 15:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/07/06 15:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2014/07/06 15:36:34 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Local\adawarebp
[2014/07/06 15:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2014/07/06 15:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2014/07/06 12:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/07/06 03:38:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/06 03:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/05 20:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/07/05 20:10:55 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2014/07/05 20:10:54 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/07/05 20:10:50 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014/07/05 20:10:50 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014/07/05 20:10:49 | 000,724,728 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2014/07/05 20:10:49 | 000,246,008 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2014/07/05 20:10:49 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014/07/05 20:10:49 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014/07/05 20:10:48 | 001,048,824 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2014/07/05 20:10:48 | 000,889,592 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2014/07/05 20:10:48 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2014/07/05 20:10:47 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2014/07/05 20:10:47 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2014/07/05 20:10:47 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2014/07/05 20:10:40 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014/07/05 20:10:40 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014/07/05 20:10:40 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014/07/05 20:10:40 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014/07/05 20:10:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014/07/05 20:10:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014/07/05 20:10:14 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2014/07/05 20:10:14 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2014/07/05 20:10:13 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2014/07/05 20:10:13 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2014/07/05 20:10:13 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2014/07/05 20:10:12 | 005,751,048 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2014/07/05 20:10:12 | 000,942,384 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2014/07/05 20:10:11 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2014/07/05 20:10:10 | 012,894,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2014/07/05 20:10:09 | 000,956,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2014/07/05 20:10:08 | 003,959,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnN64.dll
[2014/07/05 20:10:08 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2014/07/05 20:10:06 | 028,343,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll
[2014/07/05 20:10:00 | 014,863,448 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2014/07/05 20:09:58 | 001,934,424 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2014/07/05 20:09:57 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/07/05 20:09:56 | 001,317,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2014/07/05 20:09:56 | 001,063,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/07/05 20:09:56 | 000,900,696 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
[2014/07/05 20:09:55 | 001,168,472 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2014/07/05 20:09:55 | 001,136,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2014/07/05 20:09:55 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2014/07/05 20:09:55 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2014/07/05 20:09:55 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014/07/05 20:09:54 | 000,291,488 | ---- | C] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2014/07/05 20:09:53 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/07/05 20:09:52 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2014/07/05 20:09:52 | 000,501,184 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2014/07/05 20:09:52 | 000,415,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2014/07/05 20:09:51 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2014/07/05 20:09:51 | 000,487,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2014/07/05 20:09:50 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2014/07/05 20:09:50 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2014/07/05 20:09:50 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2014/07/05 20:09:50 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2014/07/05 20:09:49 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2014/07/05 20:09:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2014/07/05 20:09:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2014/07/05 20:09:49 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2014/07/05 20:09:48 | 006,218,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2014/07/05 20:09:48 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2014/07/05 20:09:48 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2014/07/05 20:09:47 | 000,315,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2014/07/05 20:09:46 | 001,939,800 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2014/07/05 20:09:46 | 000,261,464 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2014/07/05 20:09:44 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2014/07/04 18:39:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Veronica\Desktop\OTL.exe
[2014/07/03 01:57:17 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\spelling
[2014/07/03 01:56:56 | 000,000,000 | ---D | C] -- C:\Users\Veronica\.lawson
[2014/07/03 01:56:47 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\repository
[2014/07/02 22:34:48 | 000,031,024 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\LPCFilter.sys
[2014/07/01 18:38:24 | 000,425,472 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\Zcl64.dll
[2014/07/01 18:38:24 | 000,071,680 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\drivers\ZCLDrv64.sys
[2014/07/01 18:38:24 | 000,042,496 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysNative\ZclDrv64.dll
[2014/07/01 18:38:24 | 000,036,352 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysWow64\ZclDrv.dll
[2014/07/01 18:38:23 | 000,393,216 | ---- | C] (TechnoScope Co., Ltd.) -- C:\Windows\SysWow64\Zcl.dll
[2014/07/01 18:38:23 | 000,040,960 | ---- | C] (TechnoScope) -- C:\Windows\SysWow64\Ccm.dll
[2014/07/01 07:34:19 | 000,390,112 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk60x64.sys
[2014/06/30 23:47:21 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Documents\My Drivers
[2014/06/30 20:13:27 | 000,826,368 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_64.dll
[2014/06/30 20:12:29 | 000,054,784 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/06/30 20:12:29 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/06/30 20:10:57 | 000,110,080 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\DelayAPO.dll
[2014/06/30 00:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2014/06/30 00:49:12 | 000,000,000 | ---D | C] -- C:\cpqsystem
[2014/06/29 21:21:52 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\DriverMax Recommended Drivers
[2014/06/29 21:20:57 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\AdAware Scans
[2014/06/29 21:11:58 | 000,000,000 | ---D | C] -- C:\Users\Veronica\Desktop\Old Firefox Data
[2014/06/29 19:30:27 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Local\Innovative Solutions
[2014/06/29 19:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2014/06/29 19:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions
[2014/06/29 18:17:36 | 005,288,408 | ---- | C] (Innovative Solutions                                        ) -- C:\Users\Veronica\Desktop\drivermax_7_34_cnet.exe
[2014/06/28 00:47:31 | 000,000,000 | ---D | C] -- C:\Users\Veronica\AppData\Roaming\ImgBurn
[2014/06/28 00:31:03 | 000,439,296 | ---- | C] (Sendori) -- C:\Windows\SysNative\plsapp64.dll
[2014/06/28 00:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2014/06/27 23:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Memory Test
[2014/06/27 23:56:06 | 003,469,871 | ---- | C] (LIGHTNING UK!) -- C:\Users\Veronica\Desktop\SetupImgBurn_2.5.8.0.exe
[2014/06/26 22:19:18 | 094,714,880 | ---- | C] (AVAST Software) -- C:\Users\Veronica\Desktop\avast_free_antivirus_setup.exe
[2014/06/25 21:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWMonitor
[2014/06/25 21:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2014/06/25 21:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2014/06/25 20:58:24 | 002,668,480 | ---- | C] (Resplendence Software Projects Sp.                          ) -- C:\Users\Veronica\Desktop\whocrashedSetup.exe
[2014/06/25 20:37:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[4 C:\Users\Veronica\Documents\*.tmp files -> C:\Users\Veronica\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/06 23:24:14 | 000,001,356 | ---- | M] () -- C:\Users\Veronica\AppData\Local\d3d9caps.dat
[2014/07/06 23:16:39 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/07/06 23:16:06 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/06 23:16:06 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/06 23:15:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/06 23:15:53 | 4025,667,584 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/06 23:11:03 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000UA.job
[2014/07/06 22:59:24 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/06 22:20:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000UA.job
[2014/07/06 20:55:18 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Veronica\Desktop\JRT.exe
[2014/07/06 20:54:23 | 001,346,519 | ---- | M] () -- C:\Users\Veronica\Desktop\adwcleaner_3.214.exe
[2014/07/06 20:32:48 | 001,025,536 | ---- | M] (Farbar) -- C:\Users\Veronica\Desktop\ListParts64.exe
[2014/07/06 12:37:55 | 001,707,144 | ---- | M] () -- C:\Users\Veronica\Desktop\Adaware_Installer.exe
[2014/07/06 12:27:18 | 000,000,084 | -H-- | M] () -- C:\aaw7boot.cmd
[2014/07/06 10:10:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000Core.job
[2014/07/06 07:19:59 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2932777127-504153465-3726424614-1000Core.job
[2014/07/06 03:35:59 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2014/07/05 20:16:07 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2014/07/05 20:12:51 | 000,707,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/05 20:12:51 | 000,607,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/05 20:12:51 | 000,105,046 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/05 13:18:43 | 002,909,752 | ---- | M] () -- C:\Users\Veronica\Desktop\Gia Video July 2014.AVI
[2014/07/04 20:23:58 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2014/07/04 20:23:58 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2014/07/04 18:39:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Veronica\Desktop\OTL.exe
[2014/07/04 13:19:46 | 000,393,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/03 19:45:10 | 000,000,823 | ---- | M] () -- C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2014/07/01 01:05:38 | 000,000,732 | ---- | M] () -- C:\Users\Veronica\AppData\Local\d3d9caps64.dat
[2014/06/29 19:30:27 | 000,001,040 | ---- | M] () -- C:\Users\Veronica\Desktop\DriverMax.lnk
[2014/06/29 19:16:28 | 000,190,178 | ---- | M] () -- C:\Users\Veronica\Desktop\PitStop Results.jpg
[2014/06/29 18:17:38 | 005,288,408 | ---- | M] (Innovative Solutions                                        ) -- C:\Users\Veronica\Desktop\drivermax_7_34_cnet.exe
[2014/06/28 00:25:52 | 000,001,699 | ---- | M] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,675 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2014/06/27 23:56:07 | 003,469,871 | ---- | M] (LIGHTNING UK!) -- C:\Users\Veronica\Desktop\SetupImgBurn_2.5.8.0.exe
[2014/06/27 23:53:17 | 000,069,043 | ---- | M] () -- C:\Users\Veronica\Desktop\memtest86+-4.20.iso.zip
[2014/06/26 22:20:43 | 094,714,880 | ---- | M] (AVAST Software) -- C:\Users\Veronica\Desktop\avast_free_antivirus_setup.exe
[2014/06/25 21:21:48 | 000,158,387 | ---- | M] () -- C:\Users\Veronica\Desktop\Speedfan Results.jpg
[2014/06/25 21:17:34 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/06/25 21:00:26 | 001,141,408 | ---- | M] (                                                            ) -- C:\Users\Veronica\Desktop\hwmonitor_1.25-setup.exe
[2014/06/25 20:58:26 | 002,668,480 | ---- | M] (Resplendence Software Projects Sp.                          ) -- C:\Users\Veronica\Desktop\whocrashedSetup.exe
[2014/06/25 20:36:29 | 000,141,480 | ---- | M] () -- C:\Users\Veronica\Desktop\bluescreenview_setup.exe
[2014/06/17 16:08:18 | 001,205,934 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/06/10 21:53:41 | 000,002,112 | ---- | M] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/08 07:58:00 | 002,852,480 | ---- | M] () -- C:\Windows\SysWow64\aticldxva.cap
[2014/06/08 07:58:00 | 002,818,784 | ---- | M] () -- C:\Windows\SysNative\aticldx6a.cap
[2014/06/08 07:58:00 | 000,550,456 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014/06/08 07:58:00 | 000,550,456 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2014/06/08 07:58:00 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/06/08 07:58:00 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2014/06/08 07:58:00 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/06/08 07:58:00 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2014/06/08 07:58:00 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\atitmp64.dll
[4 C:\Users\Veronica\Documents\*.tmp files -> C:\Users\Veronica\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/06 20:54:22 | 001,346,519 | ---- | C] () -- C:\Users\Veronica\Desktop\adwcleaner_3.214.exe
[2014/07/06 17:45:01 | 006,416,928 | ---- | C] () -- C:\Windows\System\DriveIcon.dll
[2014/07/06 15:39:24 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/07/06 12:37:27 | 001,707,144 | ---- | C] () -- C:\Users\Veronica\Desktop\Adaware_Installer.exe
[2014/07/06 12:27:18 | 000,000,084 | -H-- | C] () -- C:\aaw7boot.cmd
[2014/07/05 20:16:07 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/07/05 20:10:51 | 002,119,472 | ---- | C] () -- C:\Windows\SysNative\SStudio.dll
[2014/07/05 20:10:47 | 005,804,772 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2014/07/05 20:10:38 | 001,205,934 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/07/05 20:09:42 | 000,096,568 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2014/07/05 20:09:41 | 000,109,848 | ---- | C] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2014/07/05 13:18:39 | 002,909,752 | ---- | C] () -- C:\Users\Veronica\Desktop\Gia Video July 2014.AVI
[2014/07/04 13:19:25 | 4025,667,584 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/30 20:13:27 | 000,230,912 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2014/06/30 20:13:27 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/06/30 20:13:27 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2014/06/30 20:13:27 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/06/30 20:13:27 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2014/06/30 20:13:13 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\atitmp64.dll
[2014/06/30 20:13:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014/06/30 20:13:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2014/06/30 20:12:39 | 002,852,480 | ---- | C] () -- C:\Windows\SysWow64\aticldxva.cap
[2014/06/30 20:12:38 | 002,818,784 | ---- | C] () -- C:\Windows\SysNative\aticldx6a.cap
[2014/06/30 20:12:30 | 000,550,456 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014/06/30 20:12:30 | 000,550,456 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2014/06/30 20:12:28 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as.exe
[2014/06/30 20:12:28 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld.exe
[2014/06/30 20:12:28 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld.exe
[2014/06/30 20:12:27 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as.exe
[2014/06/29 19:30:27 | 000,001,040 | ---- | C] () -- C:\Users\Veronica\Desktop\DriverMax.lnk
[2014/06/29 19:16:27 | 000,190,178 | ---- | C] () -- C:\Users\Veronica\Desktop\PitStop Results.jpg
[2014/06/28 00:25:52 | 000,001,699 | ---- | C] () -- C:\Users\Veronica\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,687 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2014/06/28 00:25:52 | 000,001,675 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2014/06/28 00:09:15 | 001,839,104 | ---- | C] () -- C:\Users\Veronica\Desktop\mt420.iso
[2014/06/27 23:53:07 | 000,069,043 | ---- | C] () -- C:\Users\Veronica\Desktop\memtest86+-4.20.iso.zip
[2014/06/25 21:21:47 | 000,158,387 | ---- | C] () -- C:\Users\Veronica\Desktop\Speedfan Results.jpg
[2014/06/25 21:00:24 | 001,141,408 | ---- | C] (                                                            ) -- C:\Users\Veronica\Desktop\hwmonitor_1.25-setup.exe
[2014/06/25 20:35:50 | 000,141,480 | ---- | C] () -- C:\Users\Veronica\Desktop\bluescreenview_setup.exe
[2012/10/25 01:12:15 | 000,727,952 | ---- | C] () -- C:\Windows\SysWow64\WSCM64.dll
[2012/10/16 00:41:08 | 139,883,880 | ---- | C] () -- C:\Users\Veronica\Kaspersky Online Scanner.exe
[2012/06/13 09:21:43 | 000,151,166 | ---- | C] () -- C:\ProgramData\1339604266.bdinstall.bin
[2012/06/08 04:28:08 | 000,148,808 | ---- | C] () -- C:\ProgramData\1339154345.bdinstall.bin
[2012/06/07 20:55:06 | 000,224,937 | ---- | C] () -- C:\ProgramData\1339125945.bdinstall.bin
[2011/12/04 22:42:09 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/10/18 22:10:03 | 000,000,732 | ---- | C] () -- C:\Users\Veronica\AppData\Local\d3d9caps64.dat
[2010/03/27 01:20:09 | 000,000,000 | ---- | C] () -- C:\Users\Veronica\AppData\Local\prvlcl.dat
[2009/09/03 17:56:18 | 000,072,080 | ---- | C] () -- C:\Users\Veronica\g2mdlhlpx.exe
[2008/10/27 04:41:56 | 000,007,649 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2008/10/20 06:09:47 | 000,000,139 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2008/09/03 08:32:00 | 000,000,873 | ---- | C] () -- C:\Program Files (x86)\WinRAR.lnk
[2008/08/30 21:45:48 | 000,001,356 | ---- | C] () -- C:\Users\Veronica\AppData\Local\d3d9caps.dat
[2008/08/29 04:24:49 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/08/28 17:13:44 | 000,189,952 | ---- | C] () -- C:\Users\Veronica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 09:30:37 | 012,900,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 06:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2008/12/16 15:27:35 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\agi
[2013/12/30 22:23:35 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Audacity
[2010/02/20 01:12:51 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\AVG9
[2011/08/15 18:28:14 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\BeadTool
[2011/08/18 13:11:50 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\BitTorrent
[2011/08/03 23:44:04 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Cache
[2010/03/14 01:17:24 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Desktopicon
[2013/07/14 23:35:00 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Dropbox
[2011/07/26 14:12:49 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\eFax Messenger
[2008/08/23 23:13:31 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\HDD Thermometer
[2014/06/29 02:19:12 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\ImgBurn
[2011/07/26 14:15:24 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\j2 Global
[2013/06/17 21:47:20 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Lawson
[2011/10/08 18:33:04 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\MP3SkypeRecorder
[2009/11/25 21:08:44 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\NCH Swift Sound
[2013/10/29 21:25:05 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Oracle
[2009/03/18 14:23:42 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\OverDrive
[2012/06/07 20:21:43 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\QuickScan
[2009/10/20 03:59:29 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Recordpad
[2014/07/03 01:56:47 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\repository
[2010/07/03 07:30:37 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Returnil
[2014/07/03 01:57:17 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\spelling
[2008/08/24 00:39:26 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Webshots
[2012/10/25 01:13:33 | 000,000,000 | ---D | M] -- C:\Users\Veronica\AppData\Roaming\Wondershare Video Converter Ultimate
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011/10/24 15:21:29 | 000,010,039 | ---- | M] ()(C:\Users\Veronica\Documents\? Om Symbol.docx) -- C:\Users\Veronica\Documents\ॐ Om Symbol.docx
[2011/10/24 15:21:22 | 000,010,039 | ---- | C] ()(C:\Users\Veronica\Documents\? Om Symbol.docx) -- C:\Users\Veronica\Documents\ॐ Om Symbol.docx
 
< End of report >
 

  • 0

#25
periwinkle
Posted 07 July 2014 - 03:49 AM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts

Here is the AdwCleaner log file:  

 

# AdwCleaner v3.214 - Report created 07/07/2014 at 02:04:42
# Updated 29/06/2014 by Xplode
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Veronica - VERONICA-PC
# Running from : C:\Users\Veronica\Desktop\adwcleaner_3.214.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : CltMngSvc
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\ProgramData\AGI
[!] Folder Deleted : C:\ProgramData\NCH Software
[!] Folder Deleted : C:\ProgramData\Search Protection
[!] Folder Deleted : C:\Program Files (x86)\AGI
[!] Folder Deleted : C:\Program Files (x86)\NCH Software
[!] Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
[!] Folder Deleted : C:\Users\Veronica\AppData\Local\Ilivid Player
[!] Folder Deleted : C:\Users\Veronica\AppData\Local\PackageAware
[!] Folder Deleted : C:\Users\Veronica\AppData\LocalLow\adawaretb
[!] Folder Deleted : C:\Users\Veronica\AppData\LocalLow\AGI
[!] Folder Deleted : C:\Users\Veronica\AppData\Roaming\AGI
[!] Folder Deleted : C:\Users\Veronica\AppData\Roaming\Desktopicon
[!] Folder Deleted : C:\Users\Veronica\AppData\Roaming\NCH Software
[!] Folder Deleted : C:\Users\Veronica\Documents\Updater
[!] Folder Deleted : C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\25qs7hd5.default-1404101501971\adawaretb
File Deleted : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerTrust\UnifiedToolbar.cfg
File Deleted : C:\Users\Veronica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
File Deleted : C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AG.MediaPlayerCOM
Key Deleted : HKLM\SOFTWARE\Classes\agihelper.AGUtils
Key Deleted : HKLM\SOFTWARE\Classes\AppID\contenthandler.dll
Key Deleted : HKLM\SOFTWARE\Classes\contenthandler.contentselection
Key Deleted : HKLM\SOFTWARE\Classes\contenthandler.contentselection.1
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A5461FCA-320C-4D6F-A150-A53823CE8142}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E16A203-C0AA-4D44-ACC5-38A70A8C76DA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKCU\Software\AGI
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\AGI
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16555
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[ File : C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\25qs7hd5.default-1404101501971\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [7470 octets] - [07/07/2014 00:54:42]
AdwCleaner[S0].txt - [7323 octets] - [07/07/2014 02:04:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7383 octets] ##########

  • 0

Advertisements

#26
periwinkle
Posted 07 July 2014 - 04:50 AM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts

Here's the JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows ™ Vista Home Premium x64
Ran by Veronica on Mon 07/07/2014 at  3:22:35.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\browserpluginhelper
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02DD8284-A49F-43E5-9D84-CF19DC9AD21D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{27DE7D30-BCCD-44D1-ADCB-A74A4259EBEF}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A0EFC4E-F167-4D0E-9C24-FC5519237993}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\Tasks\driver robot.job"
Successfully deleted: [File] "C:\Windows\syswow64\wscm64.dll"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Veronica\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\agi"
 
 
 
~~~ FireFox
 
Successfully deleted: [Folder] C:\Users\Veronica\AppData\Roaming\mozilla\firefox\profiles\25qs7hd5.default-1404101501971\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/07/2014 at  3:38:05.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#27
zep516
Posted 07 July 2014 - 06:55 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts

Hello,

 

Keep this program on your computer and run it once a week!  Lets see if it finds anything...

 

 

Please download Malwarebytes Anti-Malwareto your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop

 

Post that log in next reply....

 

Thanks

Joe :)


  • 0

#28
periwinkle
Posted 07 July 2014 - 08:40 PM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts

Okay, when I went to export the text file, there was nothing in the box.  I found the text file another way, but I don't know if the format will make sense.  This is the only version I could find of the file.  I have the file, but I had to copy the path to Windows' search box in order to find the file.  It was in a file called Program Data, which was hidden!  I don't like things to be hidden from me.

 

For some odd reason, when I try to export the file, it comes up blank.  I tried a few different ways to export the file, but none of them worked.  So here's what I was able to get:

 

 
<?xml version="1.0" encoding="UTF-16"?>
-<mbam-log> -<header> <date>2014/07/07 18:07:08 -0700</date> <logfile>mbam-log-2014-07-07 (18-07-05).xml</logfile> <isadmin>yes</isadmin> </header> -<engine> <version>2.00.2.1012</version> <malware-database>v2014.07.07.09</malware-database> <rootkit-database>v2014.07.07.01</rootkit-database> <license>trial</license> <file-protection>enabled</file-protection> <web-protection>enabled</web-protection> <self-protection>disabled</self-protection> </engine> -<system> <osversion>Windows Vista Service Pack 2</osversion> <arch>x64</arch> <username>Veronica</username> <filesys>NTFS</filesys> </system> -<summary> <type>threat</type> <result>completed</result> <objects>317384</objects> <time>2749</time> <processes>0</processes> <modules>0</modules> <keys>1</keys> <values>0</values> <datas>0</datas> <folders>0</folders> <files>2</files> <sectors>0</sectors> </summary> -<options> <memory>enabled</memory> <startup>enabled</startup> <filesystem>enabled</filesystem> <archives>enabled</archives> <rootkits>enabled</rootkits> <deeprootkit>disabled</deeprootkit> <heuristics>enabled</heuristics> <pup>enabled</pup> <pum>enabled</pum> </options> -<items> -<key><path>HKU\S-1-5-21-2932777127-504153465-3726424614-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Fun Web Products</path><vendor>PUP.Optional.FunWebProducts.A</vendor><action>success</action><hash>0aac0e8e5a21251157845e6138ca6a96</hash></key> -<file><path>C:\Users\Veronica\Desktop\SetupImgBurn_2.5.8.0.exe</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>b6002b71e497f93df74a576458ac5ea2</hash></file> -<file><path>C:\Users\Veronica\Downloads\winzip155.exe</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>7f37a3f91368df571c254c6fef15ac54</hash></file> </items> </mbam-log>

Edited by periwinkle, 07 July 2014 - 08:46 PM.

  • 0

#29
zep516
Posted 07 July 2014 - 08:57 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts

Good enough. There's nothing there to worry about. Malwarebytes is a good overall check of things and does not miss much.

 

Our final scan.

 

It's an On-Line scan and will take a while. This scan will show threats that have already been quarantined. So don't worry about it when it starts finding threats right away.

 

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

 

  • Please go >>HERE<< then click on: ESET1st.jpg

     

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)

 

 

 


  • 0

#30
periwinkle
Posted 08 July 2014 - 05:14 AM

periwinkle

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 298 posts
Hey Joe, I was just looking at these files and finding it interesting that I've deleted some of them, but they're still showing up in this scan!
 
Okay, here is the ESET scan:
 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Prism\prism.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Prism\prismsetup_v1.82.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Prism\uninst.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Veronica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk.vir Win32/Adware.ADON potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk.vir Win32/Adware.ADON potentially unwanted application
C:\Program Files (x86)\CCleaner\CCleaner.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files (x86)\CCleaner\ccsetup415.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawaretb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\Users\Veronica\Desktop\drivermax_7_34_cnet.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\Veronica\Documents\debutsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Users\Veronica\Downloads\drivermax_7_34_cnet.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\Veronica\Downloads\LimeWireWin.exe a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application
C:\Users\Veronica\Downloads\m4a-to-mp3-converter.exe a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application
C:\Users\Veronica\Program Files (x86)\FreemakeVideoConverterSetup.exe Win32/OpenCandy potentially unsafe application
C:\Users\Veronica\Program Files (x86)\FreeVideoFlipAndRotate.exe Win32/Toolbar.Conduit potentially unwanted application

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP