Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Task Manager under Applications and Processes the services or apps are


  • This topic is locked This topic is locked
10 replies to this topic

#1 jjssj1

jjssj1

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 01 March 2014 - 02:58 PM

Windows Task  Manager under Applications and  Processes the services or apps are jumping around including msconfig - startup programs.

 

Slow Adobe Programs

 

Generally Slow PC

 

Windows 7 64bit

SSD 256gb(Hogging programs/OS)

3TB Red Wester Digital (I know its slow)

 

Asus Maximus Extreme IV (socket 2011)

I7 3930k @ 4.5ghz vcore1.3

AMD Radeon Firepro w8000

32gb 1600mhz corsair dominator (Need for Computational fluid Dynamics - CAD - Video Rendering)

 

Anymore information ask

 

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:57:46, on 01/03/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)

FIREFOX: 25.0.1 (en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\J\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\J\AppData\Roaming\29488ac.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\J\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Users\J\AppData\Roaming\29488ac.exe
C:\Windows\SysWOW64\notepad.exe
D:\Program Files (x86)\Postbox\postbox.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\LooksBuilder\Magic Bullet Looks.exe
C:\Program Files (x86)\Common Files\Adobe\dynamiclink\7.0\dynamiclinkmanager.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Program Files (x86)\Adobe\Adobe InDesign CC\InDesign.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\SolidWorks Corp\SolidWorks\swvbaserver\swvbaserver.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 174.120.130.173 acamso.com
O1 - Hosts: 192.185.51.204 acamso.com
O1 - Hosts: 92.241.168.10 sendblaster.com
O1 - Hosts: 92.241.168.10 www.sendblaster.com127.0.0.1 lmlicenses.wip4.adobe.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [LWS] D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [F.lux] "C:\Users\J\Local Settings\Apps\F.lux\flux.exe" /noshow
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [29488ac.exe] C:\Users\J\AppData\Roaming\29488ac.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\J\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-21-3208368526-2848764839-2880309411-1000\..\Run: [F.lux] "C:\Users\J\Local Settings\Apps\F.lux\flux.exe" /noshow (User '?')
O4 - HKUS\S-1-5-21-3208368526-2848764839-2880309411-1000\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" (User '?')
O4 - HKUS\S-1-5-21-3208368526-2848764839-2880309411-1000\..\Run: [29488ac.exe] C:\Users\J\AppData\Roaming\29488ac.exe (User '?')
O4 - HKUS\S-1-5-21-3208368526-2848764839-2880309411-1000\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\J\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l (User '?')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - S-1-5-21-3208368526-2848764839-2880309411-1000 Startup: Dropbox.lnk = C:\Users\J\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?')
O4 - S-1-5-21-3208368526-2848764839-2880309411-1000 Startup: Logitech . Product Registration.lnk = D:\Program Files (x86)\Logitech\Ereg\eReg.exe (User '?')
O4 - S-1-5-21-3208368526-2848764839-2880309411-1000 Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (User '?')
O4 - Startup: Dropbox.lnk = C:\Users\J\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Logitech . Product Registration.lnk = D:\Program Files (x86)\Logitech\Ereg\eReg.exe
O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Download all links with IDM - D:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - D:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: Open Client to monitor &3 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: Se&nd to OneNote - res://D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bunkspeed Boost (BoostService) - Bunkspeed - C:\Program Files\Bunkspeed\New folder\Drive\Bunkspeed Boost.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: DraftSight API Service - Dassault Systèmes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: mental ray Satellite for Autodesk 3ds Max Design 2014 64-bit (mi-raysat_3dsmax2014_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NuTCRACKER Service (NuTCRACKERService) - Unknown owner - C:\Windows\system32\nutsrv4.exe (file missing)
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: PortmapperService - PTC Inc. - C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Bunkspeed Queue Server (QueueServer) - Bunkspeed - C:\Program Files\Bunkspeed\New folder\Drive\Bunkspeed.Queue.Server.exe
O23 - Service: Remote Solver for Flow Simulation 2014 (RemoteSolverDispatcher) - Mentor Graphics Corporation - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 20003 bytes
 



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:24 PM

Posted 01 March 2014 - 03:08 PM

Hi,

please run a FRST scan to better diagnose your problem:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 jjssj1

jjssj1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 01 March 2014 - 03:39 PM

Make sure the option Addition.txt is checked and press the Scan button

 

Where do I select 'Addition.txt',  can't find it?

This is the FRST.txt

 

 

Farbar Service Scanner Version: 25-02-2014
Ran by J (administrator) on 01-03-2014 at 20:37:38
Running from "D:\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll
[2013-01-29 08:55] - [2013-01-29 08:55] - 0317952 ____A (Microsoft Corporation) 3249F4E4DBF1BD24B40DFF385F2511D4

C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:24 PM

Posted 01 March 2014 - 03:42 PM

You somehow downloaded Farbars Service Scanner and not the Recovery Scan Tool. :)
Try it again with this link:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#5 jjssj1

jjssj1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 01 March 2014 - 04:01 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-03-2014
Ran by J (administrator) on J-PC on 01-03-2014 20:58:07
Running from D:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(MKS Software Inc.) C:\Windows\system32\nutsrv4.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(PTC Inc.) C:\Program Files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(SolidWorks) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Users\J\Local Settings\Apps\F.lux\flux.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Users\J\AppData\Roaming\29488ac.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Dropbox, Inc.) C:\Users\J\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Logitech Inc.) D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Users\J\AppData\Roaming\29488ac.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Postbox, Inc.) D:\Program Files (x86)\Postbox\postbox.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTE.EXE
(BitTorrent Inc.) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Red Giant LLC) C:\Program Files (x86)\LooksBuilder\Magic Bullet Looks.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\dynamiclink\7.0\dynamiclinkmanager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe InDesign CC\InDesign.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldProcMon.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\swvbaserver\swvbaserver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Luxion) C:\Program Files\KeyShot4\bin\keyshot4.exe
() C:\Program Files\KeyShot4\bin\keyshot_daemon.exe
() C:\Program Files\Lightmap\HDR Light Studio v4.0\HDRLightStudio.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Trend Micro Inc.) D:\Downloads\HijackThis.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2013-03-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
HKLM-x32\...\Run: [LWS] - D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\.DEFAULT\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Run: [F.lux] - C:\Users\J\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-05-30] (AMD)
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Run: [29488ac.exe] - C:\Users\J\AppData\Roaming\29488ac.exe [1867860 2013-05-08] ()
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\J\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Policies\Explorer: [RestrictRun] 0
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\J\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> D:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCB91590CA534CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} -  No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll (CGM Open Consortium, Inc.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 12 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Winsock: Catalog9-x64 13 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default
FF user.js: detected! => C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\user.js
FF NewTab: user_pref("browser.newtab.url", "");
FF Homepage: hxxp://www.google.com/calendar
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @ptc.com/ProductViewLite - C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\J\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\J\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\J\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\J\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\J\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\J\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect32 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll No File
FF Plugin HKCU: adobe.com/AdobeExManCCDetect64 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll No File
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\J\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\J\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\J\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\searchplugins\askcom-search.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\donottrackplus@abine.com [2014-01-05]
FF Extension: LastPass - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\support@lastpass.com [2014-02-27]
FF Extension: FireShot - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-01-28]
FF Extension: SeoQuake - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2013-10-10]
FF Extension: Firebug - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\firebug@software.joehewitt.com.xpi [2013-03-20]
FF Extension: StartAid Online Bookmarks - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\startaid@startaid.com.xpi [2013-06-02]
FF Extension: Test Pilot - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-06-12]
FF Extension: Adblock Plus - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-20]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\J\AppData\Roaming\IDM\idmmzcc3
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\J\AppData\Roaming\IDM\idmmzcc3
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (Google Docs) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-27]
CHR Extension: (Google Drive) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-27]
CHR Extension: (YouTube) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-27]
CHR Extension: (Google Search) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-27]
CHR Extension: (Window Resizer) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2014-03-01]
CHR Extension: (Google Wallet) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-27]
CHR Extension: (Gmail) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx [2013-10-27]

==================== Services (Whitelisted) =================

S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2013-04-27] ()
S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
S3 BoostService; C:\Program Files\Bunkspeed\New folder\Drive\Bunkspeed Boost.exe [444928 2013-12-01] (Bunkspeed)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2013-12-28] (Dassault Systèmes)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [920872 2013-12-18] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-12-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-12-18] ()
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] ()
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [680960 2013-09-01] (PTC Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 QueueServer; C:\Program Files\Bunkspeed\New folder\Drive\Bunkspeed.Queue.Server.exe [17920 2013-12-01] (Bunkspeed)
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [235656 2013-11-14] (Mentor Graphics Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-05-27] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1250848 2011-05-27] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-05-27] (SafeNet, Inc.)
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [9693696 2012-04-19] ()
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2013-04-27] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-20] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-02] (GFI Software)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-11-13] (AnchorFree Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
R3 vusbbus; C:\Windows\System32\DRIVERS\vusbbus.sys [303104 2012-05-16] ()
S3 ALSysIO; \??\C:\Users\J\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\D:\Downloads\RealTemp_3.00-[Guru3D.com]\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 20:58 - 2014-03-01 20:58 - 00000000 ____D () C:\FRST
2014-03-01 20:40 - 2014-03-01 20:36 - 00409600 _____ (Farbar) C:\Users\J\Desktop\FSS.exe
2014-03-01 15:10 - 2014-03-01 15:10 - 00000000 ____D () C:\Users\J\Desktop\HardySidhuNew
2014-03-01 13:10 - 2014-03-01 13:10 - 00000000 ____D () C:\ProgramData\goodasnew
2014-03-01 13:10 - 2014-03-01 13:10 - 00000000 _____ () C:\Users\J\updater_output.txt
2014-02-28 18:34 - 2014-02-28 18:34 - 00000000 ____D () C:\Users\J\AppData\Roaming\teknikforce
2014-02-28 15:48 - 2014-02-28 15:48 - 00000000 ____D () C:\Users\J\Desktop\[Rp] Manni Sandhu & Manjit Pappu - Friday - 320 VBR [By Dhillon] [iTunes Rip]
2014-02-27 23:43 - 2014-03-01 14:19 - 00000000 ____D () C:\Users\J\Desktop\Jatinder
2014-02-26 23:18 - 2014-02-26 23:18 - 00000000 ____D () C:\Users\J\Desktop\optimizePressTheme
2014-02-26 23:15 - 2014-02-16 20:08 - 38437738 _____ () C:\Users\J\Desktop\optimizePress_v2.1.7.11.zip
2014-02-25 15:21 - 2014-02-28 16:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-25 15:11 - 2014-02-25 15:11 - 00003486 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-J-PC-J
2014-02-25 15:10 - 2014-02-28 16:27 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-25 15:08 - 2014-02-28 18:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-25 12:55 - 2014-03-01 19:45 - 00000000 ____D () C:\Users\J\AppData\Local\Adobe
2014-02-25 12:55 - 2014-03-01 12:09 - 00000336 _____ () C:\Windows\setupact.log
2014-02-25 12:55 - 2014-02-28 18:27 - 00000000 ____D () C:\Users\J\AppData\Roaming\Adobe
2014-02-25 12:55 - 2014-02-25 12:55 - 00000568 _____ () C:\Windows\PFRO.log
2014-02-25 12:55 - 2014-02-25 12:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 12:23 - 2014-02-25 12:23 - 02152168 _____ () C:\Users\J\Downloads\CodecPerformerSetup.exe
2014-02-25 12:20 - 2014-02-25 12:20 - 00000000 ____D () C:\Users\J\Desktop\New folder (3)
2014-02-25 12:18 - 2014-02-25 12:18 - 10186323 _____ () C:\Users\J\Downloads\Revo.Uninstaller.Pro.3.0.7.rar
2014-02-25 11:34 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-02-24 23:34 - 2014-01-31 21:39 - 09307863 _____ () C:\Users\J\Desktop\Jatinder.zip
2014-02-24 22:47 - 2014-02-24 22:47 - 00000000 ____D () C:\Users\J\Desktop\PremierePro_CC_7_2_upd
2014-02-24 22:32 - 2014-02-24 22:21 - 311668797 _____ () C:\Users\J\Desktop\PremierePro_CC_7_2_upd.zip
2014-02-24 22:31 - 2013-10-13 22:54 - 34442960 _____ (PainteR ) C:\Users\J\Desktop\umt-7.0-setup.exe
2014-02-24 21:44 - 2014-02-24 21:45 - 00000000 ____D () C:\Users\J\Desktop\Adobe Premiere Pro CS6
2014-02-23 23:16 - 2014-02-22 18:19 - 13424092 _____ () C:\Users\J\Desktop\Jatinder(1).zip
2014-02-23 21:01 - 2013-12-13 19:48 - 04890624 _____ () C:\Windows\SysWOW64\LS3Renderer_x64.dll
2014-02-23 21:01 - 2013-12-13 19:48 - 04165632 _____ () C:\Windows\SysWOW64\LS3Renderer.dll
2014-02-23 21:01 - 2013-12-13 15:41 - 04769280 _____ () C:\Windows\SysWOW64\ColoristaRenderer_x64.dll
2014-02-23 21:01 - 2013-12-13 15:41 - 04078080 _____ () C:\Windows\SysWOW64\ColoristaRenderer.dll
2014-02-23 21:01 - 2013-11-19 17:10 - 04228096 _____ () C:\Windows\SysWOW64\CosmoRenderer_x64.dll
2014-02-23 21:01 - 2013-11-19 17:10 - 03658752 _____ () C:\Windows\SysWOW64\CosmoRenderer.dll
2014-02-23 19:45 - 2014-03-01 12:09 - 00000000 ____D () C:\Users\J\AppData\Roaming\newnext.me
2014-02-23 19:45 - 2014-02-23 19:46 - 00000000 ____D () C:\Users\J\AppData\Local\SwvUpdater
2014-02-23 19:45 - 2014-02-23 19:45 - 00000000 ____D () C:\Users\J\AppData\Local\genienext
2014-02-23 19:45 - 2014-02-23 19:45 - 00000000 _____ () C:\Users\J\daemonprocess.txt
2014-02-23 19:33 - 2014-02-25 15:37 - 00000000 ____D () C:\Users\J\Desktop\New folder (2)
2014-02-22 17:28 - 2014-02-22 17:28 - 00000322 _____ () C:\Users\J\Desktop\loader.log
2014-02-22 17:27 - 2014-02-22 17:27 - 01487872 _____ (crackedseotools.com) C:\Users\J\Desktop\IMSLoader.exe
2014-02-22 16:45 - 2014-02-22 16:45 - 00001991 _____ () C:\Users\J\Desktop\SEnukeXCr.lnk
2014-02-22 16:43 - 2014-02-23 01:30 - 00000000 ____D () C:\Users\J\AppData\Local\SENukeX
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SENukeX
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\Deployment
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\Apps\2.0
2014-02-22 14:01 - 2014-02-22 16:47 - 00000287 _____ () C:\Users\J\Desktop\top 20 insuitrial design poortfolio emails.txt
2014-02-21 14:18 - 2014-02-21 14:24 - 00000000 ____D () C:\Users\J\Desktop\Web
2014-02-21 14:18 - 2014-02-20 20:28 - 03620919 _____ () C:\Users\J\Desktop\Web.zip
2014-02-20 21:41 - 2014-02-20 21:41 - 00058085 _____ () C:\Users\J\Downloads\estilo.rar
2014-02-20 20:24 - 2014-02-20 20:24 - 00000112 _____ () C:\Users\J\AppData\Roaming\JP2K CS6 Prefs
2014-02-19 17:40 - 2014-02-19 17:40 - 32499558 _____ () C:\Users\J\Desktop\NEWBLUE_STABILIZER_V1.4-XFORCE.rar
2014-02-19 15:27 - 2014-02-19 15:27 - 00000000 ____D () C:\Program Files\CyberLink
2014-02-19 14:31 - 2014-02-19 14:31 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-19 14:30 - 2014-02-19 14:30 - 00921000 _____ (Oracle Corporation) C:\Users\J\Downloads\chromeinstall-7u51.exe
2014-02-19 12:40 - 2014-02-19 17:43 - 00000000 ____D () C:\Users\J\Desktop\Adobe.CC.Keymaker.Win.MacOSX.X-FORCE
2014-02-19 12:21 - 2014-02-19 12:23 - 00000000 ____D () C:\ProgramData\eSellerate
2014-02-19 12:20 - 2014-02-19 17:43 - 00000000 ____D () C:\Program Files\NewBlue
2014-02-19 12:20 - 2014-02-19 17:43 - 00000000 ____D () C:\Program Files (x86)\NewBlue
2014-02-19 12:20 - 2014-02-19 12:20 - 00000000 ____D () C:\Program Files\Common Files\OFX
2014-02-18 22:29 - 2014-02-18 22:29 - 73847347 _____ () C:\Users\J\Desktop\MVI_0335.MOV.mp4
2014-02-18 16:31 - 2014-02-18 16:31 - 00016619 _____ () C:\Users\J\Desktop\hijackthis.log
2014-02-18 16:24 - 2013-12-21 09:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-18 16:24 - 2013-12-21 08:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-18 16:23 - 2014-02-06 12:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-18 16:23 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-18 16:23 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-18 16:23 - 2014-02-06 11:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-18 16:23 - 2014-02-06 11:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-18 16:23 - 2014-02-06 11:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-18 16:23 - 2014-02-06 10:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-18 16:23 - 2014-02-06 10:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-18 16:23 - 2014-02-06 10:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-18 16:23 - 2014-02-06 10:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-18 16:23 - 2014-02-06 10:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-18 16:23 - 2014-02-06 10:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-18 16:23 - 2014-02-06 10:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-18 16:23 - 2014-02-06 10:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-18 16:23 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-18 16:23 - 2014-02-06 10:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-18 16:23 - 2014-02-06 10:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-18 16:23 - 2014-02-06 10:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-18 16:23 - 2014-02-06 10:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-18 16:23 - 2014-02-06 09:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-18 16:23 - 2014-02-06 09:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-18 16:23 - 2014-02-06 09:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-18 16:23 - 2014-02-06 09:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-18 16:23 - 2014-02-06 09:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-18 16:23 - 2014-02-06 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-18 16:23 - 2014-02-06 09:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-18 16:23 - 2014-02-06 09:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-18 16:23 - 2014-02-06 09:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-18 16:23 - 2014-02-06 09:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-18 16:23 - 2014-02-06 09:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-18 16:23 - 2014-02-06 09:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-18 16:23 - 2014-02-06 09:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-18 16:23 - 2014-02-06 09:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-18 16:23 - 2014-02-06 09:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-18 16:23 - 2014-02-06 08:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-18 16:23 - 2014-02-06 08:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-18 16:23 - 2014-02-06 08:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-18 16:23 - 2014-02-06 08:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-18 16:23 - 2014-02-06 08:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-18 16:23 - 2013-12-31 23:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-18 16:23 - 2013-12-31 23:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-18 16:23 - 2013-12-24 23:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-18 16:23 - 2013-12-24 22:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-18 16:23 - 2013-12-06 02:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-18 16:23 - 2013-12-06 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-18 16:23 - 2013-12-06 02:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-18 16:23 - 2013-12-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-18 16:23 - 2013-12-04 02:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-18 16:23 - 2013-12-04 02:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-18 16:23 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-18 16:23 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-18 16:23 - 2013-12-04 02:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-18 16:23 - 2013-12-04 02:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-18 16:23 - 2013-12-04 02:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-18 16:23 - 2013-12-04 02:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-18 16:23 - 2013-12-04 02:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-18 16:23 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-18 16:23 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-18 16:23 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-18 16:23 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-18 16:23 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-18 16:23 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-18 16:23 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-18 16:23 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-18 16:23 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-18 16:23 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-18 16:23 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-18 16:23 - 2013-11-26 10:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-18 16:23 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-18 16:23 - 2013-11-22 22:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-18 14:27 - 2014-02-18 14:27 - 00002764 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-17 16:03 - 2014-02-17 16:08 - 00028767 _____ () C:\Users\J\Desktop\plugin.php
2014-02-17 15:56 - 2014-02-17 15:56 - 00101068 _____ () C:\Users\J\Desktop\style.css
2014-02-15 22:23 - 2014-02-15 22:27 - 00000000 ____D () C:\Users\J\Documents\My Kindle Content
2014-02-15 22:23 - 2014-02-15 22:23 - 00002010 _____ () C:\Users\J\Desktop\Kindle.lnk
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\AppData\Local\Amazon
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-14 23:18 - 2014-02-14 23:18 - 00000000 ____D () C:\Program Files (x86)\GUME67.tmp
2014-02-14 17:49 - 2014-02-14 17:49 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer
2014-02-13 16:59 - 2014-02-13 17:38 - 00055236 _____ () C:\Users\J\Documents\Miproto.vsdx
2014-02-13 01:27 - 2014-02-13 01:27 - 00000000 ____D () C:\Program Files (x86)\GUM125F.tmp
2014-02-12 18:01 - 2014-02-12 18:01 - 00000714 _____ () C:\Users\J\Desktop\KeyShot 4 Resources.lnk
2014-02-12 17:57 - 2014-03-01 17:29 - 00000000 ____D () C:\ProgramData\Reprise
2014-02-12 17:26 - 2014-02-12 17:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-10 19:41 - 2014-02-10 19:41 - 00001636 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2014-02-10 19:28 - 2014-02-10 19:28 - 00000498 _____ () C:\Users\J\Desktop\Program Files (Only) (D) - Shortcut (2).lnk
2014-02-09 20:24 - 2014-02-09 20:24 - 00001598 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\Program Files\iTunes
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\Program Files\iPod
2014-02-08 02:37 - 2014-02-08 02:37 - 18130837 _____ () C:\Users\J\Desktop\optimizePressTheme.zip
2014-02-04 11:42 - 2014-02-04 11:42 - 00000000 ____D () C:\Windows\AutoKMS
2014-02-04 11:40 - 2013-05-08 15:49 - 01867860 ___SH () C:\Users\J\AppData\Roaming\29488ac.exe
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\Users\J\AppData\Roaming\Canon
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\ProgramData\Quick Menu_1
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-02-03 15:11 - 2014-02-03 15:11 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-02-03 15:11 - 2010-12-17 14:49 - 00515072 _____ (CANON INC.) C:\Windows\system32\CNQ2414L.dll
2014-02-03 15:11 - 2010-12-17 14:49 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ2414L.dll
2014-02-03 15:11 - 2010-03-19 10:04 - 00393256 _____ () C:\Windows\SysWOW64\CNQ2414N.DAT
2014-02-03 15:11 - 2010-03-19 10:04 - 00393256 _____ () C:\Windows\system32\CNQ2414N.DAT
2014-02-03 15:11 - 2010-03-18 17:13 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ2414C.dll
2014-02-03 15:11 - 2010-03-18 17:13 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ2414I.dll
2014-02-03 15:11 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ2414U.dll
2014-02-03 15:11 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-02-03 15:11 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-02-02 13:52 - 2014-02-02 14:32 - 00000000 ____D () C:\Users\J\Desktop\Logo Design
2014-02-01 19:58 - 2014-02-01 19:58 - 00000000 ____D () C:\Users\J\AppData\Roaming\Red Giant
2014-02-01 18:59 - 2014-02-01 19:11 - 00000000 ____D () C:\Users\J\Desktop\Barber Vinny

==================== One Month Modified Files and Folders =======

2014-03-01 20:58 - 2014-03-01 20:58 - 00000000 ____D () C:\FRST
2014-03-01 20:56 - 2013-03-20 01:32 - 00000000 ____D () C:\Users\J\AppData\Roaming\uTorrent
2014-03-01 20:36 - 2014-03-01 20:40 - 00409600 _____ (Farbar) C:\Users\J\Desktop\FSS.exe
2014-03-01 20:32 - 2013-06-26 20:06 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-01 20:23 - 2013-08-03 12:56 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA.job
2014-03-01 19:45 - 2014-02-25 12:55 - 00000000 ____D () C:\Users\J\AppData\Local\Adobe
2014-03-01 19:43 - 2013-06-28 22:50 - 00000000 ____D () C:\Users\J\AppData\Roaming\Dropbox
2014-03-01 19:36 - 2013-07-20 13:09 - 01182876 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 18:14 - 2013-03-26 15:07 - 00000912 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA.job
2014-03-01 18:00 - 2013-03-21 09:42 - 00000460 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2014-03-01 17:29 - 2014-02-12 17:57 - 00000000 ____D () C:\ProgramData\Reprise
2014-03-01 15:14 - 2013-03-26 15:07 - 00000890 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core.job
2014-03-01 15:10 - 2014-03-01 15:10 - 00000000 ____D () C:\Users\J\Desktop\HardySidhuNew
2014-03-01 14:19 - 2014-02-27 23:43 - 00000000 ____D () C:\Users\J\Desktop\Jatinder
2014-03-01 13:10 - 2014-03-01 13:10 - 00000000 ____D () C:\ProgramData\goodasnew
2014-03-01 13:10 - 2014-03-01 13:10 - 00000000 _____ () C:\Users\J\updater_output.txt
2014-03-01 13:10 - 2013-03-20 00:27 - 00000000 ____D () C:\Users\J
2014-03-01 13:04 - 2013-04-02 22:53 - 00004176 _____ () C:\Windows\System32\Tasks\Red Giant Link
2014-03-01 12:30 - 2013-03-27 22:18 - 00004924 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for J-PC-J J-PC
2014-03-01 12:13 - 2009-07-14 05:13 - 00863108 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 12:12 - 2013-04-27 12:14 - 00003894 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{41F38C7A-19E2-4EA6-9F52-2D7DF5767374}
2014-03-01 12:09 - 2014-02-25 12:55 - 00000336 _____ () C:\Windows\setupact.log
2014-03-01 12:09 - 2014-02-23 19:45 - 00000000 ____D () C:\Users\J\AppData\Roaming\newnext.me
2014-03-01 12:09 - 2013-06-26 20:06 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-01 12:09 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 12:09 - 2009-07-14 04:45 - 06603552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-28 23:23 - 2013-08-03 12:56 - 00000840 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core.job
2014-02-28 18:34 - 2014-02-28 18:34 - 00000000 ____D () C:\Users\J\AppData\Roaming\teknikforce
2014-02-28 18:27 - 2014-02-25 15:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-28 18:27 - 2014-02-25 12:55 - 00000000 ____D () C:\Users\J\AppData\Roaming\Adobe
2014-02-28 16:27 - 2014-02-25 15:10 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-28 16:27 - 2013-03-20 00:40 - 00572208 _____ () C:\Users\J\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-28 16:25 - 2014-02-25 15:21 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-28 16:24 - 2013-03-20 01:46 - 00000000 ____D () C:\Program Files\Adobe
2014-02-28 16:21 - 2013-06-22 13:41 - 00000000 ____D () C:\Users\J\AppData\Roaming\vlc
2014-02-28 15:48 - 2014-02-28 15:48 - 00000000 ____D () C:\Users\J\Desktop\[Rp] Manni Sandhu & Manjit Pappu - Friday - 320 VBR [By Dhillon] [iTunes Rip]
2014-02-28 15:37 - 2013-03-25 21:10 - 00000000 ____D () C:\Users\J\AppData\Local\CrashDumps
2014-02-28 15:15 - 2013-03-20 01:45 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-28 12:14 - 2013-03-20 02:51 - 00000000 ____D () C:\Users\J\AppData\Local\TempSWBackupDirectory
2014-02-27 23:24 - 2013-08-28 10:52 - 00000000 ____D () C:\Users\J\AppData\Roaming\Skype
2014-02-27 13:37 - 2013-03-22 16:23 - 00000000 ____D () C:\Users\J\Documents\OneNote Notebooks
2014-02-27 10:16 - 2013-03-20 00:28 - 00000000 ___RD () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-27 00:29 - 2013-10-29 21:34 - 00000000 ____D () C:\Users\J\AppData\Roaming\FileZilla
2014-02-26 23:18 - 2014-02-26 23:18 - 00000000 ____D () C:\Users\J\Desktop\optimizePressTheme
2014-02-26 22:24 - 2013-03-20 00:37 - 00000000 ____D () C:\Users\J\AppData\Roaming\Mozilla
2014-02-25 15:37 - 2014-02-23 19:33 - 00000000 ____D () C:\Users\J\Desktop\New folder (2)
2014-02-25 15:11 - 2014-02-25 15:11 - 00003486 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-J-PC-J
2014-02-25 12:55 - 2014-02-25 12:55 - 00000568 _____ () C:\Windows\PFRO.log
2014-02-25 12:55 - 2014-02-25 12:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 12:23 - 2014-02-25 12:23 - 02152168 _____ () C:\Users\J\Downloads\CodecPerformerSetup.exe
2014-02-25 12:20 - 2014-02-25 12:20 - 00000000 ____D () C:\Users\J\Desktop\New folder (3)
2014-02-25 12:18 - 2014-02-25 12:18 - 10186323 _____ () C:\Users\J\Downloads\Revo.Uninstaller.Pro.3.0.7.rar
2014-02-24 22:47 - 2014-02-24 22:47 - 00000000 ____D () C:\Users\J\Desktop\PremierePro_CC_7_2_upd
2014-02-24 22:21 - 2014-02-24 22:32 - 311668797 _____ () C:\Users\J\Desktop\PremierePro_CC_7_2_upd.zip
2014-02-24 22:10 - 2013-04-02 21:49 - 00000021 _____ () C:\Windows\SurCode.INI
2014-02-24 21:45 - 2014-02-24 21:44 - 00000000 ____D () C:\Users\J\Desktop\Adobe Premiere Pro CS6
2014-02-23 21:01 - 2014-01-03 00:31 - 00000000 ____D () C:\ProgramData\Red Giant
2014-02-23 21:01 - 2013-04-02 22:53 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder
2014-02-23 21:01 - 2013-03-20 02:12 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-23 21:00 - 2013-03-20 02:13 - 00000000 ____D () C:\Users\J\AppData\Local\Downloaded Installations
2014-02-23 19:46 - 2014-02-23 19:45 - 00000000 ____D () C:\Users\J\AppData\Local\SwvUpdater
2014-02-23 19:46 - 2013-03-29 12:14 - 00000000 ____D () C:\Users\J\AppData\Local\cache
2014-02-23 19:45 - 2014-02-23 19:45 - 00000000 ____D () C:\Users\J\AppData\Local\genienext
2014-02-23 19:45 - 2014-02-23 19:45 - 00000000 _____ () C:\Users\J\daemonprocess.txt
2014-02-23 01:30 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\SENukeX
2014-02-22 18:19 - 2014-02-23 23:16 - 13424092 _____ () C:\Users\J\Desktop\Jatinder(1).zip
2014-02-22 17:49 - 2009-07-14 04:45 - 00028704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 17:49 - 2009-07-14 04:45 - 00028704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 17:28 - 2014-02-22 17:28 - 00000322 _____ () C:\Users\J\Desktop\loader.log
2014-02-22 17:27 - 2014-02-22 17:27 - 01487872 _____ (crackedseotools.com) C:\Users\J\Desktop\IMSLoader.exe
2014-02-22 16:47 - 2014-02-22 14:01 - 00000287 _____ () C:\Users\J\Desktop\top 20 insuitrial design poortfolio emails.txt
2014-02-22 16:45 - 2014-02-22 16:45 - 00001991 _____ () C:\Users\J\Desktop\SEnukeXCr.lnk
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SENukeX
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\Deployment
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\Apps\2.0
2014-02-21 14:24 - 2014-02-21 14:18 - 00000000 ____D () C:\Users\J\Desktop\Web
2014-02-21 10:45 - 2013-03-20 00:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 10:45 - 2013-03-20 00:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 22:17 - 2013-12-16 02:54 - 00000132 _____ () C:\Users\J\AppData\Roaming\Adobe PNG Format CC Prefs
2014-02-20 21:41 - 2014-02-20 21:41 - 00058085 _____ () C:\Users\J\Downloads\estilo.rar
2014-02-20 21:17 - 2013-03-20 12:27 - 00000000 ____D () C:\Users\J\Documents\KeyShot 4
2014-02-20 20:28 - 2014-02-21 14:18 - 03620919 _____ () C:\Users\J\Desktop\Web.zip
2014-02-20 20:24 - 2014-02-20 20:24 - 00000112 _____ () C:\Users\J\AppData\Roaming\JP2K CS6 Prefs
2014-02-20 11:19 - 2014-01-06 15:09 - 00000792 _____ () C:\Users\J\AppData\Local\KeyShot.log
2014-02-19 17:43 - 2014-02-19 12:40 - 00000000 ____D () C:\Users\J\Desktop\Adobe.CC.Keymaker.Win.MacOSX.X-FORCE
2014-02-19 17:43 - 2014-02-19 12:20 - 00000000 ____D () C:\Program Files\NewBlue
2014-02-19 17:43 - 2014-02-19 12:20 - 00000000 ____D () C:\Program Files (x86)\NewBlue
2014-02-19 17:40 - 2014-02-19 17:40 - 32499558 _____ () C:\Users\J\Desktop\NEWBLUE_STABILIZER_V1.4-XFORCE.rar
2014-02-19 15:27 - 2014-02-19 15:27 - 00000000 ____D () C:\Program Files\CyberLink
2014-02-19 14:52 - 2013-11-03 14:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-19 14:31 - 2014-02-19 14:31 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-19 14:31 - 2013-03-20 19:51 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-19 14:30 - 2014-02-19 14:30 - 00921000 _____ (Oracle Corporation) C:\Users\J\Downloads\chromeinstall-7u51.exe
2014-02-19 14:23 - 2013-03-20 12:27 - 00000000 ____D () C:\Program Files\KeyShot4
2014-02-19 12:23 - 2014-02-19 12:21 - 00000000 ____D () C:\ProgramData\eSellerate
2014-02-19 12:20 - 2014-02-19 12:20 - 00000000 ____D () C:\Program Files\Common Files\OFX
2014-02-18 22:29 - 2014-02-18 22:29 - 73847347 _____ () C:\Users\J\Desktop\MVI_0335.MOV.mp4
2014-02-18 18:51 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-02-18 16:31 - 2014-02-18 16:31 - 00016619 _____ () C:\Users\J\Desktop\hijackthis.log
2014-02-18 16:27 - 2013-11-27 01:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 16:26 - 2013-03-20 02:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-18 16:24 - 2013-03-20 00:34 - 00846974 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-18 16:21 - 2013-04-19 18:15 - 00007603 _____ () C:\Users\J\AppData\Local\Resmon.ResmonCfg
2014-02-18 15:12 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\Registration
2014-02-18 15:03 - 2013-05-06 10:01 - 00000000 ____D () C:\Users\J\Desktop\Camera
2014-02-18 14:51 - 2014-01-11 15:50 - 00000000 ____D () C:\Users\J\Desktop\jay final 11th jan
2014-02-18 14:51 - 2013-03-20 02:25 - 00000000 ____D () C:\Users\J\AppData\Roaming\SolidWorks
2014-02-18 14:28 - 2013-03-20 11:55 - 00000000 ____D () C:\Windows\pss
2014-02-18 14:27 - 2014-02-18 14:27 - 00002764 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-17 16:08 - 2014-02-17 16:03 - 00028767 _____ () C:\Users\J\Desktop\plugin.php
2014-02-17 15:56 - 2014-02-17 15:56 - 00101068 _____ () C:\Users\J\Desktop\style.css
2014-02-16 20:08 - 2014-02-26 23:15 - 38437738 _____ () C:\Users\J\Desktop\optimizePress_v2.1.7.11.zip
2014-02-15 22:27 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\Documents\My Kindle Content
2014-02-15 22:23 - 2014-02-15 22:23 - 00002010 _____ () C:\Users\J\Desktop\Kindle.lnk
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\AppData\Local\Amazon
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-14 23:18 - 2014-02-14 23:18 - 00000000 ____D () C:\Program Files (x86)\GUME67.tmp
2014-02-14 23:18 - 2013-08-03 12:56 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA
2014-02-14 23:18 - 2013-08-03 12:56 - 00003462 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core
2014-02-14 17:49 - 2014-02-14 17:49 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer
2014-02-14 17:49 - 2013-07-03 18:14 - 00572208 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-14 17:49 - 2013-07-03 18:10 - 00001425 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-14 17:49 - 2009-07-14 05:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-13 22:25 - 2013-03-24 17:00 - 00000035 _____ () C:\Users\J\AppData\Roaming\Opusbext.dat
2014-02-13 17:38 - 2014-02-13 16:59 - 00055236 _____ () C:\Users\J\Documents\Miproto.vsdx
2014-02-13 01:27 - 2014-02-13 01:27 - 00000000 ____D () C:\Program Files (x86)\GUM125F.tmp
2014-02-13 01:27 - 2013-06-26 20:06 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 01:27 - 2013-06-26 20:06 - 00003632 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-12 18:01 - 2014-02-12 18:01 - 00000714 _____ () C:\Users\J\Desktop\KeyShot 4 Resources.lnk
2014-02-12 17:26 - 2014-02-12 17:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-10 19:41 - 2014-02-10 19:41 - 00001636 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2014-02-10 19:41 - 2013-03-20 00:56 - 00030874 _____ () C:\Windows\system32\lvcoinst.log
2014-02-10 19:28 - 2014-02-10 19:28 - 00000498 _____ () C:\Users\J\Desktop\Program Files (Only) (D) - Shortcut (2).lnk
2014-02-09 20:24 - 2014-02-09 20:24 - 00001598 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\Program Files\iTunes
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\Program Files\iPod
2014-02-09 20:24 - 2013-03-20 02:30 - 00000000 ____D () C:\ProgramData\Apple
2014-02-08 02:37 - 2014-02-08 02:37 - 18130837 _____ () C:\Users\J\Desktop\optimizePressTheme.zip
2014-02-07 21:15 - 2013-03-20 02:19 - 00000000 ____D () C:\Users\J\AppData\Roaming\DAEMON Tools Pro
2014-02-06 19:00 - 2013-04-19 17:59 - 00000000 ____D () C:\Users\J\AppData\Roaming\Luxology
2014-02-06 12:16 - 2014-02-18 16:23 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:30 - 2014-02-18 16:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:30 - 2014-02-18 16:23 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:12 - 2014-02-18 16:23 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 11:07 - 2014-02-18 16:23 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:06 - 2014-02-18 16:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-18 16:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:56 - 2014-02-18 16:23 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:52 - 2014-02-18 16:23 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:49 - 2014-02-18 16:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:48 - 2014-02-18 16:23 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:48 - 2014-02-18 16:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:38 - 2014-02-18 16:23 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 10:32 - 2014-02-18 16:23 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:20 - 2014-02-18 16:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 10:17 - 2014-02-18 16:23 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:11 - 2014-02-18 16:23 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:01 - 2014-02-18 16:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 10:00 - 2014-02-18 16:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 09:57 - 2014-02-18 16:23 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 09:57 - 2014-02-18 16:23 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 09:52 - 2014-02-18 16:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 09:52 - 2014-02-18 16:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 09:50 - 2014-02-18 16:23 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 09:49 - 2014-02-18 16:23 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 09:47 - 2014-02-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 09:46 - 2014-02-18 16:23 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 09:25 - 2014-02-18 16:23 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 09:25 - 2014-02-18 16:23 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 09:24 - 2014-02-18 16:23 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:22 - 2014-02-18 16:23 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:13 - 2014-02-18 16:23 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 09:09 - 2014-02-18 16:23 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 09:03 - 2014-02-18 16:23 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 08:55 - 2014-02-18 16:23 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 08:41 - 2014-02-18 16:23 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 08:40 - 2014-02-18 16:23 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 08:36 - 2014-02-18 16:23 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 08:34 - 2014-02-18 16:23 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 19:09 - 2013-03-20 00:27 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-04 11:42 - 2014-02-04 11:42 - 00000000 ____D () C:\Windows\AutoKMS
2014-02-04 09:56 - 2013-08-22 13:04 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2014-02-04 09:56 - 2013-08-22 13:03 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2014-02-04 09:55 - 2013-11-06 21:02 - 00001060 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\Users\J\AppData\Roaming\Canon
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\ProgramData\Quick Menu_1
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-02-03 15:11 - 2014-02-03 15:11 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-02-03 15:11 - 2009-07-14 03:20 - 00000000 __RSD () C:\Windows\Media
2014-02-02 14:32 - 2014-02-02 13:52 - 00000000 ____D () C:\Users\J\Desktop\Logo Design
2014-02-01 21:00 - 2014-01-25 15:52 - 00000000 ____D () C:\vol0
2014-02-01 19:58 - 2014-02-01 19:58 - 00000000 ____D () C:\Users\J\AppData\Roaming\Red Giant
2014-02-01 19:11 - 2014-02-01 18:59 - 00000000 ____D () C:\Users\J\Desktop\Barber Vinny
2014-01-31 21:39 - 2014-02-24 23:34 - 09307863 _____ () C:\Users\J\Desktop\Jatinder.zip
2014-01-30 22:18 - 2013-04-29 15:27 - 00000000 ____D () C:\Users\J\AppData\Roaming\HexChat
2014-01-30 01:30 - 2013-06-23 15:19 - 01632256 _____ () C:\Users\J\Documents\industrial design.msam
2014-01-30 01:21 - 2013-11-04 13:32 - 00000000 ____D () C:\Users\J\.ScreamingFrogSEOSpider

Files to move or delete:
====================
C:\Users\J\AppData\Roaming\eMail Verifier.ini


Some content of TEMP:
====================
C:\Users\J\AppData\Local\Temp\Checkupdate.exe
C:\Users\J\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\J\AppData\Local\Temp\gcapi_dll.dll
C:\Users\J\AppData\Local\Temp\gtapi_signed.dll
C:\Users\J\AppData\Local\Temp\VSUSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2010-11-21 03:24] - [2011-01-16 00:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2010-11-21 03:24] - [2011-01-16 00:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF

C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-02-18 13:38

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-03-2014
Ran by J at 2014-03-01 20:59:09
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acute Email IDs Production Engine (HKLM-x32\...\{CB72E17B-1BCA-441F-A8A0-64C6FDF09425}) (Version: 10.3.5 - SAGAWEBS.COM)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\{AF37176A-78CA-545B-34EF-8B6A21514DD1}) (Version:  - )
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Support Advisor (HKLM-x32\...\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.6.1.20120504 - Adobe Systems Incorporated)
Adobe Support Advisor (x32 Version: 1.6.1 - Adobe Systems Incorporated) Hidden
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
AMD Accelerated Video Transcoding (Version: 12.10.100.30530 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{802A0391-0190-1DC4-1750-8CB461B42088}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80530.0344 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arbortext IsoView 7.3 (HKLM-x32\...\{DE52A69A-978A-480A-82F7-E17C50F98EC6}) (Version: 7.3.10.22 - PTC)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Help - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk 3ds Max Design 2014 (HKLM\...\Autodesk 3ds Max Design 2014) (Version: 16.0.420.0 - Autodesk)
Autodesk 3ds Max Design 2014 (Version: 16.0.420.0 - Autodesk) Hidden
Autodesk 3ds Max Design 2014 64-bit Populate Data (HKLM\...\{2BCAFE22-BE25-4437-815C-54596D630397}) (Version: 1.0.0.1 - Autodesk)
Autodesk Alias Design 2014 64-bit (HKLM\...\Autodesk Alias Design 2014 64-bit) (Version: 20.0.0.77 - Autodesk)
Autodesk Alias Design 2014 64-bit (Version: 20.0.0.77 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD 2014 Help - English (HKLM\...\AutoCAD 2014 Help - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)
Autodesk Civil View for 3ds Max Design 2014 (HKLM-x32\...\{B12531BD-CAB2-49E6-8D37-EEC970B45BA8}) (Version: 2.0.1.0 - Autodesk)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max Design 2014 64-bit (HKLM\...\{280881E4-0E3C-40E6-9B76-E05A865551BB}) (Version: 1.1.0.0 - Autodesk)
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (HKLM\...\{B46DECD1-1864-4EF1-0000-22D71E81877C}) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 English Language Pack (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max Design 2014 64-bit (HKLM\...\{CBC74B06-FE35-482C-89D6-CE95A0289C06}) (Version: 16.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.19.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.11.0 - Autodesk)
Autodesk Product Design Suite 2014 (HKLM\...\Autodesk Product Design Suite 2014) (Version: 3.0.100.017 - Autodesk)
Autodesk Product Design Suite 2014 (Version: 3.0.100.017 - Autodesk) Hidden
Autodesk Product Design Suite 2014 Language Pack (Version: 3.0.100.017 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\Autodesk Revit Interoperability for Inventor 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk SketchBook Designer 2014 (HKLM\...\Autodesk SketchBook Designer 2014) (Version: 4.00.0000 - Autodesk)
Autodesk SketchBook Designer 2014 (Version: 4.00.0000 - Autodesk) Hidden
Autodesk T-Splines Plug-in for Rhino version 3.3 r8031 (HKLM-x32\...\{71DA972B-9CF9-486E-BF7C-490B7CE928A0}) (Version: 3.3.8031 - Autodesk)
Autodesk Vault Basic 2014 (Client) (HKLM\...\Autodesk Vault Basic 2014 (Client)) (Version: 18.0.86.0 - Autodesk)
Autodesk Vault Basic 2014 (Client) (Version: 18.0.86.0 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) English Language Pack (Version: 18.0.86.0 - Autodesk) Hidden
Autodesk Workflows 2014 (HKLM\...\{11672AB2-3D48-4D38-9123-719E5FF93333}) (Version: 4.0.19.0 - Autodesk, Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\Blender) (Version: 2.68a - Blender Foundation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bunkspeed Prerequisites (HKLM\...\{5CFB654E-5E38-45C6-AA47-CAD9E0523859}) (Version: 1.2.0 - Bunkspeed)
Bunkspeed Pro Suite (HKLM\...\{8E8D3E5F-681A-4DB0-940A-9FF441B00E9A}) (Version: 1.0.0.0 - Bunkspeed)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Camtasia Studio 8 (HKLM-x32\...\{58C8CFA6-BE34-4DFE-91F5-D807F402DFC1}) (Version: 8.2.0.1416 - TechSmith Corporation)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.3.0 - Canon Inc.)
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0530.352.5022 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0530.352.5022 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0530.352.5022 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2013.0530.352.5022 - Advanced Micro Devices, Inc.) Hidden
Catalyst Pro Control Center (x32 Version: 2013.0530.352.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0530.0351.5022 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0530.352.5022 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.0.31.1111 - Foxit Corporation)
Company of Heroes 2 (HKLM-x32\...\{FABF5DE1-4D44-4F7E-AF66-1BE5EA1A83D4}_is1) (Version:  - )
Company of Heroes 2 Update v3.0.0.9704 incl DLC (HKLM-x32\...\Q29tcGFueW9mSGVyb2VzMg==_is1) (Version: 1 - )
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corel Painter 12 - IPM (Version: 12.4 - Corel Corporation) Hidden
Corel Painter 12 (HKLM\...\_{08A8CCEA-36DC-4634-AAAA-79463D644C0E}) (Version: 12.2.1.1212 - Corel Corporation)
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creo Direct Version 2.0 Datecode [M070] (HKLM-x32\...\Creo Direct Version 2.0 Datecode [M070]) (Version: 2.0 - PTC)
Creo Distributed Services Manager Version 2.0 Datecode [M070] (HKLM-x32\...\Creo Distributed Services Manager Version 2.0 Datecode [M070]) (Version: 2.0 - PTC)
Creo Elements/Pro Release 5.0 Datecode M180 (HKLM\...\Creo Elements/Pro Release 5.0 Datecode M180) (Version: 5.0 - PTC)
Creo Layout Version 2.0 Datecode [M070] (HKLM-x32\...\Creo Layout Version 2.0 Datecode [M070]) (Version: 2.0 - PTC)
Creo Options Modeler Version 2.0 Datecode [M070] (HKLM-x32\...\Creo Options Modeler Version 2.0 Datecode [M070]) (Version: 2.0 - PTC)
Creo Parametric Version 2.0 Datecode [M070] (HKLM-x32\...\Creo Parametric Version 2.0 Datecode [M070]) (Version: 2.0 - PTC)
Creo Platform 2.27 (HKLM-x32\...\{083315C6-DD31-45B1-B357-B79CDBA38AEC}) (Version: 2.27.0 - PTC)
Creo Simulate Version 2.0 Datecode [M070] (HKLM-x32\...\Creo Simulate Version 2.0 Datecode [M070]) (Version: 2.0 - PTC)
Creo Thumbnail Viewer 2.0 (HKLM\...\{89A24765-5BBA-4435-A7B2-26812404662A}) (Version: 30.13.230 - PTC)
Creo View Express 2.0 (HKLM\...\{03F6002E-A32B-4C68-818F-DEE386463FBC}) (Version: 10.1.40.15 - PTC)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
DaVinci Resolve (HKLM\...\{2852CC67-7BE9-4972-BF96-8D4EC7486F97}) (Version: 10.1.0021 - Blackmagic Design)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
DraftSight x64 (HKLM\...\{E25EC9C8-3F12-4905-B7BC-CBD6209FB373}) (Version: 12.0.1301 - Dassault Systemes)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Easy Watermark Studio version 3.5 (HKLM-x32\...\{5EC71BC9-52DB-417C-807F-19E6381863E8}_is1) (Version: 3.5 - Refero Group SRL)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
Email Extractor (HKLM-x32\...\Email Extractor) (Version: 5.5 - WebPro Software)
Email Extractor (x32 Version: 5.5 - WebPro Solutions) Hidden
eMail Verifier 3.6.3 (HKLM-x32\...\eMail Verifier_is1) (Version:  - Max Programming LLC)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.1.2 (HKLM-x32\...\{12FB6296-8840-11E3-86D7-00163E98E7D0}) (Version: 5.1.2.2387 - Evernote Corp.)
F.lux (HKCU\...\Flux) (Version:  - )
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FBP - Facebook Blaster Pro (HKLM-x32\...\{13F864A8-B7AF-4D36-8F23-08C58C7E685B}) (Version: 9.0.4 - Digital Media Group)
FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.1.1031 - Foxit Corporation)
Geomagic Studio 2012 (64-bit) (HKLM\...\{E76CCD39-E974-451F-A9FB-94AF704DD89D}) (Version: 13 - Geomagic, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CCE68200-4ED0-3E0A-A7F2-504897E356AB}) (Version: 5.1.5.17733 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GRID 2 © Codemasters version 1 (HKLM-x32\...\R1JJRDI=_is1) (Version: 1 - )
GSA Email Spider v5.30 (HKLM-x32\...\GSA Email Spider_is1) (Version: 5.30 - GSA Software)
HDR Light Studio v4.0 (remove only) (HKLM-x32\...\HDR Light Studio v4.0) (Version:  - )
HexChat (x64) (HKLM\...\HexChat (x64)_is1) (Version: 2.9.5 - HexChat)
Hotspot Shield 3.23 (HKLM-x32\...\HotspotShield) (Version: 3.23 - AnchorFree Inc.)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden
Intel® Network Connections 17.2.154.0 (HKLM\...\PROSetDX) (Version: 17.2.154.0 - Intel)
Intel® Network Connections 17.2.154.0 (Version: 17.2.154.0 - Intel) Hidden
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ SE Runtime Environment 6 Update 6 (HKLM\...\{6448F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - ##ID_STRING_COMPANY_NAME##)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jet Downloader (HKLM-x32\...\JetDownloader) (Version: 3.2.5 - SuperCoders Foundation)
KeyShot 4 SolidWorks Plugin 2.6 (HKLM-x32\...\KeyShot 4 SolidWorks Plugin) (Version: 2.6 - Luxion)
KeyShot4 4.3 64 bit (HKLM-x32\...\KeyShot4_64) (Version: 4.3 64 bit - Luxion ApS)
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.) Hidden
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant)
Magic Bullet Suite 64-bit (Version: 11.4.4 - Red Giant) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.00.0000 - SEGA)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (Version:  - ) Hidden
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{5DDC2234-4B37-45BC-AD33-41F1469B4D83}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft VC80 Support DLLs (x32 Version: 1.0.0 - McNeel & Associates) Hidden
Microsoft Visio MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visio Professional 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Mozilla Firefox 25.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
netfabb Basic (HKLM-x32\...\netfabb_51) (Version:  - netfabb GmbH)
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 3.0 - NewBlue)
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: 3.0 - NewBlue)
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue ColorFast for Windows (HKLM-x32\...\NewBlue ColorFast for Windows) (Version: 3.0 - NewBlue)
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Light Blends for Windows (HKLM-x32\...\NewBlue Light Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue)
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Stabilizer for Windows (HKLM-x32\...\NewBlue Stabilizer for Windows) (Version: 1.4 - NewBlue)
NewBlue Titler Pro 2.0 for Windows (HKLM-x32\...\NewBlue Titler Pro 2.0 for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
Ninja Pinner (HKLM-x32\...\Ninja Pinner_is1) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Painter 12 - Content (Version: 12.4 - Corel Corporation) Hidden
Painter 12 - Core (Version: 12.4 - Corel Corporation) Hidden
Painter 12 - Corex64 (Version: 12.4 - Corel Corporation) Hidden
Painter 12 - DE (Version: 12.4 - Corel Corporation) Hidden
Painter 12 - EN (Version: 12.4 - Corel Corporation) Hidden
Painter 12 - FR (Version: 12.4 - Corel Corporation) Hidden
Painter 12 - IT (Version: 12.4 - Corel Corporation) Hidden
Painter 12 - Setup Files (Version: 12.4 - Corel Corporation) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Postbox (3.0.8) (HKLM-x32\...\Postbox (3.0.8)) (Version: 3.0.8 (en-US) - Postbox, Inc.)
PostgreSQL 9.2  (HKLM\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group)
Power Surfacing (HKLM-x32\...\{92A5C3B6-0C7A-47BD-908C-CE9E6BDAB35D}) (Version: 1.40.7852 - nPower Software)
ProductView Express 9.1 (HKLM\...\{E44AC071-0CD3-46B1-8D38-33B2A8CCCFF5}) (Version: 9.1.70.6 - PTC)
PTC Portmapper Version 2.0 Datecode [M070] (HKLM-x32\...\PTC Portmapper Version 2.0 Datecode [M070]) (Version: 2.0 - PTC)
PTC Quality Agent (HKLM-x32\...\{6F350D2C-E11D-4842-9E92-E1FC4BFFEB0C}) (Version: 2.0.0.0 - PTC)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.1.2.0 - ParetoLogic, Inc.)
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
Rhino RDK (HKLM-x32\...\Rhino RDK) (Version:  - )
Rhinoceros 4.0 SR9 (HKLM-x32\...\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}) (Version: 4.0.60309 - Robert McNeel & Associates)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 0.01 - Screaming Frog)
SendBlaster 3 (HKLM-x32\...\{486575DF-CC13-4F89-8636-C2CC5BDA7246}) (Version: 003.001.00000 - eDisplay srl)
Sentinel Protection Installer 7.6.4 (HKLM-x32\...\{7444785E-886F-4989-A69E-6394E36F3982}) (Version: 7.6.4 - SafeNet, Inc.)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 6.5 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.5.158 - Skype Technologies S.A.)
SolidWorks 2013 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20130-40500-1100-100) (Version: 21.5.0.76 - SolidWorks Corporation)
SolidWorks 2013 x64 Edition SP05 (Version: 21.150.76 - SolidWorks) Hidden
SolidWorks 2014 x64 Edition SP01 (HKLM-x32\...\SolidWorks Installation Manager 20140-40100-1100-100) (Version: 22.1.0.44 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP01 (Version: 22.110.44 - SolidWorks) Hidden
SolidWorks Composer 2014 SP01 x64 Edition (Version: 22.10.44 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2013 x64 Edition SP05 (Version: 13.5.111 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks eDrawings 2014 x64 Edition SP01 (Version: 14.1.116 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2013 SP05 x64 Edition (Version: 21.50.76 - SolidWorks Corporation) Hidden
SolidWorks Explorer 2014 SP01 x64 Edition (Version: 22.10.44 - SolidWorks Corporation) Hidden
SolidWorks Flow Simulation 2013 SP05 x64 Edition  (Version: 21.50.77 - SolidWorks Corporation) Hidden
SolidWorks Flow Simulation 2014 SP01 x64 Edition  (Version: 22.10.45 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2013 SP05 x64 Edition (Version: 21.50.76 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP01 x64 Edition (Version: 22.10.44 - SolidWorks Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Supertintin 1.2.0.4 (HKLM-x32\...\Supertintin Skype Video Call Recorder_is1) (Version: =1.2.0.4 - Imtiger Software Inc.)
Teaching-you Job Interview Skills (HKLM-x32\...\{FFC06EE3-F79F-40A4-AFD4-3E2DA4DC4144}) (Version: 1.00.0000 - Focus Multimedia)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: Rome II Additional Depots (HKLM-x32\...\Steam App 243660) (Version:  - )
TweetAdder4 (HKLM-x32\...\{911174C5-85BF-4972-B5E0-4882B32E9396}_is1) (Version: 4.0.130805 - TweetAdder.com)
TweetDeck (HKLM-x32\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)
TweetDeck (HKLM-x32\...\{FA6381E9-96D2-4F6F-866C-4D16E5986FF6}) (Version: 2.7.1 - Twitter, Inc.)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D5412C67-998B-4246-A668-AB522D9F63FE}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F8580E12-045B-471B-AF74-98C977347F4E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPRO_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.VISPRO_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.VISPRO_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{00A8F3D3-B596-4E04-A180-C9EB4EC87762}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.VISPRO_{00A8F3D3-B596-4E04-A180-C9EB4EC87762}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{A3C746D9-41B4-4C7E-BF60-0F8C50AD5A0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPRO_{A3C746D9-41B4-4C7E-BF60-0F8C50AD5A0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{EADF44E2-DD3F-4FAC-B17F-566956C06503}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E8F64CB5-1419-47A8-9FCE-F6E4137F2D25}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{97164652-BF81-41EE-8C0C-C086578E9956}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{E8F64CB5-1419-47A8-9FCE-F6E4137F2D25}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{52105DB7-F9D9-482C-8796-1461BBB69123}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.VISPRO_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{90150000-0054-0409-1000-0000000FF1CE}_Office15.VISPRO_{2E03EF43-FE9B-4297-B054-154661D1E662}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update or Uninstall SENukeX (HKCU\...\a10c648895c21ba6) (Version: 3.0.0.13 - SENukeX)
VirtualDJ PRO Full (HKLM-x32\...\{23F20D12-1D01-4806-8AA8-AC79055109DE}) (Version: 7.4 - Atomix Productions)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{5B0E60DB-7741-412F-88B3-E6975D30D019}) (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{C2AF7B2D-7018-414B-9B8B-D3C9F3BED04F}) (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VodBurner (HKLM-x32\...\{656957B8-41DB-4E43-AAA1-B128C2213D50}) (Version: 1.1.0 - Netralia)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WampServer 2.2 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRar 4.2 x64 Pre Cracked 4.2 (HKLM-x32\...\WinRar 4.2 x64 Pre Cracked 4.2) (Version: 4.2 - Mr Blade Cracks)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
XChat 2 (remove only) (HKLM-x32\...\xchat) (Version:  - )

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 02:34 - 2014-02-25 15:53 - 00002817 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1       www.findsoftware.eu
127.0.0.1       findsoftware.eu
127.0.0.1       www.rostock-schwarz.de
127.0.0.1       rostock-schwarz.de
127.0.0.1       www.gsa-online.de
127.0.0.1       gsa-online.de
127.0.0.1       csc3-2010-crl.verisign.com
127.0.0.1       ocsp.verisign.com
127.0.0.1       crl.verisign.com
127.0.0.1        download.dm.origin.com
127.0.0.1        secure.download.dm.origin.com
127.0.0.1        loginregistration.dm.origin.com
127.0.0.1        achievements.gameservices.ea.com
127.0.0.1        friends.dm.origin.com
127.0.0.1        avatar.dm.origin.com
127.0.0.1        ecommerce.dm.origin.com
127.0.0.1        static.cdn.ea.com
127.0.0.1        tealium.hs.llnwd.net
127.0.0.1        heartbeat.dm.origin.com
127.0.0.1        web.dm.origin.com
127.0.0.1        store.origin.com
127.0.0.1        ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1        eaassets-a.akamaihd.net
127.0.0.1        ssl.resources.ea.com
127.0.0.1        akamai.cdn.ea.com
127.0.0.1        novafusion.ea.com
127.0.0.1        proxy.novafusion.ea.com
127.0.0.1        ec2-23-23-167-200.compute-1.amazonaws.com

There are 50 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {09A6A39A-9E8C-4605-A371-859ACDBAEE76} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA => C:\Users\J\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-26] (Facebook Inc.)
Task: {0E1A5041-B8A1-452F-A1C5-F11388324505} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)
Task: {194117E6-34E5-45B3-AC7A-483D8887A2CE} - System32\Tasks\{2966D4D1-E093-40FA-80BE-07A8BB06DC1F} => C:\Windows\system32\msiexec.exe [2010-11-21] (Microsoft Corporation)
Task: {2DBA5FD5-3644-4160-B234-0C4BCD1B22C4} - System32\Tasks\Microsoft Office 15 Sync Maintenance for J-PC-J J-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation)
Task: {3396E5EC-5247-498C-BCDF-E4FA3C9FE4F8} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {4396FBE1-EB29-48F1-B9E7-CC4FF7E0E2D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core => C:\Users\J\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-26] (Facebook Inc.)
Task: {45EA8729-4DC0-4619-8F97-B9B7B5213F72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)
Task: {4849F710-0BA8-49CC-A7D3-C993FA0D00AA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {63C0E414-A1C9-4C55-946C-6E6F847EB977} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2014-03-01] ()
Task: {71CB3DD9-37C2-4E2A-B18E-92229BFE16CF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core => C:\Users\J\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-03] (Google Inc.)
Task: {7B4BBAB8-EBCE-48B8-9331-71272792C3A4} - \{5877AB18-F8D5-4FC0-B444-3D9A6465F7D6} No Task File
Task: {81C7C813-68CF-4760-BD8C-F5BCB33DC47A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {88924966-7D2F-4102-8325-F4BEAA488CA8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {8A43F6D7-8F30-4BC4-8275-7CE4B5EF24F2} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {932249CB-CF50-4429-BB67-AD926B6FCF85} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()
Task: {94E88C2C-5588-47AC-B3A4-A6FF8D6CA347} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {A1CA30FF-4FDF-426F-94E2-021D0A38C8E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA => C:\Users\J\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-03] (Google Inc.)
Task: {C16A7D62-7112-4A9E-B455-9748142E7E72} - System32\Tasks\AdobeAAMUpdater-1.0-J-PC-J => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {CC7530E1-6663-42C2-AFBF-B1772EFE5ED0} - System32\Tasks\EPUpdater => C:\Users\J\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {D5DB5206-7779-47DC-8951-E4575C6730F9} - \Adobe Flash Player Updater No Task File
Task: {ECA4AF9D-8346-48EB-A7B6-065F99040CA5} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {F8741E3E-C9E9-4CB3-817F-279F7C8BFDAD} - System32\Tasks\{D426F806-DE14-473F-B2D6-4D87E23814BC} => D:\Program Files (x86)\GSA Email Spider\GSA_Email_Spider.exe [2010-07-08] ()
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core.job => C:\Users\J\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA.job => C:\Users\J\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core.job => C:\Users\J\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA.job => C:\Users\J\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll

==================== Loaded Modules (whitelisted) =============

2013-09-05 11:25 - 2013-09-05 11:25 - 01319936 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtNetwork4.dll
2013-09-05 11:25 - 2013-09-05 11:25 - 03405312 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtCore4.dll
2013-12-04 10:25 - 2013-12-04 10:25 - 00566784 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtXml4.dll
2013-12-18 18:17 - 2013-12-18 18:17 - 00555304 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2011-09-15 04:19 - 2011-09-15 04:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2010-01-02 14:42 - 2010-01-02 14:42 - 00098304 _____ () d:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-08-29 06:00 - 2009-08-29 06:00 - 00966656 _____ () C:\Users\J\Local Settings\Apps\F.lux\flux.exe
2014-02-04 11:40 - 2013-05-08 15:49 - 01867860 ___SH () C:\Users\J\AppData\Roaming\29488ac.exe
2013-05-04 20:38 - 2013-12-04 16:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-11-15 07:03 - 2013-11-15 07:03 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2013-09-20 20:06 - 2013-09-20 20:06 - 00133912 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\swaxplan.dll
2014-01-17 12:10 - 2014-01-08 15:42 - 01665024 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\SolidWorksImporter.dll
2014-01-17 12:10 - 2014-01-08 13:39 - 00733696 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\OpenGLInterface.dll
2014-01-17 12:10 - 2012-11-13 13:59 - 00348672 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\glew32.dll
2014-01-17 12:10 - 2014-01-08 14:49 - 00819200 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\PlatformCore.dll
2014-01-17 12:10 - 2011-09-30 11:18 - 03720192 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\SlimDX.dll
2013-11-15 07:02 - 2013-11-15 07:02 - 00257064 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\featurecplu.dll
2013-11-15 07:01 - 2013-11-15 07:01 - 01103912 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\CouplingBase.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 00312832 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\featurecplu\896082ee3c3b3edcaae17652950676f9\featurecplu.ni.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 01719296 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\couplingBase\731c97535687eb079e392329a711e921\couplingBase.ni.dll
2013-11-15 07:03 - 2013-11-15 07:03 - 05763112 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldcoreu.dll
2013-11-15 07:04 - 2013-11-15 07:04 - 00201256 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\wpfsupport.dll
2013-11-15 07:01 - 2013-11-15 07:01 - 00238120 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\annotationcplu.dll
2013-11-15 07:01 - 2013-11-15 07:01 - 00407080 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\asmfeaturecplu.dll
2013-11-15 07:01 - 2013-11-15 07:01 - 00451624 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\contentcplu.dll
2013-11-15 07:02 - 2013-11-15 07:02 - 00107048 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\environmentcplu.dll
2013-11-15 07:02 - 2013-11-15 07:02 - 00170024 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\refgeomcplu.dll
2013-11-15 07:02 - 2013-11-15 07:02 - 00417320 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sheetmetalcplu.dll
2013-11-15 07:02 - 2013-11-15 07:02 - 00747048 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\Sketchcplu.dll
2013-11-15 07:01 - 2013-11-15 07:01 - 00097320 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\clrloadu.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 00134656 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\clrloadu\057847366ea205ea67f4354a811d8f17\clrloadu.ni.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 00366080 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\annotationcplu\40837b5c5c2255ee26be361a1d38ebac\annotationcplu.ni.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 00719360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\asmfeaturecplu\bfc9e9ad875ee25b51488e386f028994\asmfeaturecplu.ni.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 00731136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\contentcplu\c8b2635a9ea2059a8fd762019fcc17b5\contentcplu.ni.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 00238080 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\refgeomcplu\d8b136cbab21adfdf750cbeec89bfc48\refgeomcplu.ni.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 00737792 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\sheetmetalcplu\98e2f118d26434d9ddb05a870dd82455\sheetmetalcplu.ni.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 01085440 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Sketchcplu\cf533da5f5f0a1e90062e6bb49ec9f9f\Sketchcplu.ni.dll
2013-11-15 07:01 - 2013-11-15 07:01 - 00211496 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\assemblycplu.dll
2013-11-15 07:02 - 2013-11-15 07:02 - 00899112 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\doccplu.dll
2013-11-15 07:02 - 2013-11-15 07:02 - 00201256 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\partcplu.dll
2014-01-17 12:10 - 2014-01-08 14:46 - 00493056 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\GeometricApplications.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 11246080 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\sldcoreu\78db4f8334e431c123e3c60f859a715a\sldcoreu.ni.dll
2014-02-18 17:07 - 2014-02-18 17:07 - 00300544 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\wpfsupport\23fbe1f5f7a21177dce44f91c2e71cce\wpfsupport.ni.dll
2014-02-13 20:01 - 2014-02-13 20:01 - 00987648 _____ () C:\Program Files\KeyShot4\bin\luxrender.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00057856 _____ () C:\Program Files\KeyShot4\bin\luxbrdf.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00200704 _____ () C:\Program Files\KeyShot4\bin\luxmat.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00146944 _____ () C:\Program Files\KeyShot4\bin\luxgeolib.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00329216 _____ () C:\Program Files\KeyShot4\bin\luxgeometry.so
2014-02-13 20:01 - 2014-02-13 20:01 - 01827840 _____ () C:\Program Files\KeyShot4\bin\luximage.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00118784 _____ () C:\Program Files\KeyShot4\bin\luxlights.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00050176 _____ () C:\Program Files\KeyShot4\bin\luxoutput.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00137216 _____ () C:\Program Files\KeyShot4\bin\luxutil.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00163840 _____ () C:\Program Files\KeyShot4\bin\luxtexture.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00027648 _____ () C:\Program Files\KeyShot4\bin\luxanimation.so
2014-02-13 20:01 - 2014-02-13 20:01 - 00013824 _____ () C:\Program Files\KeyShot4\bin\luxrtopt.so
2014-02-13 20:03 - 2014-02-13 20:03 - 00347136 _____ () C:\Program Files\KeyShot4\bin\plugins\64\grabcad.dll
2014-02-13 20:03 - 2014-02-13 20:03 - 01478656 _____ () C:\Program Files\KeyShot4\bin\plugins\64\hdr_editor.dll
2014-01-22 18:54 - 2014-01-22 18:54 - 00024576 _____ () C:\Program Files\KeyShot4\bin\plugins\64\hdrls_wrapper.dll
2014-01-22 18:54 - 2014-01-22 18:54 - 00056320 _____ () C:\Program Files\KeyShot4\bin\plugins\64\leapmotion.dll
2013-12-06 12:50 - 2013-12-06 12:50 - 00118272 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\HDRLightStudioLive.DLL
2014-01-22 18:55 - 2014-01-22 18:55 - 00033280 _____ () C:\Program Files\KeyShot4\bin\keyshot_daemon.exe
2013-12-06 12:49 - 2014-01-05 12:47 - 02393600 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\HDRLightStudio.exe
2012-02-24 11:04 - 2012-02-24 11:04 - 10508800 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\QtGui4.dll
2012-02-24 10:59 - 2012-02-24 10:59 - 02869760 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\QtCore4.dll
2012-02-24 10:59 - 2012-02-24 10:59 - 01100288 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\QtNetwork4.dll
2012-02-24 11:18 - 2012-02-24 11:18 - 00032768 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\imageformats\qgif4.dll
2012-02-24 11:19 - 2012-02-24 11:19 - 00034304 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\imageformats\qico4.dll
2012-02-24 11:18 - 2012-02-24 11:18 - 00237568 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\imageformats\qjpeg4.dll
2012-02-24 11:18 - 2012-02-24 11:18 - 00278528 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\imageformats\qmng4.dll
2012-02-24 11:18 - 2012-02-24 11:18 - 00321536 _____ () C:\Program Files\Lightmap\HDR Light Studio v4.0\imageformats\qtiff4.dll
2012-06-18 15:24 - 2012-06-18 15:24 - 00222720 _____ () d:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-18 18:11 - 2013-12-18 18:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2013-12-18 18:15 - 2013-12-18 18:15 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-02-11 19:29 - 2014-02-11 19:29 - 00093696 _____ () d:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-10-18 23:55 - 2013-10-18 23:55 - 25100288 _____ () C:\Users\J\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2013-04-04 13:34 - 2013-04-27 23:37 - 01826816 _____ () D:\Program Files (x86)\Postbox\mozjs.dll
2013-04-04 13:34 - 2013-04-27 23:37 - 00155648 _____ () D:\Program Files (x86)\Postbox\NSLDAP32V60.dll
2013-04-04 13:34 - 2013-04-27 23:37 - 00015360 _____ () D:\Program Files (x86)\Postbox\NSLDAPPR32V60.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-15 13:13 - 2014-02-15 13:13 - 03578992 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-27 21:15 - 2014-02-27 21:15 - 01020928 _____ () C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2014-02-21 10:45 - 2014-02-21 10:45 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
2014-02-22 13:33 - 2014-02-20 01:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-22 13:33 - 2014-02-20 01:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-22 13:33 - 2014-02-20 01:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-22 13:33 - 2014-02-20 01:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-22 13:33 - 2014-02-20 01:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-22 13:33 - 2014-02-20 01:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-01-22 13:34 - 2014-01-22 13:34 - 21115392 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll
2014-01-22 13:29 - 2014-01-22 13:29 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-01-22 13:29 - 2014-01-22 13:29 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-01-22 13:34 - 2014-01-22 13:34 - 00983054 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll
2014-01-22 13:34 - 2014-01-22 13:34 - 00133134 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll
2014-01-22 13:34 - 2014-01-22 13:34 - 00189454 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll
2013-03-13 13:42 - 2013-03-13 13:42 - 00071568 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-04-24 14:04 - 2013-07-31 17:13 - 00072608 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CC\ASLSupport.dll
2013-04-24 14:04 - 2013-04-24 14:04 - 00186272 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CC\ASKLib.dll
2013-04-24 14:04 - 2013-07-31 17:14 - 00197024 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CC\AdamLib.dll
2013-04-24 14:04 - 2013-04-24 14:04 - 00071584 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CC\unihan.dll
2013-09-20 20:41 - 2013-09-20 20:41 - 00059160 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\swvbaserver\zlib.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00113664 _____ () d:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 02342912 _____ () d:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00246784 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 00047616 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 00050688 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 11747840 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 01283584 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00079360 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00117248 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00061440 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00465920 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00719872 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00114688 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00039936 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00036864 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00069120 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 00292864 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 00040448 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 01297920 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 00041472 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 00350720 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00359424 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00209408 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00049152 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00037888 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 01384960 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00144896 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00044032 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 01723904 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00041472 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00048640 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00188928 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2013-12-09 00:19 - 2013-12-09 00:19 - 00040448 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00042496 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 09262080 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 01449472 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00300032 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00731136 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00052224 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00044032 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00384000 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00137728 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00051712 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00043008 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00076800 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00038912 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00037376 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00055808 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00041984 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00043008 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00040448 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00037376 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00036864 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00035840 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00079872 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00036864 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00034816 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 00040960 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-12-09 00:18 - 2013-12-09 00:18 - 01518592 _____ () d:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-02-22 13:33 - 2014-02-20 01:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
2014-01-03 06:59 - 2014-02-10 17:04 - 00430080 _____ () C:\Windows\mod_frst.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:460ZhCYG9nHHFEj3CWHH22C
AlternateDataStreams: C:\ProgramData\Microsoft:dfaiOZk6hNto3GWrLJjB
AlternateDataStreams: C:\ProgramData\Microsoft:GaOGblQMGtUoZN0NqSWsAf5
AlternateDataStreams: C:\ProgramData\Microsoft:K3bTTQAeYmbf5AVRTph3Nx1ymG
AlternateDataStreams: C:\ProgramData\Microsoft:V5AuRaws0IsI1qNiRQECod8G
AlternateDataStreams: C:\ProgramData\Microsoft:vbqgMo8CRAMwptSHvFamXS1a4
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9
AlternateDataStreams: C:\Users\J\Cookies:n9BfUX22fZc0A5GpvAYyfZrll9k
AlternateDataStreams: C:\Users\J\AppData\Local\hNSEWN2T8wv:4g3GhbJnahZ8ranyOaD
AlternateDataStreams: C:\Users\J\AppData\Local\Temp:qYroVWBIxYaQNBHDog
AlternateDataStreams: C:\Users\J\AppData\Local\Temporary Internet Files:tsHapTO7bCnv1F3MI10osod8dqr3Z
AlternateDataStreams: C:\Users\J\AppData\Local\Temporary Internet Files:yNwO4uvs8YWORfFGjCJv8ngxJXN

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CoordinatorServiceHost => 3
MSCONFIG\Services: Intel® PROSet Monitoring Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RemoteSolverDispatcher => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SketchBook Snapshot.lnk => C:\Windows\pss\SketchBook Snapshot.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks 2013 Fast Start.lnk => C:\Windows\pss\SolidWorks 2013 Fast Start.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks 2014 Fast Start.lnk => C:\Windows\pss\SolidWorks 2014 Fast Start.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Background Downloader.lnk => C:\Windows\pss\SolidWorks Background Downloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^J^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^J^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^J^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^J^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^J^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: 2621331fd3e7 => C:\Users\J\AppData\Roaming\DMCache\hh.exe
MSCONFIG\startupreg: 29488ac.exe => C:\Users\J\AppData\Roaming\29488ac.exe
MSCONFIG\startupreg: Ad-Aware Antivirus => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
MSCONFIG\startupreg: AppVodBurner => C:\Program Files (x86)\VodBurner\vodburner.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: diantz.exe => C:\Users\J\AppData\Roaming\Corel\Messages\540235477_007003\EN\MessageCache2\perfmon.exe
MSCONFIG\startupreg: diskperf.exe => C:\Users\J\AppData\Roaming\Microsoft\Document Building Blocks\1033\15\dllhost.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\J\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Facebook updater => C:\winupdate.exe
MSCONFIG\startupreg: Google Update => "C:\Users\J\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GPU TweakIt Server Execute => "C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\GPU TweakIt Server\GPUTweakit.exe"
MSCONFIG\startupreg: IDMan => D:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: M+wW1dri3A2iplZoMTjE => C:\Users\J\AppData\Roaming\Autodesk\ACD\regsvr32.exe
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NuTCSetupEnviron => C:\PROGRA~1\PTC\MKSTOO~1\bin\ncoeenv.exe
MSCONFIG\startupreg: QuickTime Task => "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "D:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WebCake Desktop => "C:\Users\J\AppData\Roaming\WebCake\WebCakeDesktop.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2014 08:55:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 08:47:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 08:39:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 08:31:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 08:23:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 08:15:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 08:07:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 07:59:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 07:51:13 PM) (Source: PerfNet) (User: )
Description:

Error: (03/01/2014 07:43:13 PM) (Source: PerfNet) (User: )
Description:


System errors:
=============
Error: (03/01/2014 05:09:14 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (03/01/2014 04:42:30 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x8002801d

Error: (03/01/2014 04:42:23 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (03/01/2014 04:09:14 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (03/01/2014 03:10:38 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (03/01/2014 03:10:35 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (03/01/2014 03:09:14 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (03/01/2014 02:40:09 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (03/01/2014 02:40:08 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (03/01/2014 02:40:05 PM) (Source: NetBT) (User: )
Description: The name "J-PC           :0" could not be registered on the interface with IP address 192.168.1.110.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================
Error: (03/01/2014 08:55:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 08:47:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 08:39:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 08:31:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 08:23:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 08:15:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 08:07:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 07:59:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 07:51:13 PM) (Source: PerfNet)(User: )
Description:

Error: (03/01/2014 07:43:13 PM) (Source: PerfNet)(User: )
Description:


CodeIntegrity Errors:
===================================
  Date: 2014-03-01 12:09:12.590
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-28 11:40:33.018
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-28 11:28:55.558
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-28 11:18:35.449
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-28 11:08:02.317
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-28 10:48:37.045
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-27 23:42:23.785
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-27 23:29:44.435
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-27 11:54:59.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-27 10:09:02.075
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 32708.42 MB
Available physical RAM: 20434.65 MB
Total Pagefile: 65415.03 MB
Available Pagefile: 49461.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Windows 7 OS) (Fixed) (Total:238.47 GB) (Free:21.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Program Files (Only)) (Fixed) (Total:2794.39 GB) (Free:510.62 GB) NTFS
Drive f: (cd2) (CDROM) (Total:0.41 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 7649D5C1)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 60 GB) (Disk ID: 000AFB66)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 2795 GB) (Disk ID: 68FA5004)

Partition: GPT Partition Type.

==================== End Of Log ============================



#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:24 PM

Posted 01 March 2014 - 04:26 PM

Ok.


Please download Combofix (by sUBs) and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)

#7 jjssj1

jjssj1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 01 March 2014 - 05:27 PM

ComboFix 14-02-24.02 - J 01/03/2014  22:04:52.2.12 - x64
Running from: d:\downloads\ComboFix.exe
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\J\AppData\Roaming\29488ac.exe
c:\users\J\AppData\Roaming\dclogs
c:\users\J\AppData\Roaming\dclogs\2014-02-04-3.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-05-4.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-06-5.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-07-6.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-08-7.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-09-1.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-10-2.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-11-3.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-12-4.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-13-5.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-14-6.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-15-7.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-16-1.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-17-2.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-18-3.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-19-4.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-20-5.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-21-6.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-22-7.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-23-1.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-24-2.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-25-3.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-26-4.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-27-5.dc
c:\users\J\AppData\Roaming\dclogs\2014-02-28-6.dc
c:\users\J\AppData\Roaming\dclogs\2014-03-01-7.dc
c:\users\J\g2mdlhlpx.exe
c:\windows\SysWow64\MailBee.dll
D:\install.exe
.
Infected copy of c:\windows\System32\winver.exe was found and disinfected
Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-winver_31bf3856ad364e35_6.1.7600.16385_none_12466fe3b629e036\winver.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-02-01 to 2014-03-01  )))))))))))))))))))))))))))))))
.
.
2014-03-01 22:18 . 2014-03-01 22:18    --------    d-----w-    c:\users\Public\AppData\Local\temp
2014-03-01 22:18 . 2014-03-01 22:18    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-03-01 22:18 . 2014-03-01 22:18    --------    d-----w-    c:\users\CURRENT_USER\AppData\Local\temp
2014-03-01 20:58 . 2014-03-01 20:59    --------    d-----w-    C:\FRST
2014-03-01 13:10 . 2014-03-01 13:10    --------    d-----w-    c:\programdata\goodasnew
2014-02-28 18:34 . 2014-02-28 18:34    --------    d-----w-    c:\users\J\AppData\Roaming\teknikforce
2014-02-25 15:10 . 2014-02-28 16:27    --------    d-----w-    c:\programdata\regid.1986-12.com.adobe
2014-02-25 12:55 . 2014-03-01 19:45    --------    d-----w-    c:\users\J\AppData\Local\Adobe
2014-02-25 11:34 . 2009-12-30 11:21    31800    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2014-02-23 21:01 . 2013-12-13 19:48    4890624    ----a-w-    c:\windows\SysWow64\LS3Renderer_x64.dll
2014-02-23 21:01 . 2013-12-13 19:48    4165632    ----a-w-    c:\windows\SysWow64\LS3Renderer.dll
2014-02-23 21:01 . 2013-12-13 15:41    4769280    ----a-w-    c:\windows\SysWow64\ColoristaRenderer_x64.dll
2014-02-23 21:01 . 2013-12-13 15:41    4078080    ----a-w-    c:\windows\SysWow64\ColoristaRenderer.dll
2014-02-23 21:01 . 2013-11-19 17:10    4228096    ----a-w-    c:\windows\SysWow64\CosmoRenderer_x64.dll
2014-02-23 21:01 . 2013-11-19 17:10    3658752    ----a-w-    c:\windows\SysWow64\CosmoRenderer.dll
2014-02-23 19:45 . 2014-03-01 22:20    --------    d-----w-    c:\users\J\AppData\Roaming\newnext.me
2014-02-23 19:45 . 2014-02-23 19:45    --------    d-----w-    c:\users\J\AppData\Local\genienext
2014-02-23 19:45 . 2014-02-23 19:46    --------    d-----w-    c:\users\J\AppData\Local\SwvUpdater
2014-02-23 19:15 . 2014-02-17 01:32    10536864    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{964CC465-B321-4763-AE70-36C2D6081A6E}\mpengine.dll
2014-02-22 16:43 . 2014-02-23 01:30    --------    d-----w-    c:\users\J\AppData\Local\SENukeX
2014-02-22 16:43 . 2014-02-22 16:43    --------    d-----w-    c:\users\J\AppData\Local\Deployment
2014-02-19 15:27 . 2014-02-19 15:27    --------    d-----w-    c:\program files\CyberLink
2014-02-19 12:21 . 2014-02-19 12:23    --------    d-----w-    c:\programdata\eSellerate
2014-02-19 12:21 . 2014-02-19 12:21    --------    d-----w-    c:\program files (x86)\Common Files\eSellerate
2014-02-19 12:20 . 2014-02-19 12:20    --------    d-----w-    c:\program files\Common Files\OFX
2014-02-19 12:20 . 2014-02-19 12:20    --------    d-----w-    c:\program files (x86)\Common Files\OFX
2014-02-19 12:20 . 2014-02-19 17:43    --------    d-----w-    c:\program files\NewBlue
2014-02-19 12:20 . 2014-02-19 17:43    --------    d-----w-    c:\program files (x86)\NewBlue
2014-02-18 16:24 . 2013-12-21 09:53    548864    ----a-w-    c:\windows\system32\vbscript.dll
2014-02-18 16:24 . 2013-12-21 08:56    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-02-15 22:23 . 2014-02-15 22:23    --------    d-----w-    c:\users\J\AppData\Local\Amazon
2014-02-15 22:23 . 2014-02-15 22:23    --------    d-----w-    c:\program files (x86)\Amazon
2014-02-14 23:18 . 2014-02-14 23:18    --------    d-----w-    c:\program files (x86)\GUME67.tmp
2014-02-13 01:27 . 2014-02-13 01:27    --------    d-----w-    c:\program files (x86)\GUM125F.tmp
2014-02-12 17:57 . 2014-03-01 17:29    --------    d-----w-    c:\programdata\Reprise
2014-02-12 17:26 . 2014-02-12 17:26    --------    d-----w-    c:\programdata\Package Cache
2014-02-10 19:41 . 2014-02-10 19:41    53248    ----a-r-    c:\users\J\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2014-02-09 20:24 . 2014-02-09 20:24    --------    d-----w-    c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 20:24 . 2014-02-09 20:24    --------    d-----w-    c:\program files\iTunes
2014-02-09 20:24 . 2014-02-09 20:24    --------    d-----w-    c:\program files\iPod
2014-02-04 11:42 . 2014-02-04 11:42    --------    d-----w-    c:\windows\AutoKMS
2014-02-03 15:13 . 2014-02-03 15:13    --------    d-----w-    c:\users\J\AppData\Roaming\Canon
2014-02-03 15:13 . 2014-02-03 15:13    --------    d-----w-    c:\programdata\CanonIJWSpt
2014-02-03 15:13 . 2014-02-03 15:13    --------    d-----w-    c:\program files (x86)\Canon
2014-02-03 15:13 . 2014-02-03 15:13    --------    d-----w-    c:\programdata\Quick Menu_1
2014-02-03 15:11 . 2014-02-03 15:11    --------    d--h--w-    c:\windows\system32\CanonIJ Uninstaller Information
2014-02-03 15:11 . 2010-12-17 14:49    515072    ----a-w-    c:\windows\system32\CNQ2414L.dll
2014-02-03 15:11 . 2010-12-17 14:49    438272    ----a-w-    c:\windows\SysWow64\CNQ2414L.dll
2014-02-03 15:11 . 2010-03-18 17:13    1354240    ----a-w-    c:\windows\system32\CNQ2414C.dll
2014-02-03 15:11 . 2010-03-18 17:13    112128    ----a-w-    c:\windows\system32\CNQ2414I.dll
2014-02-03 15:11 . 2010-03-18 17:11    106496    ----a-w-    c:\windows\SysWow64\CNQ2414U.dll
2014-02-03 15:11 . 2008-08-25 18:02    17920    ----a-w-    c:\windows\system32\CNHMCA6.dll
2014-02-03 15:11 . 2008-08-25 18:02    15872    ----a-w-    c:\windows\SysWow64\CNHMCA.dll
2014-02-01 19:58 . 2014-02-01 19:58    --------    d-----w-    c:\users\J\AppData\Roaming\Red Giant
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 10:45 . 2013-03-20 00:51    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 10:45 . 2013-03-20 00:51    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-04 19:09 . 2013-03-20 00:27    88567024    ----a-w-    c:\windows\system32\MRT.exe
2013-12-18 21:09 . 2013-11-03 14:10    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 06:13 . 2010-11-21 03:27    270496    ------w-    c:\windows\system32\MpSigStub.exe
2013-12-13 14:54 . 2013-12-13 14:54    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-13 14:54 . 2013-12-13 14:54    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-12-13 14:54 . 2013-12-13 14:54    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2013-12-13 14:54 . 2013-12-13 14:54    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-12-13 14:54 . 2013-12-13 14:54    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-12-13 14:54 . 2013-12-13 14:54    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-12-13 14:54 . 2013-12-13 14:54    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2013-12-13 14:54 . 2013-12-13 14:54    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-12-13 14:54 . 2013-12-13 14:54    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-12-13 14:54 . 2013-12-13 14:54    774144    ----a-w-    c:\windows\system32\jscript.dll
2013-12-13 14:54 . 2013-12-13 14:54    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-12-13 14:54 . 2013-12-13 14:54    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-13 14:54 . 2013-12-13 14:54    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-13 14:54 . 2013-12-13 14:54    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2013-12-13 14:54 . 2013-12-13 14:54    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-12-13 14:54 . 2013-12-13 14:54    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2013-12-13 14:54 . 2013-12-13 14:54    61952    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2013-12-13 14:54 . 2013-12-13 14:54    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-12-13 14:54 . 2013-12-13 14:54    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-12-13 14:54 . 2013-12-13 14:54    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-12-13 14:54 . 2013-12-13 14:54    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-12-13 14:54 . 2013-12-13 14:54    48128    ----a-w-    c:\windows\system32\imgutil.dll
2013-12-13 14:54 . 2013-12-13 14:54    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-12-13 14:54 . 2013-12-13 14:54    413696    ----a-w-    c:\windows\system32\html.iec
2013-12-13 14:54 . 2013-12-13 14:54    40448    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-13 14:54 . 2013-12-13 14:54    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-12-13 14:54 . 2013-12-13 14:54    34816    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-13 14:54 . 2013-12-13 14:54    337408    ----a-w-    c:\windows\SysWow64\html.iec
2013-12-13 14:54 . 2013-12-13 14:54    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2013-12-13 14:54 . 2013-12-13 14:54    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2013-12-13 14:54 . 2013-12-13 14:54    263376    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-12-13 14:54 . 2013-12-13 14:54    247808    ----a-w-    c:\windows\system32\msls31.dll
2013-12-13 14:54 . 2013-12-13 14:54    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-12-13 14:54 . 2013-12-13 14:54    243200    ----a-w-    c:\windows\system32\webcheck.dll
2013-12-13 14:54 . 2013-12-13 14:54    235520    ----a-w-    c:\windows\system32\url.dll
2013-12-13 14:54 . 2013-12-13 14:54    235008    ----a-w-    c:\windows\system32\elshyph.dll
2013-12-13 14:54 . 2013-12-13 14:54    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-12-13 14:54 . 2013-12-13 14:54    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-12-13 14:54 . 2013-12-13 14:54    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-12-13 14:54 . 2013-12-13 14:54    147968    ----a-w-    c:\windows\system32\occache.dll
2013-12-13 14:54 . 2013-12-13 14:54    143872    ----a-w-    c:\windows\system32\wextract.exe
2013-12-13 14:54 . 2013-12-13 14:54    139264    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-12-13 14:54 . 2013-12-13 14:54    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-12-13 14:54 . 2013-12-13 14:54    135680    ----a-w-    c:\windows\system32\iepeers.dll
2013-12-13 14:54 . 2013-12-13 14:54    13312    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-12-13 14:54 . 2013-12-13 14:54    13312    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-12-13 14:54 . 2013-12-13 14:54    131072    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-12-13 14:54 . 2013-12-13 14:54    1228800    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-12-13 14:54 . 2013-12-13 14:54    111616    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-12-13 14:54 . 2013-12-13 14:54    105984    ----a-w-    c:\windows\system32\iesysprep.dll
2013-12-13 14:54 . 2013-12-13 14:54    1051136    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-12-13 14:54 . 2013-12-13 14:54    101376    ----a-w-    c:\windows\system32\inseng.dll
2013-12-04 16:35 . 2013-03-21 12:38    1945880    ----a-w-    c:\windows\system32\Wacom_Tablet.dll
2013-12-04 16:35 . 2013-03-21 12:38    1808152    ----a-w-    c:\windows\system32\Wintab32.dll
2013-12-04 16:35 . 2013-03-20 20:36    1938712    ----a-w-    c:\windows\system32\Wacom_Touch_Tablet.dll
2013-12-04 16:35 . 2013-03-20 20:36    1805080    ----a-w-    c:\windows\system32\WacomMT.dll
2013-12-04 16:35 . 2013-03-21 12:38    1604376    ----a-w-    c:\windows\SysWow64\Wacom_Tablet.dll
2013-12-04 16:35 . 2013-03-21 12:38    1483032    ----a-w-    c:\windows\SysWow64\Wintab32.dll
2013-12-04 16:35 . 2013-03-20 20:36    1596696    ----a-w-    c:\windows\SysWow64\Wacom_Touch_Tablet.dll
2013-12-04 16:35 . 2013-03-20 20:36    1479960    ----a-w-    c:\windows\SysWow64\WacomMT.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\erdnt\cache64\winlogon.exe
[7] 2010-11-21 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[-] 2011-01-16 . 81257415084B84F3C0D95C381A8D4C8F . 389632 . . [6.1.7601.17514] .. c:\windows\system32\winlogon.exe
.
[-] 2011-01-16 . 0B864E15A0BADFF0E7BB8B59009FDDCF . 1008640 . . [6.1.7601.17514] .. c:\windows\KJ\Pirate\T\x64T\user32.dll
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\erdnt\cache64\user32.dll
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2010-11-19 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\KJ\Pirate\P\x64P\user32.dll
[-] 2011-01-16 . 0B864E15A0BADFF0E7BB8B59009FDDCF . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 12:35    1727176    ----a-w-    c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 12:35    1727176    ----a-w-    c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 12:35    1727176    ----a-w-    c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\J\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\J\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\J\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\J\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\J\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2013-05-30 389120]
"NextLive"="c:\users\J\AppData\Roaming\newnext.me\nengine.dll" [2014-01-06 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-05-30 642816]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2013-07-23 1282632]
"LWS"="d:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-13 204136]
"AdobeCEPServiceManager"="c:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 1039248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0"
"UpdatesDisableNotify"="0"
.
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max Design 2014 64-bit;c:\program files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe;c:\program files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [x]
R3 ALSysIO;ALSysIO;c:\users\J\AppData\Local\Temp\ALSysIO64.sys;c:\users\J\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
R3 BoostService;Bunkspeed Boost;c:\program files\Bunkspeed\New folder\Drive\Bunkspeed Boost.exe;c:\program files\Bunkspeed\New folder\Drive\Bunkspeed Boost.exe [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 QueueServer;Bunkspeed Queue Server;c:\program files\Bunkspeed\New folder\Drive\Bunkspeed.Queue.Server.exe;c:\program files\Bunkspeed\New folder\Drive\Bunkspeed.Queue.Server.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;d:\downloads\RealTemp_3.00-[Guru3D.com]\WinRing0x64.sys;d:\downloads\RealTemp_3.00-[Guru3D.com]\WinRing0x64.sys [x]
R4 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 NuTCRACKERService;NuTCRACKER Service;c:\windows\system32\nutsrv4.exe;c:\windows\SYSNATIVE\nutsrv4.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 PortmapperService;PortmapperService;c:\program files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe;c:\program files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [x]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [x]
S2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2014;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2014;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2014 [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [x]
S2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Pro Webcam C920(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS;c:\windows\SYSNATIVE\DRIVERS\SNTUSB64.SYS [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs    REG_MULTI_SZ       w3svc was
apphost    REG_MULTI_SZ       apphostsvc
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-22 13:32    1150280    ----a-w-    c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core.job
- c:\users\J\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-26 15:09]
.
2014-03-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA.job
- c:\users\J\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-26 15:09]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26 20:06]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26 20:06]
.
2014-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core.job
- c:\users\J\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-03 12:56]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA.job
- c:\users\J\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-03 12:56]
.
2014-03-01 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\J\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\J\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\J\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\J\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-03-21 6827664]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Clip image - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Download all links with IDM - d:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - d:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - d:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - d:\program files\Microsoft Office\Office15\EXCEL.EXE/3000
IE: New note - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Open Client to monitor &1 - c:\windows\web\AOpenClient.htm
IE: Open Client to monitor &2 - c:\windows\web\AOpenClient.htm
IE: Open Client to monitor &3 - c:\windows\web\AOpenClient.htm
IE: Se&nd to OneNote - d:\program files\Microsoft Office\Office15\ONBttnIE.dll/105
LSP: %SystemRoot%\system32\nutafun4.dll
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/calendar
FF - prefs.js: network.proxy.type - 0
FF - user.js:  -
FF - user.js: security.enable_tls - false
FF - user.js: secnetwork.http.accept-encodingurity.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-29488ac.exe - c:\users\J\AppData\Roaming\29488ac.exe
SafeBoot-SBAMSvc
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
.
.
"ImagePath"="\??\d:\downloads\RealTemp_3.00-
[Guru3D.com]\WinRing0x64.sys"
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PortmapperService]
"ImagePath"="c:\program files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\d:\downloads\RealTemp_3.00-
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3208368526-2848764839-2880309411-1000_Classes\Wow6432Node\CLSID\{2ba6c226-bfd0-4883-87ef-5e01326d62e3}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-3208368526-2848764839-2880309411-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):e1,ac,21,ca,20,e1,a6,79,ed,21,47,dc,a6,9b,ae,dc,6c,e2,f9,61,9c,
   44,f2,38,94,75,ad,66,2e,03,c0,3c,da,27,53,de,16,e2,b6,10,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:00,e6,f2,e7,7e,d3,70,00,04,86,1c,3d,5c,1e,5b,e3,4e,8a,d0,43,d7,
   bf,24,8a,ee,9f,44,55,47,c9,b9,42,ad,14,9c,5c,fd,46,5b,95,e0,94,bd,26,df,24,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Datafocus]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:00,e6,f2,e7,7e,d3,70,00,04,86,1c,3d,5c,1e,5b,e3,4e,8a,d0,43,d7,
   bf,24,8a,ee,9f,44,55,47,c9,b9,42,ad,14,9c,5c,fd,46,5b,95,e0,94,bd,26,df,24,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Mortice Kern Systems]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
c:\program files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files\Tablet\Wacom\WacomHost.exe
c:\users\J\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
.
**************************************************************************
.
Completion time: 2014-03-01  22:26:17 - machine was rebooted
ComboFix-quarantined-files.txt  2014-03-01 22:26
ComboFix2.txt  2013-05-28 18:16
.
Pre-Run: 23,061,778,432 bytes free
Post-Run: 24,793,845,760 bytes free
.
- - End Of File - - A9C8438F22B005B16BAA7E2A7F2003C0
A36C5E4F47E84449FF07ED3517B43A31



I can see an instant difference on perfomance. THANKS!!



#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:24 PM

Posted 02 March 2014 - 05:13 AM

Ok, let's continue:


Step 1

Please download AdwCleaner (by Xplode) and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

 

 

 

Step 2

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#9 jjssj1

jjssj1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 02 March 2014 - 07:04 PM

# AdwCleaner v3.020 - Report created 03/03/2014 at 00:00:55
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : J - J-PC
# Running from : D:\Downloads\AdwCleaner(1).exe
# Option : Scan

***** [ Services ] *****

Service Found : hshld
Service Found : hsstrayservice
Service Found : hsswd

***** [ Files / Folders ] *****

File Found : C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\user.js
File Found : C:\Windows\System32\Tasks\EPUpdater
File Found : C:\Windows\System32\Tasks\paretologic registration3
File Found : C:\Windows\Tasks\paretologic registration3.job
Folder Found C:\Program Files (x86)\hotspot shield
Folder Found C:\Program Files (x86)\Toolbar Cleaner
Folder Found C:\ProgramData\hotspot shield
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Found C:\ProgramData\ParetoLogic
Folder Found C:\Users\J\AppData\Local\genienext
Folder Found C:\Users\J\AppData\Local\PackageAware
Folder Found C:\Users\J\AppData\Local\SwvUpdater
Folder Found C:\Users\J\AppData\Local\thinstall
Folder Found C:\Users\J\AppData\Roaming\DriverCure
Folder Found C:\Users\J\AppData\Roaming\newnext.me
Folder Found C:\Users\J\AppData\Roaming\ParetoLogic
Folder Found C:\Users\J\AppData\Roaming\thinstall
Folder Found C:\Windows\SysWOW64\hotspot shield

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\hotspotshield
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\ParetoLogic
Key Found : [x64] HKCU\Software\anchorfree
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\hotspotshield
Key Found : [x64] HKCU\Software\ParetoLogic
Key Found : HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\Software\hotspotshield
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : HKLM\Software\ParetoLogic
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\prefs.js ]

Line Found : user_pref("extensions.search-test-phase-1@mozilla.com.arminfo", "[\"ask-us-standard\",{\"url\":\"resource://search-test-phase-1-at-mozilla-dot-com/search-test-phase-1/data/us/ask-us.xml\",\"name\":\"A[...]

[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1s09d4tr.default\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5220 octets] - [02/03/2014 11:44:22]
AdwCleaner[R1].txt - [5099 octets] - [03/03/2014 00:00:55]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [5159 octets] ##########

I havent cleaned anything yet: as there are programs on there I use hotshield isnt adware? And combofix has fixed the movement windows task manger but has alos caused apps to debug then shut down.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 03
Ran by J (administrator) on J-PC on 03-03-2014 00:04:01
Running from D:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(MKS Software Inc.) C:\Windows\system32\nutsrv4.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(PTC Inc.) C:\Program Files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(SolidWorks) C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Users\J\Local Settings\Apps\F.lux\flux.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Dropbox, Inc.) C:\Users\J\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech Inc.) D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
() D:\Downloads\Adobe Creative Cloud Collection (2014)\ACCC_FULL\[ALL CRACKS]\ADOBE_CC_KEYGEN_WIN_MACOSX-XFORCE\Crack-Windows\xf-adobecc.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Postbox, Inc.) D:\Program Files (x86)\Postbox\postbox.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(BitTorrent Inc.) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
() D:\Downloads\NewBlue TotalFX 3.0 build 130725 2013 (keygen XForce) [ChingLiu]\Keygen - XForce\Keygen.exe
(Farbar) D:\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2013-03-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
HKLM-x32\...\Run: [LWS] - D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Run: [F.lux] - C:\Users\J\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-05-30] (AMD)
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-3208368526-2848764839-2880309411-1000\...\Policies\Explorer: []
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\J\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCB91590CA534CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} -  No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll (CGM Open Consortium, Inc.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 12 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Winsock: Catalog9-x64 13 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default
FF user.js: detected! => C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\user.js
FF NewTab: user_pref("browser.newtab.url", "");
FF Homepage: hxxp://www.google.com/calendar
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @ptc.com/ProductViewLite - C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\J\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\J\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\J\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\J\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\J\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\J\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect32 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect64 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll (Adobe Systems)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\J\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\J\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\J\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\searchplugins\askcom-search.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\donottrackplus@abine.com [2014-01-05]
FF Extension: LastPass - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\support@lastpass.com [2014-02-27]
FF Extension: FireShot - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-01-28]
FF Extension: SeoQuake - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2013-10-10]
FF Extension: Firebug - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\firebug@software.joehewitt.com.xpi [2013-03-20]
FF Extension: StartAid Online Bookmarks - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\startaid@startaid.com.xpi [2013-06-02]
FF Extension: Test Pilot - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-06-12]
FF Extension: Adblock Plus - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\bti1tdln.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-20]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\J\AppData\Roaming\IDM\idmmzcc3
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\J\AppData\Roaming\IDM\idmmzcc3
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (Google Docs) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-27]
CHR Extension: (Google Drive) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-27]
CHR Extension: (YouTube) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-27]
CHR Extension: (Google Search) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-27]
CHR Extension: (Window Resizer) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2014-03-01]
CHR Extension: (Google Wallet) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-27]
CHR Extension: (Gmail) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx [2013-10-27]

==================== Services (Whitelisted) =================

S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2013-04-27] ()
S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
S3 BoostService; C:\Program Files\Bunkspeed\New folder\Drive\Bunkspeed Boost.exe [444928 2013-12-01] (Bunkspeed)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2013-12-28] (Dassault Systèmes)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [920872 2013-12-18] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-12-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-12-18] ()
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] ()
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [680960 2013-09-01] (PTC Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 QueueServer; C:\Program Files\Bunkspeed\New folder\Drive\Bunkspeed.Queue.Server.exe [17920 2013-12-01] (Bunkspeed)
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [235656 2013-11-14] (Mentor Graphics Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-05-27] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1250848 2011-05-27] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-05-27] (SafeNet, Inc.)
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [9693696 2012-04-19] ()
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2013-04-27] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-20] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-02] (GFI Software)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-11-13] (AnchorFree Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
R3 vusbbus; C:\Windows\System32\DRIVERS\vusbbus.sys [303104 2012-05-16] ()
S3 ALSysIO; \??\C:\Users\J\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\D:\Downloads\RealTemp_3.00-[Guru3D.com]\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-02 23:17 - 2014-03-02 23:17 - 38103832 _____ (Amazon.com) C:\Users\J\Downloads\KindleForPC-installer.exe
2014-03-02 19:53 - 2014-03-02 19:53 - 00280630 _____ () C:\Users\J\Desktop\Poke the Box - Seth Godin.rar
2014-03-02 19:53 - 2013-05-23 09:07 - 00000000 ____D () C:\Users\J\Desktop\Poke the Box - Seth Godin
2014-03-02 11:44 - 2014-03-03 00:01 - 00000000 ____D () C:\AdwCleaner
2014-03-01 22:26 - 2014-03-01 22:26 - 00043201 _____ () C:\ComboFix.txt
2014-03-01 22:04 - 2014-03-01 22:26 - 00000000 ____D () C:\ComboFix
2014-03-01 21:25 - 2014-03-01 21:25 - 00000000 ____D () C:\Users\J\Desktop\Crowd Fund Code
2014-03-01 20:58 - 2014-03-03 00:04 - 00000000 ____D () C:\FRST
2014-03-01 20:40 - 2014-03-01 20:36 - 00409600 _____ (Farbar) C:\Users\J\Desktop\FSS.exe
2014-03-01 15:10 - 2014-03-01 15:10 - 00000000 ____D () C:\Users\J\Desktop\HardySidhuNew
2014-03-01 13:10 - 2014-03-01 13:10 - 00000000 ____D () C:\ProgramData\goodasnew
2014-03-01 13:10 - 2014-03-01 13:10 - 00000000 _____ () C:\Users\J\updater_output.txt
2014-02-28 18:34 - 2014-02-28 18:34 - 00000000 ____D () C:\Users\J\AppData\Roaming\teknikforce
2014-02-28 15:48 - 2014-02-28 15:48 - 00000000 ____D () C:\Users\J\Desktop\[Rp] Manni Sandhu & Manjit Pappu - Friday - 320 VBR [By Dhillon] [iTunes Rip]
2014-02-27 23:43 - 2014-03-01 14:19 - 00000000 ____D () C:\Users\J\Desktop\Jatinder
2014-02-26 23:18 - 2014-02-26 23:18 - 00000000 ____D () C:\Users\J\Desktop\optimizePressTheme
2014-02-26 23:15 - 2014-02-16 20:08 - 38437738 _____ () C:\Users\J\Desktop\optimizePress_v2.1.7.11.zip
2014-02-25 15:21 - 2014-03-02 23:38 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-25 15:11 - 2014-02-25 15:11 - 00003486 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-J-PC-J
2014-02-25 15:10 - 2014-03-02 23:39 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-25 15:08 - 2014-03-02 23:31 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-25 12:55 - 2014-03-02 23:53 - 00000000 ____D () C:\Users\J\AppData\Local\Adobe
2014-02-25 12:55 - 2014-03-02 23:40 - 00000000 ____D () C:\Users\J\AppData\Roaming\Adobe
2014-02-25 12:55 - 2014-03-02 23:29 - 00000560 _____ () C:\Windows\setupact.log
2014-02-25 12:55 - 2014-03-01 22:20 - 00001284 _____ () C:\Windows\PFRO.log
2014-02-25 12:55 - 2014-02-25 12:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 12:23 - 2014-02-25 12:23 - 02152168 _____ () C:\Users\J\Downloads\CodecPerformerSetup.exe
2014-02-25 12:20 - 2014-02-25 12:20 - 00000000 ____D () C:\Users\J\Desktop\New folder (3)
2014-02-25 12:18 - 2014-02-25 12:18 - 10186323 _____ () C:\Users\J\Downloads\Revo.Uninstaller.Pro.3.0.7.rar
2014-02-25 11:34 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-02-24 23:34 - 2014-01-31 21:39 - 09307863 _____ () C:\Users\J\Desktop\Jatinder.zip
2014-02-24 22:47 - 2014-02-24 22:47 - 00000000 ____D () C:\Users\J\Desktop\PremierePro_CC_7_2_upd
2014-02-24 22:32 - 2014-02-24 22:21 - 311668797 _____ () C:\Users\J\Desktop\PremierePro_CC_7_2_upd.zip
2014-02-24 22:31 - 2013-10-13 22:54 - 34442960 _____ (PainteR ) C:\Users\J\Desktop\umt-7.0-setup.exe
2014-02-24 21:44 - 2014-02-24 21:45 - 00000000 ____D () C:\Users\J\Desktop\Adobe Premiere Pro CS6
2014-02-23 23:16 - 2014-02-22 18:19 - 13424092 _____ () C:\Users\J\Desktop\Jatinder(1).zip
2014-02-23 21:01 - 2013-12-13 19:48 - 04890624 _____ () C:\Windows\SysWOW64\LS3Renderer_x64.dll
2014-02-23 21:01 - 2013-12-13 19:48 - 04165632 _____ () C:\Windows\SysWOW64\LS3Renderer.dll
2014-02-23 21:01 - 2013-12-13 15:41 - 04769280 _____ () C:\Windows\SysWOW64\ColoristaRenderer_x64.dll
2014-02-23 21:01 - 2013-12-13 15:41 - 04078080 _____ () C:\Windows\SysWOW64\ColoristaRenderer.dll
2014-02-23 21:01 - 2013-11-19 17:10 - 04228096 _____ () C:\Windows\SysWOW64\CosmoRenderer_x64.dll
2014-02-23 21:01 - 2013-11-19 17:10 - 03658752 _____ () C:\Windows\SysWOW64\CosmoRenderer.dll
2014-02-23 19:45 - 2014-03-01 22:20 - 00000000 ____D () C:\Users\J\AppData\Roaming\newnext.me
2014-02-23 19:45 - 2014-02-23 19:46 - 00000000 ____D () C:\Users\J\AppData\Local\SwvUpdater
2014-02-23 19:45 - 2014-02-23 19:45 - 00000000 ____D () C:\Users\J\AppData\Local\genienext
2014-02-23 19:45 - 2014-02-23 19:45 - 00000000 _____ () C:\Users\J\daemonprocess.txt
2014-02-23 19:33 - 2014-02-25 15:37 - 00000000 ____D () C:\Users\J\Desktop\New folder (2)
2014-02-22 17:28 - 2014-02-22 17:28 - 00000322 _____ () C:\Users\J\Desktop\loader.log
2014-02-22 17:27 - 2014-02-22 17:27 - 01487872 _____ (crackedseotools.com) C:\Users\J\Desktop\IMSLoader.exe
2014-02-22 16:45 - 2014-02-22 16:45 - 00001991 _____ () C:\Users\J\Desktop\SEnukeXCr.lnk
2014-02-22 16:43 - 2014-03-01 22:32 - 00000000 ____D () C:\Users\J\AppData\Local\Apps\2.0
2014-02-22 16:43 - 2014-02-23 01:30 - 00000000 ____D () C:\Users\J\AppData\Local\SENukeX
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SENukeX
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\Deployment
2014-02-22 14:01 - 2014-02-22 16:47 - 00000287 _____ () C:\Users\J\Desktop\top 20 insuitrial design poortfolio emails.txt
2014-02-21 14:18 - 2014-02-21 14:24 - 00000000 ____D () C:\Users\J\Desktop\Web
2014-02-21 14:18 - 2014-02-20 20:28 - 03620919 _____ () C:\Users\J\Desktop\Web.zip
2014-02-20 21:41 - 2014-02-20 21:41 - 00058085 _____ () C:\Users\J\Downloads\estilo.rar
2014-02-20 20:24 - 2014-02-20 20:24 - 00000112 _____ () C:\Users\J\AppData\Roaming\JP2K CS6 Prefs
2014-02-19 17:40 - 2014-02-19 17:40 - 32499558 _____ () C:\Users\J\Desktop\NEWBLUE_STABILIZER_V1.4-XFORCE.rar
2014-02-19 15:27 - 2014-02-19 15:27 - 00000000 ____D () C:\Program Files\CyberLink
2014-02-19 14:31 - 2014-02-19 14:31 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-19 14:30 - 2014-02-19 14:30 - 00921000 _____ (Oracle Corporation) C:\Users\J\Downloads\chromeinstall-7u51.exe
2014-02-19 12:40 - 2014-02-19 17:43 - 00000000 ____D () C:\Users\J\Desktop\Adobe.CC.Keymaker.Win.MacOSX.X-FORCE
2014-02-19 12:21 - 2014-02-19 12:23 - 00000000 ____D () C:\ProgramData\eSellerate
2014-02-19 12:20 - 2014-02-19 17:43 - 00000000 ____D () C:\Program Files\NewBlue
2014-02-19 12:20 - 2014-02-19 17:43 - 00000000 ____D () C:\Program Files (x86)\NewBlue
2014-02-19 12:20 - 2014-02-19 12:20 - 00000000 ____D () C:\Program Files\Common Files\OFX
2014-02-18 22:29 - 2014-02-18 22:29 - 73847347 _____ () C:\Users\J\Desktop\MVI_0335.MOV.mp4
2014-02-18 16:31 - 2014-02-18 16:31 - 00016619 _____ () C:\Users\J\Desktop\hijackthis.log
2014-02-18 16:24 - 2013-12-21 09:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-18 16:24 - 2013-12-21 08:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-18 16:23 - 2014-02-06 12:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-18 16:23 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-18 16:23 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-18 16:23 - 2014-02-06 11:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-18 16:23 - 2014-02-06 11:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-18 16:23 - 2014-02-06 11:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-18 16:23 - 2014-02-06 10:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-18 16:23 - 2014-02-06 10:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-18 16:23 - 2014-02-06 10:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-18 16:23 - 2014-02-06 10:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-18 16:23 - 2014-02-06 10:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-18 16:23 - 2014-02-06 10:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-18 16:23 - 2014-02-06 10:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-18 16:23 - 2014-02-06 10:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-18 16:23 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-18 16:23 - 2014-02-06 10:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-18 16:23 - 2014-02-06 10:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-18 16:23 - 2014-02-06 10:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-18 16:23 - 2014-02-06 10:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-18 16:23 - 2014-02-06 09:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-18 16:23 - 2014-02-06 09:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-18 16:23 - 2014-02-06 09:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-18 16:23 - 2014-02-06 09:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-18 16:23 - 2014-02-06 09:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-18 16:23 - 2014-02-06 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-18 16:23 - 2014-02-06 09:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-18 16:23 - 2014-02-06 09:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-18 16:23 - 2014-02-06 09:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-18 16:23 - 2014-02-06 09:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-18 16:23 - 2014-02-06 09:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-18 16:23 - 2014-02-06 09:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-18 16:23 - 2014-02-06 09:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-18 16:23 - 2014-02-06 09:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-18 16:23 - 2014-02-06 09:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-18 16:23 - 2014-02-06 08:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-18 16:23 - 2014-02-06 08:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-18 16:23 - 2014-02-06 08:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-18 16:23 - 2014-02-06 08:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-18 16:23 - 2014-02-06 08:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-18 16:23 - 2013-12-31 23:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-18 16:23 - 2013-12-31 23:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-18 16:23 - 2013-12-24 23:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-18 16:23 - 2013-12-24 22:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-18 16:23 - 2013-12-06 02:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-18 16:23 - 2013-12-06 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-18 16:23 - 2013-12-06 02:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-18 16:23 - 2013-12-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-18 16:23 - 2013-12-04 02:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-18 16:23 - 2013-12-04 02:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-18 16:23 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-18 16:23 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-18 16:23 - 2013-12-04 02:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-18 16:23 - 2013-12-04 02:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-18 16:23 - 2013-12-04 02:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-18 16:23 - 2013-12-04 02:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-18 16:23 - 2013-12-04 02:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-18 16:23 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-18 16:23 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-18 16:23 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-18 16:23 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-18 16:23 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-18 16:23 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-18 16:23 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-18 16:23 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-18 16:23 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-18 16:23 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-02-18 16:23 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-18 16:23 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-18 16:23 - 2013-11-26 10:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-18 16:23 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-18 16:23 - 2013-11-22 22:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-18 14:27 - 2014-02-18 14:27 - 00002764 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-17 16:03 - 2014-02-17 16:08 - 00028767 _____ () C:\Users\J\Desktop\plugin.php
2014-02-17 15:56 - 2014-02-17 15:56 - 00101068 _____ () C:\Users\J\Desktop\style.css
2014-02-15 22:23 - 2014-03-02 19:53 - 00000000 ____D () C:\Users\J\Documents\My Kindle Content
2014-02-15 22:23 - 2014-02-15 22:23 - 00002010 _____ () C:\Users\J\Desktop\Kindle.lnk
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\AppData\Local\Amazon
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-14 23:18 - 2014-02-14 23:18 - 00000000 ____D () C:\Program Files (x86)\GUME67.tmp
2014-02-14 17:49 - 2014-02-14 17:49 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer
2014-02-13 16:59 - 2014-02-13 17:38 - 00055236 _____ () C:\Users\J\Documents\Miproto.vsdx
2014-02-13 01:27 - 2014-02-13 01:27 - 00000000 ____D () C:\Program Files (x86)\GUM125F.tmp
2014-02-12 18:01 - 2014-02-12 18:01 - 00000714 _____ () C:\Users\J\Desktop\KeyShot 4 Resources.lnk
2014-02-12 17:57 - 2014-03-01 17:29 - 00000000 ____D () C:\ProgramData\Reprise
2014-02-12 17:26 - 2014-02-12 17:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-10 19:41 - 2014-02-10 19:41 - 00001636 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2014-02-10 19:28 - 2014-02-10 19:28 - 00000498 _____ () C:\Users\J\Desktop\Program Files (Only) (D) - Shortcut (2).lnk
2014-02-09 20:24 - 2014-02-09 20:24 - 00001598 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\Program Files\iTunes
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\Program Files\iPod
2014-02-08 02:37 - 2014-02-08 02:37 - 18130837 _____ () C:\Users\J\Desktop\optimizePressTheme.zip
2014-02-04 11:42 - 2014-02-04 11:42 - 00000000 ____D () C:\Windows\AutoKMS
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\Users\J\AppData\Roaming\Canon
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\ProgramData\Quick Menu_1
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-02-03 15:11 - 2014-02-03 15:11 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-02-03 15:11 - 2010-12-17 14:49 - 00515072 _____ (CANON INC.) C:\Windows\system32\CNQ2414L.dll
2014-02-03 15:11 - 2010-12-17 14:49 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ2414L.dll
2014-02-03 15:11 - 2010-03-19 10:04 - 00393256 _____ () C:\Windows\SysWOW64\CNQ2414N.DAT
2014-02-03 15:11 - 2010-03-19 10:04 - 00393256 _____ () C:\Windows\system32\CNQ2414N.DAT
2014-02-03 15:11 - 2010-03-18 17:13 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ2414C.dll
2014-02-03 15:11 - 2010-03-18 17:13 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ2414I.dll
2014-02-03 15:11 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ2414U.dll
2014-02-03 15:11 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-02-03 15:11 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-02-02 13:52 - 2014-02-02 14:32 - 00000000 ____D () C:\Users\J\Desktop\Logo Design
2014-02-01 19:58 - 2014-02-01 19:58 - 00000000 ____D () C:\Users\J\AppData\Roaming\Red Giant
2014-02-01 18:59 - 2014-02-01 19:11 - 00000000 ____D () C:\Users\J\Desktop\Barber Vinny

==================== One Month Modified Files and Folders =======

2014-03-03 00:04 - 2014-03-01 20:58 - 00000000 ____D () C:\FRST
2014-03-03 00:03 - 2013-03-20 01:32 - 00000000 ____D () C:\Users\J\AppData\Roaming\uTorrent
2014-03-03 00:01 - 2014-03-02 11:44 - 00000000 ____D () C:\AdwCleaner
2014-03-02 23:58 - 2013-04-02 22:53 - 00004176 _____ () C:\Windows\System32\Tasks\Red Giant Link
2014-03-02 23:57 - 2013-06-22 13:41 - 00000000 ____D () C:\Users\J\AppData\Roaming\vlc
2014-03-02 23:55 - 2013-03-25 21:10 - 00000000 ____D () C:\Users\J\AppData\Local\CrashDumps
2014-03-02 23:53 - 2014-02-25 12:55 - 00000000 ____D () C:\Users\J\AppData\Local\Adobe
2014-03-02 23:47 - 2013-03-27 22:18 - 00004926 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for J-PC-J J-PC
2014-03-02 23:40 - 2014-02-25 12:55 - 00000000 ____D () C:\Users\J\AppData\Roaming\Adobe
2014-03-02 23:40 - 2013-04-02 21:49 - 00000021 _____ () C:\Windows\SurCode.INI
2014-03-02 23:40 - 2013-03-20 00:40 - 00572208 _____ () C:\Users\J\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-02 23:39 - 2014-02-25 15:10 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-03-02 23:39 - 2013-03-20 01:46 - 00000000 ____D () C:\Program Files\Adobe
2014-03-02 23:39 - 2013-03-20 01:45 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-02 23:38 - 2014-02-25 15:21 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-02 23:34 - 2009-07-14 05:13 - 00863108 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-02 23:32 - 2013-07-20 13:09 - 01239054 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 23:32 - 2013-06-26 20:06 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 23:31 - 2014-02-25 15:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-02 23:29 - 2014-02-25 12:55 - 00000560 _____ () C:\Windows\setupact.log
2014-03-02 23:29 - 2013-06-28 22:50 - 00000000 ____D () C:\Users\J\AppData\Roaming\Dropbox
2014-03-02 23:29 - 2013-06-26 20:06 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 23:29 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 23:29 - 2009-07-14 04:45 - 06603552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-02 23:23 - 2013-08-03 12:56 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA.job
2014-03-02 23:23 - 2013-08-03 12:56 - 00000840 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core.job
2014-03-02 23:17 - 2014-03-02 23:17 - 38103832 _____ (Amazon.com) C:\Users\J\Downloads\KindleForPC-installer.exe
2014-03-02 21:14 - 2013-03-26 15:07 - 00000912 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA.job
2014-03-02 19:53 - 2014-03-02 19:53 - 00280630 _____ () C:\Users\J\Desktop\Poke the Box - Seth Godin.rar
2014-03-02 19:53 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\Documents\My Kindle Content
2014-03-02 18:00 - 2013-03-21 09:42 - 00000460 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2014-03-02 15:14 - 2013-03-26 15:07 - 00000890 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core.job
2014-03-02 13:03 - 2013-04-27 12:14 - 00003894 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{41F38C7A-19E2-4EA6-9F52-2D7DF5767374}
2014-03-02 10:13 - 2009-07-14 04:45 - 00028704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 10:13 - 2009-07-14 04:45 - 00028704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 22:33 - 2013-03-20 00:28 - 00000000 ___RD () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 22:32 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\Apps\2.0
2014-03-01 22:26 - 2014-03-01 22:26 - 00043201 _____ () C:\ComboFix.txt
2014-03-01 22:26 - 2014-03-01 22:04 - 00000000 ____D () C:\ComboFix
2014-03-01 22:26 - 2013-05-28 18:08 - 00000000 ____D () C:\Qoobox
2014-03-01 22:20 - 2014-02-25 12:55 - 00001284 _____ () C:\Windows\PFRO.log
2014-03-01 22:20 - 2014-02-23 19:45 - 00000000 ____D () C:\Users\J\AppData\Roaming\newnext.me
2014-03-01 22:20 - 2013-05-28 18:08 - 00000000 ____D () C:\Windows\erdnt
2014-03-01 22:20 - 2009-07-14 02:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-01 22:12 - 2013-03-20 00:27 - 00000000 ____D () C:\Users\J
2014-03-01 21:25 - 2014-03-01 21:25 - 00000000 ____D () C:\Users\J\Desktop\Crowd Fund Code
2014-03-01 20:36 - 2014-03-01 20:40 - 00409600 _____ (Farbar) C:\Users\J\Desktop\FSS.exe
2014-03-01 17:29 - 2014-02-12 17:57 - 00000000 ____D () C:\ProgramData\Reprise
2014-03-01 15:10 - 2014-03-01 15:10 - 00000000 ____D () C:\Users\J\Desktop\HardySidhuNew
2014-03-01 14:19 - 2014-02-27 23:43 - 00000000 ____D () C:\Users\J\Desktop\Jatinder
2014-03-01 13:10 - 2014-03-01 13:10 - 00000000 ____D () C:\ProgramData\goodasnew
2014-03-01 13:10 - 2014-03-01 13:10 - 00000000 _____ () C:\Users\J\updater_output.txt
2014-02-28 18:34 - 2014-02-28 18:34 - 00000000 ____D () C:\Users\J\AppData\Roaming\teknikforce
2014-02-28 15:48 - 2014-02-28 15:48 - 00000000 ____D () C:\Users\J\Desktop\[Rp] Manni Sandhu & Manjit Pappu - Friday - 320 VBR [By Dhillon] [iTunes Rip]
2014-02-28 12:14 - 2013-03-20 02:51 - 00000000 ____D () C:\Users\J\AppData\Local\TempSWBackupDirectory
2014-02-27 23:24 - 2013-08-28 10:52 - 00000000 ____D () C:\Users\J\AppData\Roaming\Skype
2014-02-27 13:37 - 2013-03-22 16:23 - 00000000 ____D () C:\Users\J\Documents\OneNote Notebooks
2014-02-27 00:29 - 2013-10-29 21:34 - 00000000 ____D () C:\Users\J\AppData\Roaming\FileZilla
2014-02-26 23:18 - 2014-02-26 23:18 - 00000000 ____D () C:\Users\J\Desktop\optimizePressTheme
2014-02-26 22:24 - 2013-03-20 00:37 - 00000000 ____D () C:\Users\J\AppData\Roaming\Mozilla
2014-02-25 15:37 - 2014-02-23 19:33 - 00000000 ____D () C:\Users\J\Desktop\New folder (2)
2014-02-25 15:11 - 2014-02-25 15:11 - 00003486 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-J-PC-J
2014-02-25 12:55 - 2014-02-25 12:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 12:23 - 2014-02-25 12:23 - 02152168 _____ () C:\Users\J\Downloads\CodecPerformerSetup.exe
2014-02-25 12:20 - 2014-02-25 12:20 - 00000000 ____D () C:\Users\J\Desktop\New folder (3)
2014-02-25 12:18 - 2014-02-25 12:18 - 10186323 _____ () C:\Users\J\Downloads\Revo.Uninstaller.Pro.3.0.7.rar
2014-02-24 22:47 - 2014-02-24 22:47 - 00000000 ____D () C:\Users\J\Desktop\PremierePro_CC_7_2_upd
2014-02-24 22:21 - 2014-02-24 22:32 - 311668797 _____ () C:\Users\J\Desktop\PremierePro_CC_7_2_upd.zip
2014-02-24 21:45 - 2014-02-24 21:44 - 00000000 ____D () C:\Users\J\Desktop\Adobe Premiere Pro CS6
2014-02-23 21:01 - 2014-01-03 00:31 - 00000000 ____D () C:\ProgramData\Red Giant
2014-02-23 21:01 - 2013-04-02 22:53 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder
2014-02-23 21:01 - 2013-03-20 02:12 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-23 21:00 - 2013-03-20 02:13 - 00000000 ____D () C:\Users\J\AppData\Local\Downloaded Installations
2014-02-23 19:46 - 2014-02-23 19:45 - 00000000 ____D () C:\Users\J\AppData\Local\SwvUpdater
2014-02-23 19:46 - 2013-03-29 12:14 - 00000000 ____D () C:\Users\J\AppData\Local\cache
2014-02-23 19:45 - 2014-02-23 19:45 - 00000000 ____D () C:\Users\J\AppData\Local\genienext
2014-02-23 19:45 - 2014-02-23 19:45 - 00000000 _____ () C:\Users\J\daemonprocess.txt
2014-02-23 01:30 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\SENukeX
2014-02-22 18:19 - 2014-02-23 23:16 - 13424092 _____ () C:\Users\J\Desktop\Jatinder(1).zip
2014-02-22 17:28 - 2014-02-22 17:28 - 00000322 _____ () C:\Users\J\Desktop\loader.log
2014-02-22 17:27 - 2014-02-22 17:27 - 01487872 _____ (crackedseotools.com) C:\Users\J\Desktop\IMSLoader.exe
2014-02-22 16:47 - 2014-02-22 14:01 - 00000287 _____ () C:\Users\J\Desktop\top 20 insuitrial design poortfolio emails.txt
2014-02-22 16:45 - 2014-02-22 16:45 - 00001991 _____ () C:\Users\J\Desktop\SEnukeXCr.lnk
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SENukeX
2014-02-22 16:43 - 2014-02-22 16:43 - 00000000 ____D () C:\Users\J\AppData\Local\Deployment
2014-02-21 14:24 - 2014-02-21 14:18 - 00000000 ____D () C:\Users\J\Desktop\Web
2014-02-21 10:45 - 2013-03-20 00:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 10:45 - 2013-03-20 00:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 22:17 - 2013-12-16 02:54 - 00000132 _____ () C:\Users\J\AppData\Roaming\Adobe PNG Format CC Prefs
2014-02-20 21:41 - 2014-02-20 21:41 - 00058085 _____ () C:\Users\J\Downloads\estilo.rar
2014-02-20 21:17 - 2013-03-20 12:27 - 00000000 ____D () C:\Users\J\Documents\KeyShot 4
2014-02-20 20:28 - 2014-02-21 14:18 - 03620919 _____ () C:\Users\J\Desktop\Web.zip
2014-02-20 20:24 - 2014-02-20 20:24 - 00000112 _____ () C:\Users\J\AppData\Roaming\JP2K CS6 Prefs
2014-02-20 11:19 - 2014-01-06 15:09 - 00000792 _____ () C:\Users\J\AppData\Local\KeyShot.log
2014-02-19 17:43 - 2014-02-19 12:40 - 00000000 ____D () C:\Users\J\Desktop\Adobe.CC.Keymaker.Win.MacOSX.X-FORCE
2014-02-19 17:43 - 2014-02-19 12:20 - 00000000 ____D () C:\Program Files\NewBlue
2014-02-19 17:43 - 2014-02-19 12:20 - 00000000 ____D () C:\Program Files (x86)\NewBlue
2014-02-19 17:40 - 2014-02-19 17:40 - 32499558 _____ () C:\Users\J\Desktop\NEWBLUE_STABILIZER_V1.4-XFORCE.rar
2014-02-19 15:27 - 2014-02-19 15:27 - 00000000 ____D () C:\Program Files\CyberLink
2014-02-19 14:52 - 2013-11-03 14:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-19 14:31 - 2014-02-19 14:31 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-19 14:31 - 2013-03-20 19:51 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-19 14:30 - 2014-02-19 14:30 - 00921000 _____ (Oracle Corporation) C:\Users\J\Downloads\chromeinstall-7u51.exe
2014-02-19 14:23 - 2013-03-20 12:27 - 00000000 ____D () C:\Program Files\KeyShot4
2014-02-19 12:23 - 2014-02-19 12:21 - 00000000 ____D () C:\ProgramData\eSellerate
2014-02-19 12:20 - 2014-02-19 12:20 - 00000000 ____D () C:\Program Files\Common Files\OFX
2014-02-18 22:29 - 2014-02-18 22:29 - 73847347 _____ () C:\Users\J\Desktop\MVI_0335.MOV.mp4
2014-02-18 18:51 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-02-18 16:31 - 2014-02-18 16:31 - 00016619 _____ () C:\Users\J\Desktop\hijackthis.log
2014-02-18 16:27 - 2013-11-27 01:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 16:26 - 2013-03-20 02:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-18 16:24 - 2013-03-20 00:34 - 00846974 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-18 16:21 - 2013-04-19 18:15 - 00007603 _____ () C:\Users\J\AppData\Local\Resmon.ResmonCfg
2014-02-18 15:12 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\Registration
2014-02-18 15:03 - 2013-05-06 10:01 - 00000000 ____D () C:\Users\J\Desktop\Camera
2014-02-18 14:51 - 2014-01-11 15:50 - 00000000 ____D () C:\Users\J\Desktop\jay final 11th jan
2014-02-18 14:51 - 2013-03-20 02:25 - 00000000 ____D () C:\Users\J\AppData\Roaming\SolidWorks
2014-02-18 14:28 - 2013-03-20 11:55 - 00000000 ____D () C:\Windows\pss
2014-02-18 14:27 - 2014-02-18 14:27 - 00002764 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-17 16:08 - 2014-02-17 16:03 - 00028767 _____ () C:\Users\J\Desktop\plugin.php
2014-02-17 15:56 - 2014-02-17 15:56 - 00101068 _____ () C:\Users\J\Desktop\style.css
2014-02-16 20:08 - 2014-02-26 23:15 - 38437738 _____ () C:\Users\J\Desktop\optimizePress_v2.1.7.11.zip
2014-02-15 22:23 - 2014-02-15 22:23 - 00002010 _____ () C:\Users\J\Desktop\Kindle.lnk
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Users\J\AppData\Local\Amazon
2014-02-15 22:23 - 2014-02-15 22:23 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-14 23:18 - 2014-02-14 23:18 - 00000000 ____D () C:\Program Files (x86)\GUME67.tmp
2014-02-14 23:18 - 2013-08-03 12:56 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000UA
2014-02-14 23:18 - 2013-08-03 12:56 - 00003462 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3208368526-2848764839-2880309411-1000Core
2014-02-14 17:49 - 2014-02-14 17:49 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer
2014-02-14 17:49 - 2013-07-03 18:14 - 00572208 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-14 17:49 - 2013-07-03 18:10 - 00001425 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-14 17:49 - 2009-07-14 05:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-13 22:25 - 2013-03-24 17:00 - 00000035 _____ () C:\Users\J\AppData\Roaming\Opusbext.dat
2014-02-13 17:38 - 2014-02-13 16:59 - 00055236 _____ () C:\Users\J\Documents\Miproto.vsdx
2014-02-13 01:27 - 2014-02-13 01:27 - 00000000 ____D () C:\Program Files (x86)\GUM125F.tmp
2014-02-13 01:27 - 2013-06-26 20:06 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 01:27 - 2013-06-26 20:06 - 00003632 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-12 18:01 - 2014-02-12 18:01 - 00000714 _____ () C:\Users\J\Desktop\KeyShot 4 Resources.lnk
2014-02-12 17:26 - 2014-02-12 17:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-10 19:41 - 2014-02-10 19:41 - 00001636 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2014-02-10 19:41 - 2013-03-20 00:56 - 00030874 _____ () C:\Windows\system32\lvcoinst.log
2014-02-10 19:28 - 2014-02-10 19:28 - 00000498 _____ () C:\Users\J\Desktop\Program Files (Only) (D) - Shortcut (2).lnk
2014-02-09 20:24 - 2014-02-09 20:24 - 00001598 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\Program Files\iTunes
2014-02-09 20:24 - 2014-02-09 20:24 - 00000000 ____D () C:\Program Files\iPod
2014-02-09 20:24 - 2013-03-20 02:30 - 00000000 ____D () C:\ProgramData\Apple
2014-02-08 02:37 - 2014-02-08 02:37 - 18130837 _____ () C:\Users\J\Desktop\optimizePressTheme.zip
2014-02-07 21:15 - 2013-03-20 02:19 - 00000000 ____D () C:\Users\J\AppData\Roaming\DAEMON Tools Pro
2014-02-06 19:00 - 2013-04-19 17:59 - 00000000 ____D () C:\Users\J\AppData\Roaming\Luxology
2014-02-06 12:16 - 2014-02-18 16:23 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:30 - 2014-02-18 16:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:30 - 2014-02-18 16:23 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:12 - 2014-02-18 16:23 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 11:07 - 2014-02-18 16:23 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:06 - 2014-02-18 16:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-18 16:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:56 - 2014-02-18 16:23 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:52 - 2014-02-18 16:23 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:49 - 2014-02-18 16:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:48 - 2014-02-18 16:23 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:48 - 2014-02-18 16:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:38 - 2014-02-18 16:23 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 10:32 - 2014-02-18 16:23 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:20 - 2014-02-18 16:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 10:17 - 2014-02-18 16:23 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:11 - 2014-02-18 16:23 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:01 - 2014-02-18 16:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 10:00 - 2014-02-18 16:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 09:57 - 2014-02-18 16:23 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 09:57 - 2014-02-18 16:23 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 09:52 - 2014-02-18 16:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 09:52 - 2014-02-18 16:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 09:50 - 2014-02-18 16:23 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 09:49 - 2014-02-18 16:23 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 09:47 - 2014-02-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 09:46 - 2014-02-18 16:23 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 09:25 - 2014-02-18 16:23 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 09:25 - 2014-02-18 16:23 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 09:24 - 2014-02-18 16:23 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:22 - 2014-02-18 16:23 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:13 - 2014-02-18 16:23 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 09:09 - 2014-02-18 16:23 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 09:03 - 2014-02-18 16:23 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 08:55 - 2014-02-18 16:23 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 08:41 - 2014-02-18 16:23 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 08:40 - 2014-02-18 16:23 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 08:36 - 2014-02-18 16:23 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 08:34 - 2014-02-18 16:23 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 19:09 - 2013-03-20 00:27 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-04 11:42 - 2014-02-04 11:42 - 00000000 ____D () C:\Windows\AutoKMS
2014-02-04 09:56 - 2013-08-22 13:04 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2014-02-04 09:56 - 2013-08-22 13:03 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2014-02-04 09:55 - 2013-11-06 21:02 - 00001060 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\Users\J\AppData\Roaming\Canon
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\ProgramData\Quick Menu_1
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-02-03 15:13 - 2014-02-03 15:13 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-02-03 15:11 - 2014-02-03 15:11 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-02-03 15:11 - 2009-07-14 03:20 - 00000000 __RSD () C:\Windows\Media
2014-02-02 14:32 - 2014-02-02 13:52 - 00000000 ____D () C:\Users\J\Desktop\Logo Design
2014-02-01 21:00 - 2014-01-25 15:52 - 00000000 ____D () C:\vol0
2014-02-01 19:58 - 2014-02-01 19:58 - 00000000 ____D () C:\Users\J\AppData\Roaming\Red Giant
2014-02-01 19:11 - 2014-02-01 18:59 - 00000000 ____D () C:\Users\J\Desktop\Barber Vinny

Files to move or delete:
====================
C:\Users\J\AppData\Roaming\eMail Verifier.ini


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2010-11-21 03:24] - [2011-01-16 00:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2010-11-21 03:24] - [2011-01-16 00:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF

C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-03-02 00:01

==================== End Of Log ============================
 



#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:24 PM

Posted 03 March 2014 - 05:45 AM

Hi,

I see these two entries as running processes:
D:\Downloads\Adobe Creative Cloud Collection (2014)\ACCC_FULL\[ALL CRACKS]\ADOBE_CC_KEYGEN_WIN_MACOSX-XFORCE\Crack-Windows\xf-adobecc.exe
D:\Downloads\NewBlue TotalFX 3.0 build 130725 2013 (keygen XForce) [ChingLiu]\Keygen - XForce\Keygen.exe
Did you execute them before the FRST scan?

And have you turned on driver testsigning on purpose? (Or don't you even know what it is?)

#11 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:24 PM

Posted 18 March 2014 - 05:36 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users