Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Memory Spikes in Windows 7 with no apparent culprit-may be malware


  • This topic is locked This topic is locked
25 replies to this topic

#1 T3HTR33

T3HTR33

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 16 May 2014 - 01:09 PM

Hello I have Windows 7 SP1 x64 with 6.0GB RAM on a factory built Asus U56E. Frequently my memory usage reaches 80 - 94+% of usage and I do not know why.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16866  BrowserJavaVersion: 10.55.2
Run by JD at 13:59:06 on 2014-05-16
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.6049.4021 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\pcreg\pcreg.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Users\JD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\JD\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe
C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
C:\Windows\SysWOW64\cmd.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?gd=&ctid=CT3320048&octid=EB_ORIGINAL_CTID&ISID=MF0044DC7-677F-4DCD-82B7-A27BCA05B6CF&SearchSource=55&CUI=&UM=5&UP=SP688F84B0-155A-418C-930E-EF5CFB80575A&SSPV=
uSearch Bar = Preserve
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Microsoft.Search.HRSToolBar.InitToolbarBHO: {1d970ed5-3eda-438d-bffd-715931e2775d} - 
BHO: Microsoft Web Test Recorder 12.0 Helper: {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing HRS Toolbar: {c9a6357b-25cc-4bcf-96c1-78736985d414} - 
EB: Web Test Recorder 12.0: {46857999-9b7c-4895-9d22-81a4a2478868} - 
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Spotify Web Helper] "C:\Users\JD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [f.lux] "C:\Users\JD\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [MySQL Notifier] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe
uRun: [pcreg] C:\Program Files\pcreg\service.exe
uRun: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" auto
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
mRun: [pcreg] C:\Program Files\pcreg\service.exe
uPolicies-Explorer: HideSCAHealth = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: HideSCAHealth = dword:1
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: %windir%\system32\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0630BDB5-4400-4F51-9D9A-1FC6A443AEFE} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\0527564747970264C6970264F62702160275946494D27657563747 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\0527564747970264C6970264F62702160275946494D27657563747 : DHCPNameServer = 65.182.32.146 65.182.32.35 192.168.33.1
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\16474777966696 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\16474777966696 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\75169707F62747F5143636563737 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\75169707F62747F5143636563737 : DHCPNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\A457374796E6723702960586F6E656 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\A457374796E6723702960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\D4F6273756 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}\D4F6273756 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{57DDFFD3-D5F2-4B31-84C4-EDFB6A393001} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-EB: Web Test Recorder 12.0: {46857999-9b7c-4895-9d22-81a4a2478868} - 
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [pcreg] C:\Program Files\pcreg\service.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 
x64-Run: [SRSAENotifier] C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\r1r3fpjh.default-1398206828892\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.ftp - 87.119.220.179
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.socks - 87.119.220.179
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 87.119.220.179
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: C:\Users\JD\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2014-2-10 73296]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-9-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-11-14 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-9-24 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2014-1-8 283064]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928]
R2 pcregservice;pcregservice Service;C:\Program Files\pcreg\pcreg.exe [2014-4-25 249024]
R2 SRSHDAudioService;SRS HDAudio Lab Service;C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [2012-6-25 13232]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-12-27 2656280]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-10-9 905272]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2013-12-27 16768]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-8-1 129000]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-8-1 391144]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-5-14 1436424]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 SRS_AE_Service;SRS Audio;C:\Windows\System32\drivers\SRS_AE_amd64.sys [2012-6-21 549704]
R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;C:\Windows\System32\drivers\WN111v2w7x.sys [2014-1-4 783360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2013-7-29 164832]
S3 c2wts;Claims to Windows Token Service;C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2014-2-24 15768]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-9-24 2264280]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-1-16 175480]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]
S3 MySQL56;MySQL56;"C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.6\my.ini" MySQL56 --> C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-1-8 284912]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-8-22 119808]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 VsEtwService120;Visual Studio ETW Event Collection Service;C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-5 87728]
S4 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2014-1-8 3674864]
.
=============== File Associations ===============
.
FileExt: .js: JSFile="C:\Program Files (x86)\Titanium Studio\TitaniumStudio.exe" "%1"
.
=============== Created Last 30 ================
.
2014-05-15 14:59:35 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{00DEE127-27E5-4920-B343-4F1958235A8A}\gapaengine.dll
2014-05-15 14:59:14 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1DD70EFF-E110-4C05-AC0B-416824FB9E04}\mpengine.dll
2014-05-15 03:37:31 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared
2014-05-15 03:37:23 -------- d-----w- C:\Program Files\Common Files\SRS Labs
2014-05-15 03:37:23 -------- d-----w- C:\Program Files (x86)\Common Files\SRS Labs
2014-05-14 20:11:12 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-14 18:09:52 -------- d-----w- C:\Android_ADT
2014-05-14 17:41:10 -------- d-----w- C:\Python
2014-05-14 13:23:49 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-14 13:23:49 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-14 13:12:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-13 17:12:12 -------- d-----w- C:\Users\JD\AppData\Local\DDMSettings
2014-05-10 23:44:06 -------- d-----w- C:\Users\JD\.idlerc
2014-05-08 13:48:42 227704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-05-08 13:48:42 227704 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-03 01:46:12 -------- d-----w- C:\ProgramData\SRS Labs
2014-05-03 00:49:26 -------- d-----w- C:\Users\JD\AppData\Local\gtk-2.0
2014-05-01 21:00:05 -------- d-----w- C:\Program Files\SRS Labs
2014-05-01 20:32:30 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2014-05-01 17:47:46 -------- d-----w- C:\Users\JD\AppData\Local\TechSmith
2014-05-01 10:46:38 600064 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-01 10:46:38 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-01 10:29:14 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-05-01 10:29:13 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-05-01 10:29:13 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-05-01 10:29:13 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-05-01 10:29:13 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-05-01 10:29:13 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-05-01 10:29:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-05-01 10:29:13 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-05-01 10:29:12 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-05-01 05:21:25 -------- d-----w- C:\temp
2014-04-29 20:15:27 -------- d-----w- C:\Program Files\pcreg
2014-04-29 20:02:10 -------- d-----w- C:\Program Files (x86)\Media Player Classic - Home Cinema
2014-04-28 15:43:05 -------- d-----w- C:\Users\JD\AppData\Local\UserTestingPlugin
2014-04-28 12:33:33 -------- d-----w- C:\Users\JD\AppData\Roaming\Balabolka
2014-04-28 12:33:22 -------- d-----w- C:\Program Files (x86)\Balabolka
2014-04-28 12:31:32 -------- d-----w- C:\Users\JD\AppData\Roaming\Hunspell
2014-04-28 12:30:58 -------- d-----w- C:\Users\JD\AppData\Roaming\Cross+A
2014-04-28 12:30:58 -------- d-----w- C:\Program Files (x86)\CrossA
2014-04-26 18:26:02 266968 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Web Server Extensions\15\TEMPLATE\WorkflowActivities\Microsoft.SharePoint.WorkflowServices.Activities.dll
2014-04-25 17:28:12 80806080 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2014-04-25 17:28:12 26134720 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-04-25 17:25:06 39152 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\TEMPLATE\LAYOUTS\ClientBin\Microsoft.SharePoint.Client.WorkflowServices.Silverlight.dll
2014-04-25 17:25:04 39128 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.WorkflowServices.dll
2014-04-25 17:24:02 144104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\TEMPLATE\LAYOUTS\ClientBin\Microsoft.SharePoint.Client.UserProfiles.Silverlight.dll
2014-04-25 17:23:58 266968 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\TEMPLATE\WorkflowActivities\Microsoft.SharePoint.WorkflowServices.Activities.dll
2014-04-25 17:23:42 80806080 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2014-04-25 17:23:42 651960 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE
2014-04-25 17:23:42 36434624 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-04-25 17:23:40 144088 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\TEMPLATE\LAYOUTS\ClientBin\Microsoft.SharePoint.Client.UserProfiles.Phone.dll
2014-04-25 15:25:26 423120 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\TEMPLATE\LAYOUTS\ClientBin\Microsoft.SharePoint.Client.Silverlight.dll
2014-04-25 15:25:26 188128 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\TEMPLATE\LAYOUTS\ClientBin\Microsoft.SharePoint.Client.Silverlight.Runtime.dll
2014-04-25 15:25:24 145104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.UserProfiles.dll
2014-04-25 15:25:22 470712 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.dll
2014-04-25 15:25:22 288968 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.Runtime.dll
2014-04-22 15:11:34 -------- d-----w- C:\Program Files\Common Files\Intel
2014-04-22 15:11:34 -------- d-----w- C:\Program Files (x86)\Cisco
2014-04-21 20:12:24 -------- d-----w- C:\Users\JD\AppData\Local\Amazon
2014-04-20 02:25:59 -------- d-----w- C:\Users\JD\AppData\Local\TortoiseSVN
2014-04-20 02:17:59 -------- d-----w- C:\Users\JD\AppData\Local\TSVNCache
2014-04-20 02:08:47 -------- d-----w- C:\Users\JD\AppData\Roaming\TortoiseSVN
2014-04-20 02:04:15 -------- d-----w- C:\Users\JD\AppData\Roaming\Subversion
2014-04-20 02:03:47 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays
2014-04-20 02:03:45 -------- d-----w- C:\Program Files\TortoiseSVN
2014-04-20 02:03:45 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays
2014-04-19 15:38:03 -------- d-----w- C:\AdwCleaner
2014-04-19 15:35:03 -------- d-----w- C:\ProgramData\Monodoc
2014-04-19 15:34:58 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-04-19 15:34:58 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-04-17 01:22:55 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M  ====================
.
2014-04-26 16:55:51 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-26 16:55:51 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-16 21:12:56 48360 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2014-04-16 21:12:55 738472 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2014-04-16 21:12:55 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2014-04-16 03:02:58 354656 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-03-25 19:22:37 43216 ----a-w- C:\Windows\System32\cmdcsr.dll
2014-03-25 19:22:36 363504 ----a-w- C:\Windows\SysWow64\guard32.dll
2014-03-25 19:22:35 453680 ----a-w- C:\Windows\System32\guard64.dll
2014-03-25 19:22:29 352984 ----a-w- C:\Windows\System32\cmdvrt64.dll
2014-03-25 19:22:28 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll
2014-03-25 19:22:25 284888 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2014-03-25 19:22:23 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2014-03-25 04:35:35 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2014-03-25 04:35:34 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-03-25 04:35:34 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2014-03-13 06:33:30 2238976 ----a-w- C:\Windows\System32\wininet.dll
2014-03-13 06:32:03 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-13 06:31:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-13 06:31:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-03-13 05:10:47 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-13 05:09:43 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-13 05:09:39 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-13 05:09:39 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-03-13 03:59:47 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-03-13 03:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-03-11 13:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-03-04 09:47:01 5550016 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-04 09:44:20 39936 ----a-w- C:\Windows\System32\wincredprovider.dll
2014-03-04 09:44:10 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-03-04 09:44:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-03-04 09:44:06 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-03-04 09:44:03 722944 ----a-w- C:\Windows\System32\objsel.dll
2014-03-04 09:44:03 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-03-04 09:44:00 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-03-04 09:44:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2014-03-04 09:43:56 57344 ----a-w- C:\Windows\System32\cngprovider.dll
2014-03-04 09:43:56 52736 ----a-w- C:\Windows\System32\dpapiprovider.dll
2014-03-04 09:43:56 44544 ----a-w- C:\Windows\System32\dimsroam.dll
2014-03-04 09:43:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-03-04 09:43:55 56832 ----a-w- C:\Windows\System32\adprovider.dll
2014-03-04 09:43:55 53760 ----a-w- C:\Windows\System32\capiprovider.dll
2014-03-04 09:43:50 455168 ----a-w- C:\Windows\System32\winlogon.exe
2014-03-04 09:20:11 3969984 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-03-04 09:20:11 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-03-04 09:16:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-02-18 23:46:26 4216840 ----a-w- C:\Program Files (x86)\Common Files\vcredist_2008_sp1_x86.exe
.
============= FINISH: 14:02:19.42 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:12 AM

Posted 16 May 2014 - 03:26 PM

Hello and Welcome on board T3HTR33 :welcome:,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Let's take a look with FRST.

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 T3HTR33

T3HTR33
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 16 May 2014 - 07:20 PM

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by JD (administrator) on JD-PC on 16-05-2014 20:02:59
Running from Z:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
() C:\Program Files\pcreg\pcreg.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SRS Labs, Inc.) C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
(Spotify Ltd) C:\Users\JD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Flux Software LLC) C:\Users\JD\AppData\Local\FluxSoftware\Flux\flux.exe
(Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe
() C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [pcreg] => C:\Program Files\pcreg\service.exe [89816 2014-04-25] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [SRSAENotifier] => C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe [570272 2012-06-25] (SRS Labs, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcreg\service.exe [89816 2014-04-25] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [Spotify Web Helper] => C:\Users\JD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-30] (Spotify Ltd)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [f.lux] => C:\Users\JD\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe [771584 2013-11-25] (Oracle Corporation)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [pcreg] => C:\Program Files\pcreg\service.exe [89816 2014-04-25] ()
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [SRSHDAudioLab] => C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe [5446056 2012-06-25] ()
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\MountPoints2: {c67c9c8e-7832-11e3-a708-bc773764b959} - F:\SETUP.EXE

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFBED9B3AAC63CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?gd=&ctid=CT3320048&octid=EB_ORIGINAL_CTID&ISID=MF0044DC7-677F-4DCD-82B7-A27BCA05B6CF&SearchSource=55&CUI=&UM=5&UP=SP688F84B0-155A-418C-930E-EF5CFB80575A&SSPV=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: Microsoft.Search.HRSToolBar.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-715931e2775d} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing HRS Toolbar - {c9a6357b-25cc-4bcf-96c1-78736985d414} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\r1r3fpjh.default-1398206828892
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF NetworkProxy: "backup.ftp", "213.24.60.52"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "213.24.60.52"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "213.24.60.52"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "87.119.220.179"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "87.119.220.179"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "87.119.220.179"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\JD\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\r1r3fpjh.default-1398206828892\searchplugins\conduit-search.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014-03-11]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5 [2014-01-24]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5 [2014-01-24]

Chrome:
=======
CHR HomePage:
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Internet Download Manager Plugin) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.19.2_0\IDMGCExt.dll (Tonec Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\JD\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08]
CHR Extension: (Google Drive) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08]
CHR Extension: (Leapforce Extension) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\belncckcaakhmonmcfmegbglccbjlebc [2014-03-03]
CHR Extension: (RaterAide) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlblfbajhmkflfamdiiccdohdkbdaon [2014-05-13]
CHR Extension: (YouTube) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08]
CHR Extension: (Adblock Plus) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-27]
CHR Extension: (Google Search) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-01-24]
CHR Extension: (IDM Integration Module) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-01-24]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2014-03-03]
CHR Extension: (Google Wallet) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08]
CHR Extension: (Gmail) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-01-16]

==================== Services (Whitelisted) =================

R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2014-01-14] (Apple Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14237 2014-02-10] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
R2 SRSHDAudioService; C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [13232 2012-06-25] (SRS Labs, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-08] (Disc Soft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [549704 2012-06-21] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [783360 2010-04-27] (Atheros Communications, Inc.)
R3 WSIMD; C:\Windows\System32\DRIVERS\wsimdx.sys [75776 2009-03-17] (Atheros Communications, Inc.)
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-16 20:02 - 2014-05-16 20:02 - 00000000 ____D () C:\FRST
2014-05-16 14:02 - 2014-05-16 14:06 - 00031780 _____ () C:\Users\JD\Desktop\dds.txt
2014-05-16 14:02 - 2014-05-16 14:06 - 00012772 _____ () C:\Users\JD\Desktop\attach.txt
2014-05-16 13:56 - 2014-05-16 13:56 - 00688992 ____R (Swearware) C:\Users\JD\Desktop\dds.com
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-05-14 14:57 - 2014-05-14 14:59 - 07245560 _____ () C:\Users\JD\Desktop\python-2.7.6-docs-html.zip
2014-05-14 14:09 - 2014-05-14 14:12 - 00000000 ____D () C:\Android_ADT
2014-05-14 13:42 - 2014-05-14 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-05-14 13:41 - 2014-05-14 13:42 - 00000000 ____D () C:\Python
2014-05-14 09:33 - 2014-05-16 19:55 - 00003752 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 09:23 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 09:23 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 09:23 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 09:23 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 09:23 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 09:23 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 09:13 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 09:13 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 09:13 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 09:13 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 09:13 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 09:13 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 09:13 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 09:13 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 09:13 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 09:13 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 09:13 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 09:13 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 09:12 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 09:12 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 09:12 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 21:35 - 2014-05-13 21:35 - 00002151 _____ () C:\Users\JD\AppData\Local\recently-used.xbel
2014-05-13 21:29 - 2014-05-13 21:29 - 00003156 _____ () C:\Windows\System32\Tasks\{91AB91B4-2428-4E8B-95B0-108B527B74E3}
2014-05-13 13:15 - 2014-05-13 13:15 - 00000000 ____D () C:\Windows\Sun
2014-05-13 13:12 - 2014-05-13 13:12 - 00000000 ____D () C:\Users\JD\AppData\Local\DDMSettings
2014-05-11 12:46 - 2014-05-11 12:46 - 00000000 ____D () C:\Users\JD\Documents\Virtual Machines
2014-05-10 19:45 - 2014-05-10 19:47 - 16281600 _____ () C:\Users\JD\Desktop\python-2.7.6.msi
2014-05-10 19:44 - 2014-05-10 19:44 - 00000000 ____D () C:\Users\JD\.idlerc
2014-05-09 12:32 - 2014-05-09 12:32 - 00000000 ____D () C:\Users\JD\Desktop\Archive-3c9f
2014-05-08 09:53 - 2014-05-08 09:57 - 00000074 _____ () C:\Users\JD\Desktop\cc.txt
2014-05-05 12:41 - 2014-05-05 12:41 - 00000032 _____ () C:\Users\JD\Desktop\sirius.txt
2014-05-02 21:46 - 2014-05-02 21:46 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-05-02 20:49 - 2014-05-02 20:49 - 00000000 ____D () C:\Users\JD\AppData\Local\gtk-2.0
2014-05-01 17:00 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\SRS Labs
2014-05-01 13:47 - 2014-05-01 13:47 - 00000000 ____D () C:\Users\JD\AppData\Local\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Roaming\Subversion
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Roaming\Intel
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Local\TSVNCache
2014-05-01 06:46 - 2013-12-21 05:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-01 06:46 - 2013-12-21 03:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-01 06:31 - 2014-03-13 02:32 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-01 06:31 - 2014-03-13 01:10 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-01 06:31 - 2014-03-13 01:10 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-01 06:31 - 2014-03-12 23:59 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-01 06:31 - 2014-03-12 23:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-01 06:29 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-01 06:29 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-01 06:29 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-01 06:29 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-01 06:29 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-01 06:29 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-01 06:29 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-30 15:12 - 2014-04-30 15:12 - 00001773 _____ () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-04-30 09:05 - 2014-04-30 09:13 - 1066401792 _____ () C:\Users\JD\Downloads\kubuntu-14.04-desktop-amd64.iso
2014-04-30 08:47 - 2014-04-30 08:54 - 1010827264 _____ () C:\Users\JD\Downloads\ubuntu-14.04-desktop-amd64.iso
2014-04-29 16:16 - 2014-04-29 16:16 - 00000000 ____D () C:\ProgramData\Real
2014-04-29 16:15 - 2014-04-29 16:15 - 00003678 _____ () C:\Windows\System32\Tasks\pcreg
2014-04-29 16:15 - 2014-04-29 16:15 - 00000000 ____D () C:\Program Files\pcreg
2014-04-29 16:14 - 2014-04-29 16:14 - 00376280 _____ () C:\Users\JD\Downloads\RealPlayer.exe
2014-04-29 16:02 - 2014-04-30 01:03 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Media Player Classic
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\Program Files (x86)\Media Player Classic - Home Cinema
2014-04-29 16:00 - 2014-04-29 16:00 - 00376288 _____ () C:\Users\JD\Downloads\MediaPlayerClassic.exe
2014-04-29 15:34 - 2014-04-29 15:35 - 00000000 ____D () C:\Users\JD\Desktop\Tor Browser
2014-04-29 15:31 - 2014-04-29 15:31 - 22913908 _____ () C:\Users\JD\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-28 16:25 - 2014-04-28 16:25 - 00001376 _____ () C:\Users\JD\Downloads\UnfinishedUploads.usertesting
2014-04-28 11:45 - 2014-04-28 16:25 - 00000000 ____D () C:\Users\JD\Documents\UserTesting
2014-04-28 11:43 - 2014-04-28 16:25 - 00000000 ____D () C:\Users\JD\AppData\Local\UserTestingPlugin
2014-04-28 11:42 - 2014-04-28 11:42 - 24394056 _____ () C:\Users\JD\Downloads\InstallUserTestingPlugin-v1.8.exe
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\Documents\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Program Files (x86)\Balabolka
2014-04-28 08:31 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Hunspell
2014-04-28 08:30 - 2014-05-13 14:12 - 00000000 ____D () C:\Users\JD\Documents\Cross+A
2014-04-28 08:30 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Cross+A
2014-04-28 08:30 - 2014-04-28 08:31 - 00000000 ____D () C:\Program Files (x86)\CrossA
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\Rick Ross - Mastermind (iTunes)
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\iRickRossTheReturnofAlbertAnastasia
2014-04-25 08:22 - 2014-04-25 08:22 - 00120832 _____ () C:\Users\JD\Downloads\Chapter 13.ppt
2014-04-25 08:21 - 2014-04-25 08:21 - 00103424 _____ () C:\Users\JD\Downloads\divest_2001.ppt
2014-04-25 08:20 - 2014-04-25 08:30 - 93042629 _____ () C:\Users\JD\Downloads\iRickRossTheReturnofAlbertAnastasia.rar
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\ProgramData\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-22 11:07 - 2014-04-22 11:08 - 95240144 _____ (Intel® Corporation) C:\Users\JD\Downloads\Wireless_16.11.0_s64.exe
2014-04-22 11:06 - 2014-04-22 11:06 - 26384736 _____ (Intel® Corporation) C:\Users\JD\Downloads\Wireless_16.11.0_Ds64.exe
2014-04-21 20:52 - 2014-04-21 20:52 - 00000000 ____D () C:\Users\JD\Downloads\eclipse-standard-kepler-SR2-win32-x86_64
2014-04-21 20:42 - 2014-04-21 20:52 - 210335332 _____ () C:\Users\JD\Downloads\eclipse-standard-kepler-SR2-win32-x86_64.zip
2014-04-21 16:39 - 2014-04-21 16:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-04-21 16:12 - 2014-04-21 16:12 - 00002209 _____ () C:\Users\JD\Desktop\Kindle.lnk
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\Documents\My Kindle Content
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\AppData\Local\Amazon
2014-04-19 22:25 - 2014-04-19 22:25 - 00000000 ____D () C:\Users\JD\AppData\Local\TortoiseSVN
2014-04-19 22:17 - 2014-05-14 09:30 - 00000000 ____D () C:\Users\JD\AppData\Local\TSVNCache
2014-04-19 22:08 - 2014-04-19 22:22 - 00000000 ____D () C:\Users\JD\AppData\Roaming\TortoiseSVN
2014-04-19 22:04 - 2014-04-19 22:04 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Subversion
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2014-04-19 20:35 - 2014-04-19 20:35 - 00000000 ____D () C:\Users\JD\Documents\Graphics
2014-04-19 11:38 - 2014-04-19 11:39 - 00000000 ____D () C:\AdwCleaner
2014-04-19 11:35 - 2014-04-19 11:35 - 00000000 ____D () C:\ProgramData\Monodoc
2014-04-19 11:34 - 2014-04-19 11:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-04-19 11:34 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-04-19 11:29 - 2014-04-19 11:29 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-19 01:19 - 2014-04-19 01:19 - 00000587 _____ () C:\Users\JD\Downloads\404.html
2014-04-16 21:23 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-16 21:22 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-16 21:22 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-16 21:22 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

==================== One Month Modified Files and Folders =======

2014-05-16 20:03 - 2013-12-27 05:26 - 01170884 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 20:02 - 2014-05-16 20:02 - 00000000 ____D () C:\FRST
2014-05-16 20:00 - 2014-03-11 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-16 20:00 - 2009-07-14 00:45 - 00034720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-16 20:00 - 2009-07-14 00:45 - 00034720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-16 19:56 - 2014-01-14 01:26 - 00000260 _____ () C:\Windows\Tasks\GreatArcadeHits.job
2014-05-16 19:55 - 2014-05-14 09:33 - 00003752 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-05-16 19:54 - 2014-01-14 01:25 - 00000344 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-05-16 19:54 - 2014-01-14 01:23 - 00000378 _____ () C:\Windows\Tasks\SLOW-PCfighter64-JD-Notification.job
2014-05-16 19:54 - 2014-01-14 01:23 - 00000376 _____ () C:\Windows\Tasks\SLOW-PCfighter64-JD-Startup.job
2014-05-16 19:54 - 2014-01-08 21:12 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-16 19:51 - 2014-02-10 21:41 - 00000000 ____D () C:\ProgramData\VMware
2014-05-16 19:51 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 19:50 - 2009-07-14 00:51 - 00019692 _____ () C:\Windows\setupact.log
2014-05-16 14:35 - 2014-01-08 21:13 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 14:21 - 2014-02-25 20:50 - 00000544 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3445841713-141878099-3738870165-1001.job
2014-05-16 14:06 - 2014-05-16 14:02 - 00031780 _____ () C:\Users\JD\Desktop\dds.txt
2014-05-16 14:06 - 2014-05-16 14:02 - 00012772 _____ () C:\Users\JD\Desktop\attach.txt
2014-05-16 13:56 - 2014-05-16 13:56 - 00688992 ____R (Swearware) C:\Users\JD\Desktop\dds.com
2014-05-16 10:33 - 2014-01-09 11:08 - 00000000 ____D () C:\Users\JD\AppData\Roaming\vlc
2014-05-15 23:12 - 2013-12-27 02:58 - 00003902 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D87CBFDE-4887-4F44-917D-04346E4857EF}
2014-05-15 20:14 - 2014-01-23 13:57 - 00000000 ____D () C:\Users\JD\workspace
2014-05-15 09:01 - 2014-01-08 03:10 - 00000000 ____D () C:\Users\JD\AppData\Roaming\DMCache
2014-05-15 03:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-05-14 23:37 - 2014-05-01 17:00 - 00000000 ____D () C:\Program Files\SRS Labs
2014-05-14 14:59 - 2014-05-14 14:57 - 07245560 _____ () C:\Users\JD\Desktop\python-2.7.6-docs-html.zip
2014-05-14 14:12 - 2014-05-14 14:09 - 00000000 ____D () C:\Android_ADT
2014-05-14 13:42 - 2014-05-14 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-05-14 13:42 - 2014-05-14 13:41 - 00000000 ____D () C:\Python
2014-05-14 13:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 09:30 - 2014-04-19 22:17 - 00000000 ____D () C:\Users\JD\AppData\Local\TSVNCache
2014-05-14 09:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 09:25 - 2014-01-08 03:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 09:23 - 2014-01-08 03:34 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 09:21 - 2013-12-27 11:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 21:36 - 2014-03-20 11:45 - 00000000 ____D () C:\Users\JD\.gimp-2.8
2014-05-13 21:35 - 2014-05-13 21:35 - 00002151 _____ () C:\Users\JD\AppData\Local\recently-used.xbel
2014-05-13 21:29 - 2014-05-13 21:29 - 00003156 _____ () C:\Windows\System32\Tasks\{91AB91B4-2428-4E8B-95B0-108B527B74E3}
2014-05-13 18:38 - 2014-04-03 11:06 - 00000000 ____D () C:\Users\JD\Documents\Outlook Files
2014-05-13 16:28 - 2014-01-04 08:44 - 00007608 _____ () C:\Users\JD\AppData\Local\resmon.resmoncfg
2014-05-13 14:30 - 2014-01-08 21:13 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-13 14:30 - 2014-01-08 21:12 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-13 14:30 - 2009-07-14 01:13 - 00803532 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 14:23 - 2013-12-27 02:53 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-13 14:18 - 2014-03-24 03:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-05-13 14:18 - 2014-03-24 03:31 - 00000000 ____D () C:\ProgramData\DivX
2014-05-13 14:18 - 2014-03-24 03:31 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-05-13 14:17 - 2014-01-06 16:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-13 14:14 - 2013-12-27 02:28 - 00000000 ____D () C:\Users\JD
2014-05-13 14:12 - 2014-04-28 08:30 - 00000000 ____D () C:\Users\JD\Documents\Cross+A
2014-05-13 14:12 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.6
2014-05-13 14:12 - 2014-04-03 15:41 - 00000000 ____D () C:\Users\standard
2014-05-13 14:12 - 2014-03-24 03:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming\DivX
2014-05-13 14:12 - 2014-02-18 22:50 - 00000000 ____D () C:\Users\JD\.android
2014-05-13 14:12 - 2014-02-10 23:15 - 00000000 ____D () C:\Users\JD\AppData\Roaming\VMware
2014-05-13 14:12 - 2014-02-09 13:24 - 00000000 ____D () C:\Windows\AutoKMS
2014-05-13 14:12 - 2014-01-08 03:35 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-13 14:12 - 2013-12-28 14:21 - 00000000 ____D () C:\Users\JD\AppData\Roaming\uTorrent
2014-05-13 14:12 - 2011-04-12 04:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\security
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-13 14:11 - 2014-02-24 18:26 - 00000000 ____D () C:\Users\JD\Documents\Visual Studio 2013
2014-05-13 14:11 - 2014-01-08 03:10 - 00000000 ____D () C:\Users\JD\Downloads\Compressed
2014-05-13 14:10 - 2014-01-24 23:01 - 00000000 ____D () C:\Users\JD\AppData\Roaming\IDM
2014-05-13 13:15 - 2014-05-13 13:15 - 00000000 ____D () C:\Windows\Sun
2014-05-13 13:12 - 2014-05-13 13:12 - 00000000 ____D () C:\Users\JD\AppData\Local\DDMSettings
2014-05-11 21:06 - 2014-02-10 23:15 - 00000000 ____D () C:\Users\JD\AppData\Local\VMware
2014-05-11 12:46 - 2014-05-11 12:46 - 00000000 ____D () C:\Users\JD\Documents\Virtual Machines
2014-05-10 19:47 - 2014-05-10 19:45 - 16281600 _____ () C:\Users\JD\Desktop\python-2.7.6.msi
2014-05-10 19:44 - 2014-05-10 19:44 - 00000000 ____D () C:\Users\JD\.idlerc
2014-05-09 12:32 - 2014-05-09 12:32 - 00000000 ____D () C:\Users\JD\Desktop\Archive-3c9f
2014-05-08 09:57 - 2014-05-08 09:53 - 00000074 _____ () C:\Users\JD\Desktop\cc.txt
2014-05-06 01:14 - 2014-05-14 09:23 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-14 09:23 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 23:48 - 2014-05-14 09:23 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:48 - 2014-05-14 09:23 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 23:37 - 2014-05-14 09:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:26 - 2014-05-14 09:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 22:12 - 2014-01-15 00:27 - 00000000 ____D () C:\Users\JD\AppData\Local\Spotify
2014-05-05 12:41 - 2014-05-05 12:41 - 00000032 _____ () C:\Users\JD\Desktop\sirius.txt
2014-05-04 17:12 - 2013-12-27 11:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-02 21:46 - 2014-05-02 21:46 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-05-02 20:49 - 2014-05-02 20:49 - 00000000 ____D () C:\Users\JD\AppData\Local\gtk-2.0
2014-05-01 16:50 - 2013-12-27 02:53 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-01 16:32 - 2013-12-27 02:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-01 13:47 - 2014-05-01 13:47 - 00000000 ____D () C:\Users\JD\AppData\Local\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Roaming\Subversion
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Roaming\Intel
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Local\TSVNCache
2014-05-01 06:54 - 2009-07-14 00:45 - 00451976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-01 06:43 - 2014-03-25 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-30 23:36 - 2014-02-27 12:49 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Skype
2014-04-30 21:43 - 2014-01-14 14:37 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Spotify
2014-04-30 20:31 - 2013-12-28 14:25 - 00000000 ____D () C:\Users\JD\Downloads\torrents
2014-04-30 15:12 - 2014-04-30 15:12 - 00001773 _____ () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-04-30 09:13 - 2014-04-30 09:05 - 1066401792 _____ () C:\Users\JD\Downloads\kubuntu-14.04-desktop-amd64.iso
2014-04-30 09:05 - 2010-11-20 23:47 - 00158822 _____ () C:\Windows\PFRO.log
2014-04-30 08:54 - 2014-04-30 08:47 - 1010827264 _____ () C:\Users\JD\Downloads\ubuntu-14.04-desktop-amd64.iso
2014-04-30 01:03 - 2014-04-29 16:02 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Media Player Classic
2014-04-29 22:10 - 2014-03-03 18:25 - 00000000 ___RD () C:\Users\JD\Dropbox
2014-04-29 16:16 - 2014-04-29 16:16 - 00000000 ____D () C:\ProgramData\Real
2014-04-29 16:15 - 2014-04-29 16:15 - 00003678 _____ () C:\Windows\System32\Tasks\pcreg
2014-04-29 16:15 - 2014-04-29 16:15 - 00000000 ____D () C:\Program Files\pcreg
2014-04-29 16:14 - 2014-04-29 16:14 - 00376280 _____ () C:\Users\JD\Downloads\RealPlayer.exe
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\Program Files (x86)\Media Player Classic - Home Cinema
2014-04-29 16:00 - 2014-04-29 16:00 - 00376288 _____ () C:\Users\JD\Downloads\MediaPlayerClassic.exe
2014-04-29 15:35 - 2014-04-29 15:34 - 00000000 ____D () C:\Users\JD\Desktop\Tor Browser
2014-04-29 15:31 - 2014-04-29 15:31 - 22913908 _____ () C:\Users\JD\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-28 19:40 - 2014-03-03 18:22 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Dropbox
2014-04-28 16:25 - 2014-04-28 16:25 - 00001376 _____ () C:\Users\JD\Downloads\UnfinishedUploads.usertesting
2014-04-28 16:25 - 2014-04-28 11:45 - 00000000 ____D () C:\Users\JD\Documents\UserTesting
2014-04-28 16:25 - 2014-04-28 11:43 - 00000000 ____D () C:\Users\JD\AppData\Local\UserTestingPlugin
2014-04-28 11:42 - 2014-04-28 11:42 - 24394056 _____ () C:\Users\JD\Downloads\InstallUserTestingPlugin-v1.8.exe
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\Documents\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Program Files (x86)\Balabolka
2014-04-28 08:31 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Hunspell
2014-04-28 08:31 - 2014-04-28 08:30 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Cross+A
2014-04-28 08:31 - 2014-04-28 08:30 - 00000000 ____D () C:\Program Files (x86)\CrossA
2014-04-26 13:36 - 2013-12-27 02:36 - 00000000 ____D () C:\Users\JD\AppData\Local\Adobe
2014-04-26 12:55 - 2013-12-27 02:37 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-26 12:55 - 2013-12-27 02:37 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 11:22 - 2014-04-03 11:27 - 00000000 ____D () C:\Users\JD\AppData\Local\Deployment
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\Rick Ross - Mastermind (iTunes)
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\iRickRossTheReturnofAlbertAnastasia
2014-04-25 08:30 - 2014-04-25 08:20 - 93042629 _____ () C:\Users\JD\Downloads\iRickRossTheReturnofAlbertAnastasia.rar
2014-04-25 08:22 - 2014-04-25 08:22 - 00120832 _____ () C:\Users\JD\Downloads\Chapter 13.ppt
2014-04-25 08:21 - 2014-04-25 08:21 - 00103424 _____ () C:\Users\JD\Downloads\divest_2001.ppt
2014-04-23 16:23 - 2014-01-12 21:32 - 00000000 ____D () C:\JUnit
2014-04-23 16:06 - 2014-01-12 21:37 - 00000000 ____D () C:\JUnit_workspace
2014-04-22 11:12 - 2014-01-04 08:55 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\ProgramData\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-22 11:11 - 2014-02-24 17:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-22 11:11 - 2014-01-04 08:40 - 00183452 _____ () C:\Windows\DPINST.LOG
2014-04-22 11:11 - 2013-12-27 02:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-22 11:08 - 2014-04-22 11:07 - 95240144 _____ (Intel® Corporation) C:\Users\JD\Downloads\Wireless_16.11.0_s64.exe
2014-04-22 11:06 - 2014-04-22 11:06 - 26384736 _____ (Intel® Corporation) C:\Users\JD\Downloads\Wireless_16.11.0_Ds64.exe
2014-04-21 20:52 - 2014-04-21 20:52 - 00000000 ____D () C:\Users\JD\Downloads\eclipse-standard-kepler-SR2-win32-x86_64
2014-04-21 20:52 - 2014-04-21 20:42 - 210335332 _____ () C:\Users\JD\Downloads\eclipse-standard-kepler-SR2-win32-x86_64.zip
2014-04-21 16:39 - 2014-04-21 16:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-04-21 16:12 - 2014-04-21 16:12 - 00002209 _____ () C:\Users\JD\Desktop\Kindle.lnk
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\Documents\My Kindle Content
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\AppData\Local\Amazon
2014-04-21 11:19 - 2014-04-03 11:30 - 00000018 _____ () C:\Users\JD\AppData\Roaming\LocationSetting.xml
2014-04-19 22:25 - 2014-04-19 22:25 - 00000000 ____D () C:\Users\JD\AppData\Local\TortoiseSVN
2014-04-19 22:22 - 2014-04-19 22:08 - 00000000 ____D () C:\Users\JD\AppData\Roaming\TortoiseSVN
2014-04-19 22:04 - 2014-04-19 22:04 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Subversion
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2014-04-19 20:35 - 2014-04-19 20:35 - 00000000 ____D () C:\Users\JD\Documents\Graphics
2014-04-19 11:39 - 2014-04-19 11:38 - 00000000 ____D () C:\AdwCleaner
2014-04-19 11:35 - 2014-04-19 11:35 - 00000000 ____D () C:\ProgramData\Monodoc
2014-04-19 11:35 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-04-19 11:35 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-04-19 11:34 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-04-19 11:29 - 2014-04-19 11:29 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-19 11:27 - 2014-02-07 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 01:19 - 2014-04-19 01:19 - 00000587 _____ () C:\Users\JD\Downloads\404.html
2014-04-16 21:23 - 2014-01-04 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-16 21:22 - 2014-01-04 08:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-16 17:12 - 2013-11-14 11:38 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-04-16 17:12 - 2013-09-24 10:54 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-04-16 17:12 - 2013-09-24 10:54 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-04-16 17:12 - 2013-09-24 10:54 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 09:13] - [2014-03-04 05:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 20:52

==================== End Of Log ============================

 

 

 

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by JD at 2014-05-16 20:04:16
Running from Z:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,9,966,0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apache Tomcat 7.0.41 (HKLM\...\nbi-tomcat-7.0.41.0.0) (Version:  - )
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
COMODO Firewall (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 6.3.39949.2976 - COMODO Security Solutions Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC53C6A4-1CC4-48A5-91F3-565BB7978B22}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{5A06C25A-366E-46CC-880E-3F904B634E9E}) (Version:  - Microsoft)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
f.lux (HKCU\...\Flux) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GoToMeeting 6.2.0.1350 (HKCU\...\GoToMeeting) (Version: 6.2.0.1350 - CitrixOnline)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version:  - )
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® PRO/Wireless Driver (Version: 16.11.0000.1384 - Intel Corporation) Hidden
Intel® PROSet/Wireless WiFi Software (Version: 16.10.0.0307 - Intel Corporation) Hidden
Intermedia Single Sign-On (HKCU\...\be747e9c9e2e034e) (Version: 2011.0.0.432 - Intermedia.net, Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
Leapforce Extension Native Host (HKLM-x32\...\{C74F9D54-7212-4A1E-A5ED-AF0402647803}) (Version: 1.1.5 - Leapforce)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visio MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visio Professional 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013  x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
MySQL Connector C++ 1.1.3 (HKLM\...\{5C7A1ED6-DC5F-4017-B363-3E80644B4BD0}) (Version: 1.1.3 - Oracle and/or its affiliates)
MySQL Connector/C 6.1 (HKLM\...\{BDD417A0-EBEC-46E4-8879-426B9C617C53}) (Version: 6.1.3 - Oracle Corporation)
MySQL Connector/ODBC 5.2 (HKLM\...\{6F4E90AC-3B32-4631-A9E5-5CC0186CA97B}) (Version: 5.2.6 - Oracle Corporation)
MySQL Server 5.6 (HKLM\...\{AB691153-97AE-462B-AE70-3CA06D7B2571}) (Version: 5.6.16 - Oracle Corporation)
NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Python 2.6 pycrypto-2.1.0 (HKCU\...\pycrypto-py2.6) (Version:  - )
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
SRS Audio Essentials (HKLM\...\{6C4B2795-B3E9-44FB-BAB2-A8820CF025E4}) (Version: 1.02.0312 - SRS Labs, Inc.)
Titanium Studio (HKLM\...\Titanium Studio) (Version: 3.2.1 - Appcelerator, Inc.)
TortoiseSVN 1.8.6.25419 (64 bit) (HKLM\...\{0DD7C466-163D-4901-AD4B-E78EEFD7FE01}) (Version: 1.8.25419 - TortoiseSVN)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2880980) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{E5ADC5AD-C469-4A96-A3F7-0D4644CF54FC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPROR_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{327EABFD-EDD3-44E7-AB47-7592DF33B719}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{50F31E04-D56A-4159-BF36-CF3CE27DB30C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2880480) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{663B7CD7-32AE-4AB5-8E20-12C0FA6963D4}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2880480) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.VISPROR_{663B7CD7-32AE-4AB5-8E20-12C0FA6963D4}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0054-0409-1000-0000000FF1CE}_Office15.VISPROR_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPROR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
UserTesting.com Recorder Plugin (HKCU\...\UserTestingPlugin) (Version:  - UserTesting.com)
Visual Studio 2013 Prerequisites - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Driver Package - Intel (NETwLv64) net  (10/07/2010 13.4.0.139) (HKLM\...\EA1C8ECD4E416637C38F0079F98C8C7B0A112265) (Version: 10/07/2010 13.4.0.139 - Intel)
Windows Driver Package - Intel (NETwNs64) net  (08/03/2011 14.2.0.10) (HKLM\...\E2EE673C57E78D934638ED288907F5794CF48BC3) (Version: 08/03/2011 14.2.0.10 - Intel)
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

14-05-2014 13:14:12 Windows Update
14-05-2014 17:40:23 Installed Python 2.7.6
15-05-2014 03:36:49 Installed SRS Audio Essentials.

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C1490C1-BBCE-42AC-8A3A-75D12BC573D9} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe [2014-04-25] () <==== ATTENTION
Task: {32EF22E9-BF53-460D-9150-5A823672C224} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {474CAE85-1F1C-4B85-A7FD-2318FBF0EA02} - System32\Tasks\{91AB91B4-2428-4E8B-95B0-108B527B74E3} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1638
Task: {5D0AEADF-78C7-4985-A785-1C1690CA268C} - System32\Tasks\G2MUpdateTask-S-1-5-21-3445841713-141878099-3738870165-1001 => C:\Users\JD\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe [2014-03-09] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {8094CE09-AEDA-4CA4-B277-60C8FBA27A71} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {859F9E04-D4E9-475F-8B39-5078E7AFBBC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-08] (Google Inc.)
Task: {9B0ABCB6-E772-4527-B998-0627A2A07CD7} - System32\Tasks\SLOW-PCfighter64-JD-Startup => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe
Task: {9F817758-F852-4657-9E03-A4C76C63A28E} - System32\Tasks\SLOW-PCfighter64-JD-Notification => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe
Task: {AAE31607-B394-486D-A87A-1F4CCF637138} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-02-09] ()
Task: {B3E3866B-6B28-41B2-9D94-92148B0BCFBE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {B8C98044-5867-467D-B642-2F44E2ECFE6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-08] (Google Inc.)
Task: {C21112F2-3DC4-4427-99F2-97D7BD955A54} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CA45E65D-C774-4174-B1C2-9FA216031FA1} - System32\Tasks\GreatArcadeHits => C:\Users\JD\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION
Task: {D1E5F546-4376-46DF-98F1-87699F8406CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {D36543A7-4514-4CE1-B984-24115C9666EA} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-06-29] (ASUSTek Computer Inc.)
Task: {E188F73D-5489-4EA9-B05A-CB3E03AA87B9} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe [2013-11-25] (Oracle Corporation)
Task: {E5FF4A02-2C04-4728-B465-3C590111AF95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F0B44AE1-0ABA-4BE7-BD3D-6794FE79C034} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {F774BDC4-4229-41D0-BC84-46D203DECBD4} - System32\Tasks\AmiUpdXp => C:\Users\JD\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\JD\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3445841713-141878099-3738870165-1001.job => C:\Users\JD\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GreatArcadeHits.job => C:\Users\JD\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\SLOW-PCfighter64-JD-Notification.job => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe
Task: C:\Windows\Tasks\SLOW-PCfighter64-JD-Startup.job => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe

==================== Loaded Modules (whitelisted) =============

2014-02-19 09:46 - 2012-09-18 16:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2014-02-19 09:46 - 2012-09-18 16:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-04-25 04:13 - 2014-04-25 04:13 - 00249024 _____ () C:\Program Files\pcreg\pcreg.exe
2014-04-12 14:48 - 2014-04-12 14:48 - 00076016 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-04-12 14:48 - 2014-04-12 14:48 - 00088816 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-05-24 09:16 - 2011-05-24 09:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-25 15:16 - 2012-06-25 15:16 - 05446056 _____ () C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-04-19 11:29 - 2014-03-15 04:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-08 14:18 - 2014-04-08 14:18 - 08889512 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-12 13:45 - 2014-04-12 13:45 - 00065776 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-04-12 13:45 - 2014-04-12 13:45 - 00071920 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\JD\Downloads\BT_3.1.1311_s64.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\ccsetup409 (1).exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\ChromeSetup.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\ClickHeretoDownload-3rAbv4D.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\ClickHeretoDownload-5C4JKns.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\ClickHeretoDownload-ejeyekJ.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\dotNetFx40_Full_setup.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\DriverIdentifier(1).exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\DriverIdentifier(2).exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\DriverIdentifier.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\driveridentifier_portable.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\ideaIC-13.0.1.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\iTunes64Setup.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\jdk-7u45-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\jxpiinstall.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\Minion Rush Setup%CH_52d4ca2428753205724267_.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\revosetup.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\SpotifySetup.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\spsetup124.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\tuxboot-0.6.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\utorrent.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\vioplayerv (1).exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\vioplayerv.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\winrar-x64-501.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\Wireless_15.2.0_s64.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\Wireless_16.7.0_s64.exe:BDU
AlternateDataStreams: C:\Users\JD\Downloads\YUMI-1.9.9.9B.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Network Controller
Description: Network Controller
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2014 08:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17514, time stamp: 0x4ce7a144
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a
Exception code: 0xe06d7363
Fault offset: 0x000000000000940d
Faulting process id: 0x82c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (05/16/2014 07:52:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 08:31:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2014 03:34:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"1".
Dependent Assembly Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/14/2014 04:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013

Error: (05/14/2014 04:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013

Error: (05/14/2014 04:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/14/2014 04:30:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (05/14/2014 04:30:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999

Error: (05/14/2014 04:30:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (05/16/2014 08:30:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:06:13 AM on ‎5/‎16/‎2014 was unexpected.

Error: (05/14/2014 11:45:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SRS HDAudio Lab Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/14/2014 01:18:19 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Driver USB returned invalid ID for a child device (12345).

Error: (05/13/2014 02:14:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SRS HDAudio Lab Service service failed to start due to the following error:
%%1053

Error: (05/13/2014 02:14:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SRS HDAudio Lab Service service to connect.

Error: (05/13/2014 02:13:56 PM) (Source: Microsoft Antimalware) (EventID: 2004) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

    Signatures Attempted: %24

    Error Code: 0x80070002

    Error description: The system cannot find the file specified.

    Signature version: 0.0.0.0;0.0.0.0

    Engine version: %600

Error: (05/11/2014 06:57:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MySQL56 service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/11/2014 11:50:19 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume G: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (05/09/2014 02:38:44 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}.
The backup browser is stopping.

Error: (05/08/2014 10:21:07 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (05/16/2014 08:02:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175144ce7a144KERNELBASE.dll6.1.7601.184095315a05ae06d7363000000000000940d82c01cf71634457eb37C:\Windows\explorer.exeC:\Windows\system32\KERNELBASE.dll8259abdf-dd56-11e3-b88b-005056c00008

Error: (05/16/2014 07:52:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 08:31:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2014 03:34:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"C:\Program Files (x86)\Windows Kits\8.0\bin\x86\makecat.exe.Manifest

Error: (05/14/2014 04:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013

Error: (05/14/2014 04:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013

Error: (05/14/2014 04:30:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/14/2014 04:30:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (05/14/2014 04:30:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999

Error: (05/14/2014 04:30:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-01-14 14:51:08.242
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SFCOM64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-14 14:51:08.195
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SFNHK64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-14 14:51:08.164
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SFCOM64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-14 14:51:07.915
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SFNHK64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-14 14:51:07.883
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SFCOM64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-14 14:51:04.592
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SFNHK64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-14 14:51:04.561
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SFCOM64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 6049.13 MB
Available physical RAM: 3438.58 MB
Total Pagefile: 12096.45 MB
Available Pagefile: 9530.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:200 GB) (Free:55.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (15.0.4420.1017) (CDROM) (Total:0.79 GB) (Free:0 GB) UDF
Drive z: (Storage) (Fixed) (Total:219.8 GB) (Free:183.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 973CE8E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=316 GB) - (Type=05)

==================== End Of Log ============================



#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:12 AM

Posted 17 May 2014 - 04:39 AM

Hey,

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 T3HTR33

T3HTR33
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 17 May 2014 - 07:24 PM

# AdwCleaner v3.208 - Report created 17/05/2014 at 10:39:03
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : JD - JD-PC
# Running from : C:\Users\JD\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\JD\AppData\Local\BrowserSafeguard
File Deleted : C:\END
File Deleted : C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\afgitjpu.default-1397922764300\searchplugins\conduit-search.xml
File Deleted : C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\givvokap.Default User\searchplugins\conduit-search.xml
File Deleted : C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\r1r3fpjh.default-1398206828892\searchplugins\conduit-search.xml
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\b1.org
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\b1.org
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : [x64] HKLM\SOFTWARE\b1.org
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16866
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\afgitjpu.default-1397922764300\prefs.js ]
 
 
[ File : C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\r1r3fpjh.default-1398206828892\prefs.js ]
 
 
[ File : C:\Users\standard\AppData\Roaming\Mozilla\Firefox\Profiles\3aw39to6.default\prefs.js ]
 
 
-\\ Google Chrome v34.0.1847.137
 
[ File : C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : ippkomaaonokjnfjoikaemidanojkfmm
 
[ File : C:\Users\standard\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [2234 octets] - [19/04/2014 11:38:13]
AdwCleaner[R1].txt - [3366 octets] - [17/05/2014 10:32:13]
AdwCleaner[S0].txt - [3061 octets] - [17/05/2014 10:39:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3121 octets] ##########
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 5/17/2014
Scan Time: 11:31:26 AM
Logfile: scan_log.txt
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.05.17.08
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: JD
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349942
Time Elapsed: 36 min, 51 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
PUP.Optional.GreatArcadeHits.A, C:\Users\JD\AppData\Local\GreatArcadeHits, Quarantined, [8b7541bfcd3355abcc74adc550b2fa06], 
 
Files: 11
PUP.Optional.Conduit.A, C:\temp\embededstub_new2.exe, Quarantined, [768a1ce49f6178886949fe44ef1127d9], 
PUP.Optional.Verti, C:\Users\JD\Downloads\RealPlayer.exe, Quarantined, [01ffa45c05fbf7096fcaea5613f18e72], 
PUP.Optional.InstallIQ, C:\Users\JD\Downloads\vioplayerv (1).exe, Quarantined, [39c78a762bd5c43c54e6b68a718f2bd5], 
PUP.Optional.InstallIQ, C:\Users\JD\Downloads\vioplayerv.exe, Quarantined, [b84846ba29d7f010f44665db16ead828], 
Hacktool.Agent, C:\Users\JD\Downloads\THE LOADER IZZAT1996.zip, Quarantined, [41bf2bd5847c45bbfe5e1237b44dbb45], 
PUP.Optional.Somoto, C:\Users\JD\Downloads\ClickHeretoDownload-3rAbv4D.exe, Quarantined, [2ad6ee127789ec1460d6fd725ca8d22e], 
PUP.Optional.Somoto, C:\Users\JD\Downloads\ClickHeretoDownload-5C4JKns.exe, Quarantined, [d729f9079c6404fc46f0afc08c78916f], 
PUP.Optional.Somoto, C:\Users\JD\Downloads\ClickHeretoDownload-ejeyekJ.exe, Quarantined, [f50b9b6524dc9d63b87e86e98d77ea16], 
Hacktool.Agent, C:\Users\JD\Downloads\Windows-Loader-v2.2.1.zip, Quarantined, [9e62cb35c43c60a0f666a5a47988946c], 
PUP.Optional.Verti, C:\Users\JD\Downloads\MediaPlayerClassic.exe, Quarantined, [0df3d52be71956aa74c549f712f24cb4], 
PUP.Optional.GreatArcadeHits.A, C:\Windows\Tasks\GreatArcadeHits.job, Quarantined, [0cf4bb4532ce699779f4980710f25ba5], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by JD on Sat 05/17/2014 at 19:52:29.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\Users\JD\appdata\locallow\boost_interprocess"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/17/2014 at 20:17:20.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by JD (administrator) on JD-PC on 17-05-2014 20:21:26
Running from C:\Users\JD\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-
 
recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-
 
recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support
 
\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
() C:\Program Files\pcreg\pcreg.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SRS Labs, Inc.) C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab Service 
 
2\SRSAudioLabService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Spotify Ltd) C:\Users\JD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Flux Software LLC) C:\Users\JD\AppData\Local\FluxSoftware\Flux\flux.exe
(Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 
 
1.1.5\MySQLNotifier.exe
() C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet 
 
Publisher\FNPLicensingService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components
 
\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components
 
\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun
 
\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe 
 
[108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 
 
2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet 
 
Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [pcreg] => C:\Program Files\pcreg\service.exe [89816 2014-04-25] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 
 
2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 
 
2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [SRSAENotifier] => C:\Program Files\SRS Labs\SRS Audio Essentials
 
\AENotifier.exe [570272 2012-06-25] (SRS Labs, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package
 
\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media
 
\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey
 
\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple 
 
Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java 
 
Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM
 
\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server
 
\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update
 
\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe 
 
[421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 
 
2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcreg\service.exe [89816 2014-04-25] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [DAEMON Tools Lite] => C:
 
\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [Spotify Web Helper] => C:
 
\Users\JD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-30] 
 
(Spotify Ltd)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [f.lux] => C:\Users\JD
 
\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [MySQL Notifier] => C:
 
\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe [771584 2013-11-25] 
 
(Oracle Corporation)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [pcreg] => C:\Program Files
 
\pcreg\service.exe [89816 2014-04-25] ()
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [SRSHDAudioLab] => C:
 
\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe [5446056 2012-06-25] 
 
()
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Policies\Explorer: 
 
[HideSCAHealth] 1
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\MountPoints2: {c67c9c8e-7832-
 
11e3-a708-bc773764b959} - F:\SETUP.EXE
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = 
 
en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 
 
0xFBED9B3AAC63CF01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - 
 
C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download 
 
Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program 
 
Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program 
 
Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:
 
\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:
 
\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} 
 
- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download 
 
Manager, Tonec Inc.)
BHO-x32: Microsoft.Search.HRSToolBar.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-
 
715931e2775d} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-
 
b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE
 
\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft 
 
Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:
 
\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:
 
\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:
 
\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} 
 
- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:
 
\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing HRS Toolbar - {c9a6357b-25cc-4bcf-96c1-78736985d414} - C:
 
\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft 
 
Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files 
 
(x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\r1r3fpjh.default-
 
1398206828892
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF NetworkProxy: "backup.ftp", "213.24.60.52"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "213.24.60.52"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "213.24.60.52"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "87.119.220.179"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "87.119.220.179"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "87.119.220.179"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash
 
\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS 
 
Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin
 
\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin
 
\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight
 
\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:
 
\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:
 
\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash
 
\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director
 
\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins
 
\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX
 
\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files 
 
(x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java
 
\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java
 
\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft 
 
Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:
 
\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:
 
\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files 
 
(x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files 
 
(x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR
 
\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\JD\AppData\Local\Citrix
 
\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-
 
mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
 
\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
 
\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
 
\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
 
\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
 
\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
 
\npqtplugin5.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions
 
\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014-03-11]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\JD
 
\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5 [2014-01-24]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users
 
\JD\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5 [2014-01-24]
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\JD\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08]
CHR Extension: (Google Drive) - C:\Users\JD\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08]
CHR Extension: (Leapforce Extension) - C:\Users\JD\AppData\Local\Google\Chrome\User 
 
Data\Default\Extensions\belncckcaakhmonmcfmegbglccbjlebc [2014-03-03]
CHR Extension: (RaterAide) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\bhlblfbajhmkflfamdiiccdohdkbdaon [2014-05-13]
CHR Extension: (YouTube) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08]
CHR Extension: (Adblock Plus) - C:\Users\JD\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-27]
CHR Extension: (Google Search) - C:\Users\JD\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\JD\AppData\Local
 
\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-01-
 
24]
CHR Extension: (IDM Integration Module) - C:\Users\JD\AppData\Local\Google\Chrome\User 
 
Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-01-24]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\JD\AppData\Local\Google\Chrome\User 
 
Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2014-03-03]
CHR Extension: (Google Wallet) - C:\Users\JD\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08]
CHR Extension: (Gmail) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program 
 
Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-01-16]
 
==================== Services (Whitelisted) =================
 
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 
 
2014-01-14] (Apple Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-
 
02-02] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 
 
2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 
 
2014-03-25] (COMODO)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe 
 
[142336 2013-08-22] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] 
 
(Microsoft Corporation)
S3 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14237 2014-02-10] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] 
 
(Microsoft Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
R2 SRSHDAudioService; C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab 
 
Service 2\SRSAudioLabService.exe [13232 2012-06-25] (SRS Labs, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF
 
\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages
 
\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 
 
2014-01-08] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-08] (Disc 
 
Soft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft 
 
Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft 
 
Corporation)
R3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [549704 2012-06-21] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [783360 2010-04-27] (Atheros 
 
Communications, Inc.)
R3 WSIMD; C:\Windows\System32\DRIVERS\wsimdx.sys [75776 2009-03-17] (Atheros 
 
Communications, Inc.)
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-17 20:20 - 2014-05-17 20:20 - 02067456 _____ (Farbar) C:\Users\JD\Desktop
 
\FRST64.exe
2014-05-17 20:17 - 2014-05-17 20:17 - 00000768 _____ () C:\Users\JD\Desktop\JRT.txt
2014-05-17 19:52 - 2014-05-17 19:52 - 00000000 ____D () C:\Windows\ERUNT
2014-05-17 19:51 - 2014-05-17 19:51 - 01016261 _____ (Thisisu) C:\Users\JD\Desktop
 
\JRT.exe
2014-05-17 10:51 - 2014-05-17 19:47 - 00119512 _____ (Malwarebytes Corporation) C:
 
\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 10:51 - 2014-05-17 10:51 - 00001102 _____ () C:\Users\Public\Desktop
 
\Malwarebytes Anti-Malware.lnk
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\Program Files 
 
(x86)\Malwarebytes Anti-Malware
2014-05-17 10:51 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:
 
\Windows\system32\Drivers\mbamchameleon.sys
2014-05-17 10:51 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:
 
\Windows\system32\Drivers\mwac.sys
2014-05-17 10:51 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:
 
\Windows\system32\Drivers\mbam.sys
2014-05-17 10:44 - 2014-05-17 10:44 - 17305616 _____ (Malwarebytes Corporation ) C:
 
\Users\JD\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-17 10:41 - 2014-05-17 10:41 - 00003209 _____ () C:\Users\JD\Desktop\AdwCleaner
 
[S0].txt
2014-05-17 10:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:
 
\Windows\SysWOW64\sqlite3.dll
2014-05-17 10:31 - 2014-05-17 10:31 - 01325827 _____ () C:\Users\JD\Desktop
 
\AdwCleaner.exe
2014-05-16 22:20 - 2014-05-17 20:21 - 00021516 _____ () C:\Users\JD\Desktop\FRST.txt
2014-05-16 22:20 - 2014-05-16 22:20 - 00049167 _____ () C:\Users\JD\Desktop
 
\Addition.txt
2014-05-16 20:02 - 2014-05-17 20:21 - 00000000 ____D () C:\FRST
2014-05-16 14:02 - 2014-05-16 14:06 - 00031780 _____ () C:\Users\JD\Desktop\dds.txt
2014-05-16 14:02 - 2014-05-16 14:06 - 00012772 _____ () C:\Users\JD\Desktop\attach.txt
2014-05-16 13:56 - 2014-05-16 13:56 - 00688992 ____R (Swearware) C:\Users\JD\Desktop
 
\dds.com
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files
 
\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files
 
\Macrovision Shared
2014-05-14 14:57 - 2014-05-14 14:59 - 07245560 _____ () C:\Users\JD\Desktop\python-
 
2.7.6-docs-html.zip
2014-05-14 14:09 - 2014-05-14 14:12 - 00000000 ____D () C:\Android_ADT
2014-05-14 13:42 - 2014-05-14 13:42 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Python 2.7
2014-05-14 13:41 - 2014-05-14 13:42 - 00000000 ____D () C:\Python
2014-05-14 09:33 - 2014-05-17 11:34 - 00003758 _____ () C:\Windows\System32\Tasks
 
\AutoKMS
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 09:23 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:
 
\Windows\system32\mshtml.dll
2014-05-14 09:23 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:
 
\Windows\system32\mshtmled.dll
2014-05-14 09:23 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\mshtml.dll
2014-05-14 09:23 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\mshtmled.dll
2014-05-14 09:23 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:
 
\Windows\system32\mshtml.tlb
2014-05-14 09:23 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\mshtml.tlb
2014-05-14 09:13 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:
 
\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 09:13 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:
 
\Windows\system32\Drivers\ksecdd.sys
2014-05-14 09:13 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:
 
\Windows\system32\lsasrv.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:
 
\Windows\system32\sspicli.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:
 
\Windows\system32\lsass.exe
2014-05-14 09:13 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:
 
\Windows\system32\sspisrv.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:
 
\Windows\system32\secur32.dll
2014-05-14 09:13 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\secur32.dll
2014-05-14 09:13 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:
 
\Windows\system32\ntoskrnl.exe
2014-05-14 09:13 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:
 
\Windows\system32\kerberos.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:
 
\Windows\system32\objsel.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:
 
\Windows\system32\KernelBase.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:
 
\Windows\system32\schannel.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:
 
\Windows\system32\msv1_0.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:
 
\Windows\system32\wdigest.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:
 
\Windows\system32\TSpkg.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:
 
\Windows\system32\wincredprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:
 
\Windows\system32\winlogon.exe
2014-05-14 09:13 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:
 
\Windows\system32\cngprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:
 
\Windows\system32\adprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:
 
\Windows\system32\capiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:
 
\Windows\system32\dpapiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:
 
\Windows\system32\dimsroam.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:
 
\Windows\system32\credssp.dll
2014-05-14 09:13 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 09:13 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 09:13 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\kerberos.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\objsel.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\msv1_0.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\schannel.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\wdigest.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\TSpkg.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\cngprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\adprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\capiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\dimsroam.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\wincredprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\credssp.dll
2014-05-14 09:13 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\KernelBase.dll
2014-05-14 09:12 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\sspicli.dll
2014-05-14 09:12 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:
 
\Windows\system32\shell32.dll
2014-05-14 09:12 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\shell32.dll
2014-05-13 21:35 - 2014-05-13 21:35 - 00002151 _____ () C:\Users\JD\AppData\Local
 
\recently-used.xbel
2014-05-13 21:29 - 2014-05-13 21:29 - 00003156 _____ () C:\Windows\System32\Tasks
 
\{91AB91B4-2428-4E8B-95B0-108B527B74E3}
2014-05-13 13:15 - 2014-05-13 13:15 - 00000000 ____D () C:\Windows\Sun
2014-05-13 13:12 - 2014-05-13 13:12 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\DDMSettings
2014-05-11 12:46 - 2014-05-11 12:46 - 00000000 ____D () C:\Users\JD\Documents\Virtual 
 
Machines
2014-05-10 19:45 - 2014-05-10 19:47 - 16281600 _____ () C:\Users\JD\Desktop\python-
 
2.7.6.msi
2014-05-10 19:44 - 2014-05-10 19:44 - 00000000 ____D () C:\Users\JD\.idlerc
2014-05-09 12:32 - 2014-05-09 12:32 - 00000000 ____D () C:\Users\JD\Desktop\Archive-
 
3c9f
2014-05-08 09:53 - 2014-05-08 09:57 - 00000074 _____ () C:\Users\JD\Desktop\cc.txt
2014-05-05 12:41 - 2014-05-05 12:41 - 00000032 _____ () C:\Users\JD\Desktop\sirius.txt
2014-05-02 21:46 - 2014-05-02 21:46 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-05-02 20:49 - 2014-05-02 20:49 - 00000000 ____D () C:\Users\JD\AppData\Local\gtk-
 
2.0
2014-05-01 17:00 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\SRS Labs
2014-05-01 13:47 - 2014-05-01 13:47 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\Program Files 
 
(x86)\TechSmith
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData
 
\Roaming\Subversion
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData
 
\Roaming\Intel
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData
 
\Local\TSVNCache
2014-05-01 06:46 - 2013-12-21 05:39 - 00600064 _____ (Microsoft Corporation) C:
 
\Windows\system32\vbscript.dll
2014-05-01 06:46 - 2013-12-21 03:56 - 00523776 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\vbscript.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 02238976 _____ (Microsoft Corporation) C:
 
\Windows\system32\wininet.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 01365504 _____ (Microsoft Corporation) C:
 
\Windows\system32\urlmon.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 00051712 _____ (Microsoft Corporation) C:
 
\Windows\system32\ie4uinit.exe
2014-05-01 06:31 - 2014-03-13 02:32 - 03959808 _____ (Microsoft Corporation) C:
 
\Windows\system32\jscript9.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00855552 _____ (Microsoft Corporation) C:
 
\Windows\system32\jscript.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00603136 _____ (Microsoft Corporation) C:
 
\Windows\system32\msfeeds.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00197120 _____ (Microsoft Corporation) C:
 
\Windows\system32\msrating.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00053760 _____ (Microsoft Corporation) C:
 
\Windows\system32\jsproxy.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 15404544 _____ (Microsoft Corporation) C:
 
\Windows\system32\ieframe.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 02648576 _____ (Microsoft Corporation) C:
 
\Windows\system32\iertutil.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00526336 _____ (Microsoft Corporation) C:
 
\Windows\system32\ieui.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00136704 _____ (Microsoft Corporation) C:
 
\Windows\system32\iesysprep.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00067072 _____ (Microsoft Corporation) C:
 
\Windows\system32\iesetup.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00039936 _____ (Microsoft Corporation) C:
 
\Windows\system32\iernonce.dll
2014-05-01 06:31 - 2014-03-13 01:10 - 01766400 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\wininet.dll
2014-05-01 06:31 - 2014-03-13 01:10 - 01140736 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\urlmon.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 13761024 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\ieframe.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 02877952 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\jscript9.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 02049536 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\iertutil.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00690688 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\jscript.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00493056 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\msfeeds.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00391168 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\ieui.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00163840 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\msrating.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00109056 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\iesysprep.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00061440 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\iesetup.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00039936 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\jsproxy.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00033280 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\iernonce.dll
2014-05-01 06:31 - 2014-03-12 23:59 - 00089600 _____ (Microsoft Corporation) C:
 
\Windows\system32\RegisterIEPKEYs.exe
2014-05-01 06:31 - 2014-03-12 23:51 - 00071680 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-01 06:29 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:
 
\Windows\system32\kernel32.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:
 
\Windows\system32\wow64win.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:
 
\Windows\system32\wow64.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:
 
\Windows\system32\ntvdm64.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:
 
\Windows\system32\wow64cpu.dll
2014-05-01 06:29 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\ntvdm64.dll
2014-05-01 06:29 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\kernel32.dll
2014-05-01 06:29 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\setup16.exe
2014-05-01 06:29 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\wow32.dll
2014-05-01 06:29 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\instnm.exe
2014-05-01 06:29 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\user.exe
2014-04-30 15:12 - 2014-04-30 15:12 - 00001773 _____ () C:\Users\JD\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-04-30 09:05 - 2014-04-30 09:13 - 1066401792 _____ () C:\Users\JD\Downloads
 
\kubuntu-14.04-desktop-amd64.iso
2014-04-30 08:47 - 2014-04-30 08:54 - 1010827264 _____ () C:\Users\JD\Downloads
 
\ubuntu-14.04-desktop-amd64.iso
2014-04-29 16:16 - 2014-04-29 16:16 - 00000000 ____D () C:\ProgramData\Real
2014-04-29 16:15 - 2014-04-29 16:15 - 00003678 _____ () C:\Windows\System32\Tasks\pcreg
2014-04-29 16:15 - 2014-04-29 16:15 - 00000000 ____D () C:\Program Files\pcreg
2014-04-29 16:02 - 2014-04-30 01:03 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Media Player Classic
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\Program Files (x86)\Media 
 
Player Classic - Home Cinema
2014-04-29 15:34 - 2014-04-29 15:35 - 00000000 ____D () C:\Users\JD\Desktop\Tor Browser
2014-04-29 15:31 - 2014-04-29 15:31 - 22913908 _____ () C:\Users\JD\Downloads
 
\torbrowser-install-3.5.4_en-US.exe
2014-04-28 16:25 - 2014-04-28 16:25 - 00001376 _____ () C:\Users\JD\Downloads
 
\UnfinishedUploads.usertesting
2014-04-28 11:45 - 2014-04-28 16:25 - 00000000 ____D () C:\Users\JD\Documents
 
\UserTesting
2014-04-28 11:43 - 2014-04-28 16:25 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\UserTestingPlugin
2014-04-28 11:42 - 2014-04-28 11:42 - 24394056 _____ () C:\Users\JD\Downloads
 
\InstallUserTestingPlugin-v1.8.exe
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\Documents\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Program Files 
 
(x86)\Balabolka
2014-04-28 08:31 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Hunspell
2014-04-28 08:30 - 2014-05-13 14:12 - 00000000 ____D () C:\Users\JD\Documents\Cross+A
2014-04-28 08:30 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Cross+A
2014-04-28 08:30 - 2014-04-28 08:31 - 00000000 ____D () C:\Program Files (x86)\CrossA
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\Rick Ross 
 
- Mastermind (iTunes)
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads
 
\iRickRossTheReturnofAlbertAnastasia
2014-04-25 08:22 - 2014-04-25 08:22 - 00120832 _____ () C:\Users\JD\Downloads\Chapter 
 
13.ppt
2014-04-25 08:21 - 2014-04-25 08:21 - 00103424 _____ () C:\Users\JD\Downloads
 
\divest_2001.ppt
2014-04-25 08:20 - 2014-04-25 08:30 - 93042629 _____ () C:\Users\JD\Downloads
 
\iRickRossTheReturnofAlbertAnastasia.rar
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ___RD () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\ProgramData\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Common Files
 
\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-22 11:07 - 2014-04-22 11:08 - 95240144 _____ (Intel® Corporation) C:\Users
 
\JD\Downloads\Wireless_16.11.0_s64.exe
2014-04-22 11:06 - 2014-04-22 11:06 - 26384736 _____ (Intel® Corporation) C:\Users
 
\JD\Downloads\Wireless_16.11.0_Ds64.exe
2014-04-21 20:52 - 2014-04-21 20:52 - 00000000 ____D () C:\Users\JD\Downloads\eclipse-
 
standard-kepler-SR2-win32-x86_64
2014-04-21 20:42 - 2014-04-21 20:52 - 210335332 _____ () C:\Users\JD\Downloads
 
\eclipse-standard-kepler-SR2-win32-x86_64.zip
2014-04-21 16:39 - 2014-04-21 16:39 - 00000000 ____H () C:\Windows\system32\Drivers
 
\Msft_Kernel_netaapl64_01009.Wdf
2014-04-21 16:12 - 2014-04-21 16:12 - 00002209 _____ () C:\Users\JD\Desktop\Kindle.lnk
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\Documents\My Kindle 
 
Content
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\Amazon
2014-04-19 22:25 - 2014-04-19 22:25 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\TortoiseSVN
2014-04-19 22:17 - 2014-05-14 09:30 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\TSVNCache
2014-04-19 22:08 - 2014-04-19 22:22 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\TortoiseSVN
2014-04-19 22:04 - 2014-04-19 22:04 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Subversion
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\Common Files
 
\TortoiseOverlays
2014-04-19 20:35 - 2014-04-19 20:35 - 00000000 ____D () C:\Users\JD\Documents\Graphics
2014-04-19 11:38 - 2014-05-17 10:39 - 00000000 ____D () C:\AdwCleaner
2014-04-19 11:35 - 2014-04-19 11:35 - 00000000 ____D () C:\ProgramData\Monodoc
2014-04-19 11:34 - 2014-04-19 11:35 - 00000000 ____D () C:\Program Files 
 
(x86)\Microsoft Visual Studio 10.0
2014-04-19 11:34 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files 
 
(x86)\Microsoft Visual Studio 11.0
2014-04-19 11:29 - 2014-04-19 11:29 - 00001159 _____ () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-19 01:19 - 2014-04-19 01:19 - 00000587 _____ () C:\Users\JD\Downloads\404.html
 
==================== One Month Modified Files and Folders =======
 
2014-05-17 20:22 - 2014-05-16 22:20 - 00021516 _____ () C:\Users\JD\Desktop\FRST.txt
2014-05-17 20:21 - 2014-05-16 20:02 - 00000000 ____D () C:\FRST
2014-05-17 20:21 - 2014-02-25 20:50 - 00000544 _____ () C:\Windows\Tasks
 
\G2MUpdateTask-S-1-5-21-3445841713-141878099-3738870165-1001.job
2014-05-17 20:20 - 2014-05-17 20:20 - 02067456 _____ (Farbar) C:\Users\JD\Desktop
 
\FRST64.exe
2014-05-17 20:17 - 2014-05-17 20:17 - 00000768 _____ () C:\Users\JD\Desktop\JRT.txt
2014-05-17 19:52 - 2014-05-17 19:52 - 00000000 ____D () C:\Windows\ERUNT
2014-05-17 19:52 - 2014-01-08 21:12 - 00000886 _____ () C:\Windows\Tasks
 
\GoogleUpdateTaskMachineCore.job
2014-05-17 19:51 - 2014-05-17 19:51 - 01016261 _____ (Thisisu) C:\Users\JD\Desktop
 
\JRT.exe
2014-05-17 19:47 - 2014-05-17 10:51 - 00119512 _____ (Malwarebytes Corporation) C:
 
\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 19:47 - 2014-01-08 21:13 - 00000890 _____ () C:\Windows\Tasks
 
\GoogleUpdateTaskMachineUA.job
2014-05-17 19:46 - 2014-01-14 01:23 - 00000378 _____ () C:\Windows\Tasks\SLOW-
 
PCfighter64-JD-Notification.job
2014-05-17 19:46 - 2013-12-27 05:26 - 01251240 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 11:38 - 2009-07-14 00:45 - 00034720 ____H () C:\Windows\system32\7B296FB0-
 
376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 11:38 - 2009-07-14 00:45 - 00034720 ____H () C:\Windows\system32\7B296FB0-
 
376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 11:34 - 2014-05-14 09:33 - 00003758 _____ () C:\Windows\System32\Tasks
 
\AutoKMS
2014-05-17 11:32 - 2014-02-10 21:41 - 00000000 ____D () C:\ProgramData\VMware
2014-05-17 11:32 - 2014-01-14 01:23 - 00000376 _____ () C:\Windows\Tasks\SLOW-
 
PCfighter64-JD-Startup.job
2014-05-17 11:32 - 2010-11-20 23:47 - 00161972 _____ () C:\Windows\PFRO.log
2014-05-17 11:32 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 11:32 - 2009-07-14 00:51 - 00020196 _____ () C:\Windows\setupact.log
2014-05-17 10:51 - 2014-05-17 10:51 - 00001102 _____ () C:\Users\Public\Desktop
 
\Malwarebytes Anti-Malware.lnk
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\Program Files 
 
(x86)\Malwarebytes Anti-Malware
2014-05-17 10:46 - 2014-04-03 11:06 - 00000000 ____D () C:\Users\JD\Documents\Outlook 
 
Files
2014-05-17 10:44 - 2014-05-17 10:44 - 17305616 _____ (Malwarebytes Corporation ) C:
 
\Users\JD\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-17 10:41 - 2014-05-17 10:41 - 00003209 _____ () C:\Users\JD\Desktop\AdwCleaner
 
[S0].txt
2014-05-17 10:39 - 2014-04-19 11:38 - 00000000 ____D () C:\AdwCleaner
2014-05-17 10:31 - 2014-05-17 10:31 - 01325827 _____ () C:\Users\JD\Desktop
 
\AdwCleaner.exe
2014-05-17 00:08 - 2014-03-11 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla 
 
Firefox
2014-05-16 23:55 - 2013-12-27 02:58 - 00003902 _____ () C:\Windows\System32\Tasks
 
\User_Feed_Synchronization-{D87CBFDE-4887-4F44-917D-04346E4857EF}
2014-05-16 22:20 - 2014-05-16 22:20 - 00049167 _____ () C:\Users\JD\Desktop
 
\Addition.txt
2014-05-16 14:06 - 2014-05-16 14:02 - 00031780 _____ () C:\Users\JD\Desktop\dds.txt
2014-05-16 14:06 - 2014-05-16 14:02 - 00012772 _____ () C:\Users\JD\Desktop\attach.txt
2014-05-16 13:56 - 2014-05-16 13:56 - 00688992 ____R (Swearware) C:\Users\JD\Desktop
 
\dds.com
2014-05-16 10:33 - 2014-01-09 11:08 - 00000000 ____D () C:\Users\JD\AppData\Roaming\vlc
2014-05-15 20:14 - 2014-01-23 13:57 - 00000000 ____D () C:\Users\JD\workspace
2014-05-15 09:01 - 2014-01-08 03:10 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\DMCache
2014-05-15 03:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files
 
\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files
 
\Macrovision Shared
2014-05-14 23:37 - 2014-05-01 17:00 - 00000000 ____D () C:\Program Files\SRS Labs
2014-05-14 14:59 - 2014-05-14 14:57 - 07245560 _____ () C:\Users\JD\Desktop\python-
 
2.7.6-docs-html.zip
2014-05-14 14:12 - 2014-05-14 14:09 - 00000000 ____D () C:\Android_ADT
2014-05-14 13:42 - 2014-05-14 13:42 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Python 2.7
2014-05-14 13:42 - 2014-05-14 13:41 - 00000000 ____D () C:\Python
2014-05-14 13:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 09:30 - 2014-04-19 22:17 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\TSVNCache
2014-05-14 09:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 09:25 - 2014-01-08 03:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 09:23 - 2014-01-08 03:34 - 00000000 ____D () C:\Program Files\Common Files
 
\DESIGNER
2014-05-14 09:21 - 2013-12-27 11:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 21:36 - 2014-03-20 11:45 - 00000000 ____D () C:\Users\JD\.gimp-2.8
2014-05-13 21:35 - 2014-05-13 21:35 - 00002151 _____ () C:\Users\JD\AppData\Local
 
\recently-used.xbel
2014-05-13 21:29 - 2014-05-13 21:29 - 00003156 _____ () C:\Windows\System32\Tasks
 
\{91AB91B4-2428-4E8B-95B0-108B527B74E3}
2014-05-13 16:28 - 2014-01-04 08:44 - 00007608 _____ () C:\Users\JD\AppData\Local
 
\resmon.resmoncfg
2014-05-13 14:30 - 2014-01-08 21:13 - 00003886 _____ () C:\Windows\System32\Tasks
 
\GoogleUpdateTaskMachineUA
2014-05-13 14:30 - 2014-01-08 21:12 - 00003634 _____ () C:\Windows\System32\Tasks
 
\GoogleUpdateTaskMachineCore
2014-05-13 14:30 - 2009-07-14 01:13 - 00803532 _____ () C:\Windows
 
\system32\PerfStringBackup.INI
2014-05-13 14:23 - 2013-12-27 02:53 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-13 14:18 - 2014-03-24 03:32 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\DivX
2014-05-13 14:18 - 2014-03-24 03:31 - 00000000 ____D () C:\ProgramData\DivX
2014-05-13 14:18 - 2014-03-24 03:31 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-05-13 14:17 - 2014-01-06 16:42 - 00002441 _____ () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-13 14:14 - 2013-12-27 02:28 - 00000000 ____D () C:\Users\JD
2014-05-13 14:12 - 2014-04-28 08:30 - 00000000 ____D () C:\Users\JD\Documents\Cross+A
2014-05-13 14:12 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Python 2.6
2014-05-13 14:12 - 2014-04-03 15:41 - 00000000 ____D () C:\Users\standard
2014-05-13 14:12 - 2014-03-24 03:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\DivX
2014-05-13 14:12 - 2014-02-18 22:50 - 00000000 ____D () C:\Users\JD\.android
2014-05-13 14:12 - 2014-02-10 23:15 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\VMware
2014-05-13 14:12 - 2014-02-09 13:24 - 00000000 ____D () C:\Windows\AutoKMS
2014-05-13 14:12 - 2014-01-08 03:35 - 00000000 ____D () C:\Windows\System32\Tasks
 
\OfficeSoftwareProtectionPlatform
2014-05-13 14:12 - 2013-12-28 14:21 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\uTorrent
2014-05-13 14:12 - 2011-04-12 04:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\security
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-13 14:11 - 2014-02-24 18:26 - 00000000 ____D () C:\Users\JD\Documents\Visual 
 
Studio 2013
2014-05-13 14:11 - 2014-01-08 03:10 - 00000000 ____D () C:\Users\JD\Downloads
 
\Compressed
2014-05-13 14:10 - 2014-01-24 23:01 - 00000000 ____D () C:\Users\JD\AppData\Roaming\IDM
2014-05-13 13:15 - 2014-05-13 13:15 - 00000000 ____D () C:\Windows\Sun
2014-05-13 13:12 - 2014-05-13 13:12 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\DDMSettings
2014-05-11 21:06 - 2014-02-10 23:15 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\VMware
2014-05-11 12:46 - 2014-05-11 12:46 - 00000000 ____D () C:\Users\JD\Documents\Virtual 
 
Machines
2014-05-10 19:47 - 2014-05-10 19:45 - 16281600 _____ () C:\Users\JD\Desktop\python-
 
2.7.6.msi
2014-05-10 19:44 - 2014-05-10 19:44 - 00000000 ____D () C:\Users\JD\.idlerc
2014-05-09 12:32 - 2014-05-09 12:32 - 00000000 ____D () C:\Users\JD\Desktop\Archive-
 
3c9f
2014-05-08 09:57 - 2014-05-08 09:53 - 00000074 _____ () C:\Users\JD\Desktop\cc.txt
2014-05-06 01:14 - 2014-05-14 09:23 - 19274752 _____ (Microsoft Corporation) C:
 
\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-14 09:23 - 00097280 _____ (Microsoft Corporation) C:
 
\Windows\system32\mshtmled.dll
2014-05-05 23:48 - 2014-05-14 09:23 - 14367232 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\mshtml.dll
2014-05-05 23:48 - 2014-05-14 09:23 - 00080384 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\mshtmled.dll
2014-05-05 23:37 - 2014-05-14 09:23 - 02706432 _____ (Microsoft Corporation) C:
 
\Windows\system32\mshtml.tlb
2014-05-05 23:26 - 2014-05-14 09:23 - 02706432 _____ (Microsoft Corporation) C:
 
\Windows\SysWOW64\mshtml.tlb
2014-05-05 22:12 - 2014-01-15 00:27 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\Spotify
2014-05-05 12:41 - 2014-05-05 12:41 - 00000032 _____ () C:\Users\JD\Desktop\sirius.txt
2014-05-04 17:12 - 2013-12-27 11:23 - 93223848 _____ (Microsoft Corporation) C:
 
\Windows\system32\MRT.exe
2014-05-02 21:46 - 2014-05-02 21:46 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-05-02 20:49 - 2014-05-02 20:49 - 00000000 ____D () C:\Users\JD\AppData\Local\gtk-
 
2.0
2014-05-01 16:50 - 2013-12-27 02:53 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-01 16:32 - 2013-12-27 02:50 - 00000000 ___HD () C:\Program Files 
 
(x86)\InstallShield Installation Information
2014-05-01 13:47 - 2014-05-01 13:47 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\Program Files 
 
(x86)\TechSmith
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData
 
\Roaming\Subversion
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData
 
\Roaming\Intel
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData
 
\Local\TSVNCache
2014-05-01 06:54 - 2009-07-14 00:45 - 00451976 _____ () C:\Windows
 
\system32\FNTCACHE.DAT
2014-05-01 06:43 - 2014-03-25 15:22 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-30 23:36 - 2014-02-27 12:49 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Skype
2014-04-30 21:43 - 2014-01-14 14:37 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Spotify
2014-04-30 20:31 - 2013-12-28 14:25 - 00000000 ____D () C:\Users\JD\Downloads\torrents
2014-04-30 15:12 - 2014-04-30 15:12 - 00001773 _____ () C:\Users\JD\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-04-30 09:13 - 2014-04-30 09:05 - 1066401792 _____ () C:\Users\JD\Downloads
 
\kubuntu-14.04-desktop-amd64.iso
2014-04-30 08:54 - 2014-04-30 08:47 - 1010827264 _____ () C:\Users\JD\Downloads
 
\ubuntu-14.04-desktop-amd64.iso
2014-04-30 01:03 - 2014-04-29 16:02 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Media Player Classic
2014-04-29 22:10 - 2014-03-03 18:25 - 00000000 ___RD () C:\Users\JD\Dropbox
2014-04-29 16:16 - 2014-04-29 16:16 - 00000000 ____D () C:\ProgramData\Real
2014-04-29 16:15 - 2014-04-29 16:15 - 00003678 _____ () C:\Windows\System32\Tasks\pcreg
2014-04-29 16:15 - 2014-04-29 16:15 - 00000000 ____D () C:\Program Files\pcreg
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\Program Files (x86)\Media 
 
Player Classic - Home Cinema
2014-04-29 15:35 - 2014-04-29 15:34 - 00000000 ____D () C:\Users\JD\Desktop\Tor Browser
2014-04-29 15:31 - 2014-04-29 15:31 - 22913908 _____ () C:\Users\JD\Downloads
 
\torbrowser-install-3.5.4_en-US.exe
2014-04-28 19:40 - 2014-03-03 18:22 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Dropbox
2014-04-28 16:25 - 2014-04-28 16:25 - 00001376 _____ () C:\Users\JD\Downloads
 
\UnfinishedUploads.usertesting
2014-04-28 16:25 - 2014-04-28 11:45 - 00000000 ____D () C:\Users\JD\Documents
 
\UserTesting
2014-04-28 16:25 - 2014-04-28 11:43 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\UserTestingPlugin
2014-04-28 11:42 - 2014-04-28 11:42 - 24394056 _____ () C:\Users\JD\Downloads
 
\InstallUserTestingPlugin-v1.8.exe
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\Documents\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Program Files 
 
(x86)\Balabolka
2014-04-28 08:31 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Hunspell
2014-04-28 08:31 - 2014-04-28 08:30 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Cross+A
2014-04-28 08:31 - 2014-04-28 08:30 - 00000000 ____D () C:\Program Files (x86)\CrossA
2014-04-26 13:36 - 2013-12-27 02:36 - 00000000 ____D () C:\Users\JD\AppData\Local\Adobe
2014-04-26 12:55 - 2013-12-27 02:37 - 00692400 _____ (Adobe Systems Incorporated) C:
 
\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-26 12:55 - 2013-12-27 02:37 - 00070832 _____ (Adobe Systems Incorporated) C:
 
\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 11:22 - 2014-04-03 11:27 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\Deployment
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\Rick Ross 
 
- Mastermind (iTunes)
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads
 
\iRickRossTheReturnofAlbertAnastasia
2014-04-25 08:30 - 2014-04-25 08:20 - 93042629 _____ () C:\Users\JD\Downloads
 
\iRickRossTheReturnofAlbertAnastasia.rar
2014-04-25 08:22 - 2014-04-25 08:22 - 00120832 _____ () C:\Users\JD\Downloads\Chapter 
 
13.ppt
2014-04-25 08:21 - 2014-04-25 08:21 - 00103424 _____ () C:\Users\JD\Downloads
 
\divest_2001.ppt
2014-04-23 16:23 - 2014-01-12 21:32 - 00000000 ____D () C:\JUnit
2014-04-23 16:06 - 2014-01-12 21:37 - 00000000 ____D () C:\JUnit_workspace
2014-04-22 11:12 - 2014-01-04 08:55 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ___RD () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\ProgramData\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Common Files
 
\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-22 11:11 - 2014-02-24 17:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-22 11:11 - 2014-01-04 08:40 - 00183452 _____ () C:\Windows\DPINST.LOG
2014-04-22 11:11 - 2013-12-27 02:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-22 11:08 - 2014-04-22 11:07 - 95240144 _____ (Intel® Corporation) C:\Users
 
\JD\Downloads\Wireless_16.11.0_s64.exe
2014-04-22 11:06 - 2014-04-22 11:06 - 26384736 _____ (Intel® Corporation) C:\Users
 
\JD\Downloads\Wireless_16.11.0_Ds64.exe
2014-04-21 20:52 - 2014-04-21 20:52 - 00000000 ____D () C:\Users\JD\Downloads\eclipse-
 
standard-kepler-SR2-win32-x86_64
2014-04-21 20:52 - 2014-04-21 20:42 - 210335332 _____ () C:\Users\JD\Downloads
 
\eclipse-standard-kepler-SR2-win32-x86_64.zip
2014-04-21 16:39 - 2014-04-21 16:39 - 00000000 ____H () C:\Windows\system32\Drivers
 
\Msft_Kernel_netaapl64_01009.Wdf
2014-04-21 16:12 - 2014-04-21 16:12 - 00002209 _____ () C:\Users\JD\Desktop\Kindle.lnk
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\Documents\My Kindle 
 
Content
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\Amazon
2014-04-21 11:19 - 2014-04-03 11:30 - 00000018 _____ () C:\Users\JD\AppData\Roaming
 
\LocationSetting.xml
2014-04-19 22:25 - 2014-04-19 22:25 - 00000000 ____D () C:\Users\JD\AppData\Local
 
\TortoiseSVN
2014-04-19 22:22 - 2014-04-19 22:08 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\TortoiseSVN
2014-04-19 22:04 - 2014-04-19 22:04 - 00000000 ____D () C:\Users\JD\AppData\Roaming
 
\Subversion
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\Common Files
 
\TortoiseOverlays
2014-04-19 20:35 - 2014-04-19 20:35 - 00000000 ____D () C:\Users\JD\Documents\Graphics
2014-04-19 11:35 - 2014-04-19 11:35 - 00000000 ____D () C:\ProgramData\Monodoc
2014-04-19 11:35 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files 
 
(x86)\Microsoft Visual Studio 10.0
2014-04-19 11:35 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-04-19 11:34 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files 
 
(x86)\Microsoft Visual Studio 11.0
2014-04-19 11:29 - 2014-04-19 11:29 - 00001159 _____ () C:\ProgramData\Microsoft
 
\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-19 11:27 - 2014-02-07 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla 
 
Maintenance Service
2014-04-19 01:19 - 2014-04-19 01:19 - 00000587 _____ () C:\Users\JD\Downloads\404.html
 
Some content of TEMP:
====================
C:\Users\JD\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe
[2014-05-14 09:13] - [2014-03-04 05:43] - 0455168 ____A (Microsoft Corporation) 
 
88AB9B72B4BF3963A0DE0820B4B0B06C
 
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-09 20:52
 
==================== End Of Log ============================

 



#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:12 AM

Posted 18 May 2014 - 04:51 AM

Hello,
look at your FRST Log and tell me the difference between your's and the other's FRST Log. It is very difficult to read. Repost the log in a normal style or attach it here.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 T3HTR33

T3HTR33
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 18 May 2014 - 07:44 AM

FRST-1

 

and

 

FRST-2 attached

 

The size of FRST-1.txt is 61.03KB

The size of FRST-2.txt is 59.74KB

Attached Files



#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:12 AM

Posted 18 May 2014 - 08:10 AM

Hey, tell me how the computer is running after you performed the scans/fixes below.

Step 1: SideBard Advice

In your logs I see that Windows SideBar is running! At the moment Windows SideBar has a security vulnerability and so I recommend you to disable it for a while. More information is here so far I noticed.

To disable Windows SideBar please follow the instructions below:

  • Download the FixIt from here to your Desktop
  • Double click on MicrosoftFixit50906.msi and follow the prompts to disable Windows SideBar and gadgets. Once finished, reboot your computer if not advised to do so.

Step 2: P2P Warning

 

IMPORTANT I see, you have one or more P2P (Person to Person) programs installed.

 
1.) You have following P2P program installed: uTorrent
2.) If you download files from non-documented sources per a P2P File sharing Program, you can expect a infection of malware. That isn't good for your PC. A long time ago File-sharing with P2P programs like UTorrent was fairly safe. But at this time it isn't true any more. Of course you can use P2P programs at your own risk, but that is maybe your source of your infection. It would be nice if you read this here. So after reading the text you will recognize why you shouldn't have them.
3.) Please read this reports about the danger of P2P Programs: 

 

 
4.) I would recommend that you uninstall the above. That would be nice. If you like to uninstall the P2P Program, you can do it via Start >> Control Panel >> Add or Remove Programs
5.) If you want to keep the program on your computer , don't use it while we are fixing your computer!

 

Step 3: FRST Fix
  • Please download the attached fixlist.txt file and save it to the same location as FRST
 
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 4: FRST Scan
 
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

Step 5: ESET

 

Please disable your AntiVirus before doing these steps!

  • If you have Win Vista / Win 7 / Win 8 please start IE as Administrator!
  • This will only work for Internet Explorer or FireFox
  • Please download ESET Online Scanner from here
How to do this?
 
  • Visit this website here
  • You will see a screen like this:
 
e922iil8.png
 

 

  • Click Run ESET Online Scanner
 
4e3svhbd.png
 
  • A Window will open (see above) - please click on the link
  • A window will pop up - please download the file to your Desktop
  • When the download has finished please run the program (for Win Vista/ Win7 / Win 8 User please run it as Administrator)
 
p35jbmyy.png
 
  • Tick the box next to YES, I accept the Terms of Use then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes. 
 
p3b9meru.png
 
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked. 
  • Now click on Advanced Settings and select the following: 
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Then click on Start
  • virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection
  • When completed the Online Scan will begin automatically. The scan may take several hours.

Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

  • After the scan is finished please click on Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt  
  • Copy and paste that log as a reply to this topic.
 

Attached Files


Edited by Machiavelli, 18 May 2014 - 08:10 AM.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 T3HTR33

T3HTR33
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 18 May 2014 - 01:46 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by JD (administrator) on JD-PC on 18-05-2014 09:34:11
Running from C:\Users\JD\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SRS Labs, Inc.) C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
(Spotify Ltd) C:\Users\JD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Flux Software LLC) C:\Users\JD\AppData\Local\FluxSoftware\Flux\flux.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe
() C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [SRSAENotifier] => C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe [570272 2012-06-25] (SRS Labs, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [Spotify Web Helper] => C:\Users\JD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-30] (Spotify Ltd)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [f.lux] => C:\Users\JD\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe [771584 2013-11-25] (Oracle Corporation)
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Run: [SRSHDAudioLab] => C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe [5446056 2012-06-25] ()
HKU\S-1-5-21-3445841713-141878099-3738870165-1001\...\Policies\Explorer: [HideSCAHealth] 1
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFBED9B3AAC63CF01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Microsoft.Search.HRSToolBar.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-715931e2775d} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing HRS Toolbar - {c9a6357b-25cc-4bcf-96c1-78736985d414} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{17F7ECBE-70A2-49AC-ABBD-8A49223A0755}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\JD\AppData\Roaming\Mozilla\Firefox\Profiles\r1r3fpjh.default-1398206828892
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\JD\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014-03-11]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5 [2014-01-24]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\JD\AppData\Roaming\IDM\idmmzcc5 [2014-01-24]
 
Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Internet Download Manager Plugin) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.19.2_0\IDMGCExt.dll (Tonec Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\JD\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08]
CHR Extension: (Google Drive) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08]
CHR Extension: (Leapforce Extension) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\belncckcaakhmonmcfmegbglccbjlebc [2014-03-03]
CHR Extension: (RaterAide) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlblfbajhmkflfamdiiccdohdkbdaon [2014-05-13]
CHR Extension: (YouTube) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08]
CHR Extension: (Adblock Plus) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-27]
CHR Extension: (Google Search) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-01-24]
CHR Extension: (IDM Integration Module) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-01-24]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2014-03-03]
CHR Extension: (Google Wallet) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08]
CHR Extension: (Gmail) - C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-01-16]
 
==================== Services (Whitelisted) =================
 
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2014-01-14] (Apple Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14237 2014-02-10] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 SRSHDAudioService; C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [13232 2012-06-25] (SRS Labs, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-08] (Disc Soft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [549704 2012-06-21] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [783360 2010-04-27] (Atheros Communications, Inc.)
R3 WSIMD; C:\Windows\System32\DRIVERS\wsimdx.sys [75776 2009-03-17] (Atheros Communications, Inc.)
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-18 09:34 - 2014-05-18 09:34 - 00023967 _____ () C:\Users\JD\Desktop\FRST.txt
2014-05-18 09:26 - 2014-05-18 09:26 - 00984576 _____ () C:\Users\JD\Desktop\MicrosoftFixit50906.msi
2014-05-17 20:23 - 2014-05-17 20:23 - 00061178 _____ () C:\Users\JD\Desktop\FRST-2.txt
2014-05-17 20:20 - 2014-05-17 20:20 - 02067456 _____ (Farbar) C:\Users\JD\Desktop\FRST64.exe
2014-05-17 20:17 - 2014-05-17 20:17 - 00000768 _____ () C:\Users\JD\Desktop\JRT.txt
2014-05-17 19:52 - 2014-05-17 19:52 - 00000000 ____D () C:\Windows\ERUNT
2014-05-17 19:51 - 2014-05-17 19:51 - 01016261 _____ (Thisisu) C:\Users\JD\Desktop\JRT.exe
2014-05-17 10:51 - 2014-05-17 19:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 10:51 - 2014-05-17 10:51 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 10:51 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-17 10:51 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-17 10:51 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-17 10:44 - 2014-05-17 10:44 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\JD\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-17 10:41 - 2014-05-17 10:41 - 00003209 _____ () C:\Users\JD\Desktop\AdwCleaner[S0].txt
2014-05-17 10:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-17 10:31 - 2014-05-17 10:31 - 01325827 _____ () C:\Users\JD\Desktop\AdwCleaner.exe
2014-05-16 22:20 - 2014-05-18 08:42 - 00062492 _____ () C:\Users\JD\Desktop\FRST-1.txt
2014-05-16 22:20 - 2014-05-16 22:20 - 00049167 _____ () C:\Users\JD\Desktop\Addition.txt
2014-05-16 20:02 - 2014-05-18 09:34 - 00000000 ____D () C:\FRST
2014-05-16 14:02 - 2014-05-16 14:06 - 00031780 _____ () C:\Users\JD\Desktop\dds.txt
2014-05-16 14:02 - 2014-05-16 14:06 - 00012772 _____ () C:\Users\JD\Desktop\attach.txt
2014-05-16 13:56 - 2014-05-16 13:56 - 00688992 ____R (Swearware) C:\Users\JD\Desktop\dds.com
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-05-14 14:57 - 2014-05-14 14:59 - 07245560 _____ () C:\Users\JD\Desktop\python-2.7.6-docs-html.zip
2014-05-14 14:09 - 2014-05-14 14:12 - 00000000 ____D () C:\Android_ADT
2014-05-14 13:42 - 2014-05-14 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-05-14 13:41 - 2014-05-14 13:42 - 00000000 ____D () C:\Python
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 09:23 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 09:23 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 09:23 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 09:23 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 09:23 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 09:23 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 09:13 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 09:13 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 09:13 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 09:13 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 09:13 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 09:13 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 09:13 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 09:13 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 09:13 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 09:13 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 09:13 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 09:13 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 09:13 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 09:13 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 09:13 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 09:13 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 09:12 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 09:12 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 09:12 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 21:35 - 2014-05-13 21:35 - 00002151 _____ () C:\Users\JD\AppData\Local\recently-used.xbel
2014-05-13 13:15 - 2014-05-13 13:15 - 00000000 ____D () C:\Windows\Sun
2014-05-13 13:12 - 2014-05-13 13:12 - 00000000 ____D () C:\Users\JD\AppData\Local\DDMSettings
2014-05-11 12:46 - 2014-05-11 12:46 - 00000000 ____D () C:\Users\JD\Documents\Virtual Machines
2014-05-10 19:45 - 2014-05-10 19:47 - 16281600 _____ () C:\Users\JD\Desktop\python-2.7.6.msi
2014-05-10 19:44 - 2014-05-10 19:44 - 00000000 ____D () C:\Users\JD\.idlerc
2014-05-09 12:32 - 2014-05-09 12:32 - 00000000 ____D () C:\Users\JD\Desktop\Archive-3c9f
2014-05-08 09:53 - 2014-05-08 09:57 - 00000074 _____ () C:\Users\JD\Desktop\cc.txt
2014-05-05 12:41 - 2014-05-05 12:41 - 00000032 _____ () C:\Users\JD\Desktop\sirius.txt
2014-05-02 21:46 - 2014-05-02 21:46 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-05-02 20:49 - 2014-05-02 20:49 - 00000000 ____D () C:\Users\JD\AppData\Local\gtk-2.0
2014-05-01 17:00 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\SRS Labs
2014-05-01 13:47 - 2014-05-01 13:47 - 00000000 ____D () C:\Users\JD\AppData\Local\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Roaming\Subversion
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Roaming\Intel
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Local\TSVNCache
2014-05-01 06:46 - 2013-12-21 05:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-01 06:46 - 2013-12-21 03:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-01 06:31 - 2014-03-13 02:33 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-01 06:31 - 2014-03-13 02:32 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-01 06:31 - 2014-03-13 02:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-01 06:31 - 2014-03-13 02:31 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-01 06:31 - 2014-03-13 01:10 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-01 06:31 - 2014-03-13 01:10 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-01 06:31 - 2014-03-13 01:09 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-01 06:31 - 2014-03-12 23:59 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-01 06:31 - 2014-03-12 23:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-01 06:29 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-01 06:29 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-01 06:29 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-01 06:29 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-01 06:29 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-01 06:29 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-01 06:29 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-01 06:29 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-30 15:12 - 2014-04-30 15:12 - 00001773 _____ () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-04-30 09:05 - 2014-04-30 09:13 - 1066401792 _____ () C:\Users\JD\Downloads\kubuntu-14.04-desktop-amd64.iso
2014-04-30 08:47 - 2014-04-30 08:54 - 1010827264 _____ () C:\Users\JD\Downloads\ubuntu-14.04-desktop-amd64.iso
2014-04-29 16:16 - 2014-04-29 16:16 - 00000000 ____D () C:\ProgramData\Real
2014-04-29 16:02 - 2014-04-30 01:03 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Media Player Classic
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\Program Files (x86)\Media Player Classic - Home Cinema
2014-04-29 15:34 - 2014-04-29 15:35 - 00000000 ____D () C:\Users\JD\Desktop\Tor Browser
2014-04-29 15:31 - 2014-04-29 15:31 - 22913908 _____ () C:\Users\JD\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-28 16:25 - 2014-04-28 16:25 - 00001376 _____ () C:\Users\JD\Downloads\UnfinishedUploads.usertesting
2014-04-28 11:45 - 2014-04-28 16:25 - 00000000 ____D () C:\Users\JD\Documents\UserTesting
2014-04-28 11:43 - 2014-04-28 16:25 - 00000000 ____D () C:\Users\JD\AppData\Local\UserTestingPlugin
2014-04-28 11:42 - 2014-04-28 11:42 - 24394056 _____ () C:\Users\JD\Downloads\InstallUserTestingPlugin-v1.8.exe
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\Documents\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Program Files (x86)\Balabolka
2014-04-28 08:31 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Hunspell
2014-04-28 08:30 - 2014-05-13 14:12 - 00000000 ____D () C:\Users\JD\Documents\Cross+A
2014-04-28 08:30 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Cross+A
2014-04-28 08:30 - 2014-04-28 08:31 - 00000000 ____D () C:\Program Files (x86)\CrossA
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\Rick Ross - Mastermind (iTunes)
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\iRickRossTheReturnofAlbertAnastasia
2014-04-25 08:22 - 2014-04-25 08:22 - 00120832 _____ () C:\Users\JD\Downloads\Chapter 13.ppt
2014-04-25 08:21 - 2014-04-25 08:21 - 00103424 _____ () C:\Users\JD\Downloads\divest_2001.ppt
2014-04-25 08:20 - 2014-04-25 08:30 - 93042629 _____ () C:\Users\JD\Downloads\iRickRossTheReturnofAlbertAnastasia.rar
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\ProgramData\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-22 11:07 - 2014-04-22 11:08 - 95240144 _____ (Intel® Corporation) C:\Users\JD\Downloads\Wireless_16.11.0_s64.exe
2014-04-22 11:06 - 2014-04-22 11:06 - 26384736 _____ (Intel® Corporation) C:\Users\JD\Downloads\Wireless_16.11.0_Ds64.exe
2014-04-21 20:52 - 2014-04-21 20:52 - 00000000 ____D () C:\Users\JD\Downloads\eclipse-standard-kepler-SR2-win32-x86_64
2014-04-21 20:42 - 2014-04-21 20:52 - 210335332 _____ () C:\Users\JD\Downloads\eclipse-standard-kepler-SR2-win32-x86_64.zip
2014-04-21 16:39 - 2014-04-21 16:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-04-21 16:12 - 2014-04-21 16:12 - 00002209 _____ () C:\Users\JD\Desktop\Kindle.lnk
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\Documents\My Kindle Content
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\AppData\Local\Amazon
2014-04-19 22:25 - 2014-04-19 22:25 - 00000000 ____D () C:\Users\JD\AppData\Local\TortoiseSVN
2014-04-19 22:17 - 2014-05-18 09:29 - 00000000 ____D () C:\Users\JD\AppData\Local\TSVNCache
2014-04-19 22:08 - 2014-04-19 22:22 - 00000000 ____D () C:\Users\JD\AppData\Roaming\TortoiseSVN
2014-04-19 22:04 - 2014-04-19 22:04 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Subversion
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2014-04-19 20:35 - 2014-04-19 20:35 - 00000000 ____D () C:\Users\JD\Documents\Graphics
2014-04-19 11:38 - 2014-05-17 10:39 - 00000000 ____D () C:\AdwCleaner
2014-04-19 11:35 - 2014-04-19 11:35 - 00000000 ____D () C:\ProgramData\Monodoc
2014-04-19 11:34 - 2014-04-19 11:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-04-19 11:34 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-04-19 11:29 - 2014-04-19 11:29 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-19 01:19 - 2014-04-19 01:19 - 00000587 _____ () C:\Users\JD\Downloads\404.html
 
==================== One Month Modified Files and Folders =======
 
2014-05-18 09:34 - 2014-05-18 09:34 - 00023967 _____ () C:\Users\JD\Desktop\FRST.txt
2014-05-18 09:34 - 2014-05-16 20:02 - 00000000 ____D () C:\FRST
2014-05-18 09:29 - 2014-04-19 22:17 - 00000000 ____D () C:\Users\JD\AppData\Local\TSVNCache
2014-05-18 09:29 - 2014-02-10 21:41 - 00000000 ____D () C:\ProgramData\VMware
2014-05-18 09:29 - 2014-01-08 21:12 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-18 09:28 - 2014-01-14 01:23 - 00000378 _____ () C:\Windows\Tasks\SLOW-PCfighter64-JD-Notification.job
2014-05-18 09:28 - 2014-01-14 01:23 - 00000376 _____ () C:\Windows\Tasks\SLOW-PCfighter64-JD-Startup.job
2014-05-18 09:28 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 09:28 - 2009-07-14 00:51 - 00020420 _____ () C:\Windows\setupact.log
2014-05-18 09:27 - 2013-12-27 05:26 - 01325548 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 09:26 - 2014-05-18 09:26 - 00984576 _____ () C:\Users\JD\Desktop\MicrosoftFixit50906.msi
2014-05-18 09:21 - 2014-02-25 20:50 - 00000544 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3445841713-141878099-3738870165-1001.job
2014-05-18 08:42 - 2014-05-16 22:20 - 00062492 _____ () C:\Users\JD\Desktop\FRST-1.txt
2014-05-18 08:37 - 2009-07-14 00:45 - 00034720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-18 08:37 - 2009-07-14 00:45 - 00034720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-18 08:35 - 2014-01-08 21:13 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-18 08:33 - 2013-12-27 02:58 - 00003902 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D87CBFDE-4887-4F44-917D-04346E4857EF}
2014-05-17 22:31 - 2014-01-08 03:10 - 00000000 ____D () C:\Users\JD\AppData\Roaming\DMCache
2014-05-17 22:29 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-17 21:25 - 2014-03-11 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 20:23 - 2014-05-17 20:23 - 00061178 _____ () C:\Users\JD\Desktop\FRST-2.txt
2014-05-17 20:20 - 2014-05-17 20:20 - 02067456 _____ (Farbar) C:\Users\JD\Desktop\FRST64.exe
2014-05-17 20:17 - 2014-05-17 20:17 - 00000768 _____ () C:\Users\JD\Desktop\JRT.txt
2014-05-17 19:52 - 2014-05-17 19:52 - 00000000 ____D () C:\Windows\ERUNT
2014-05-17 19:51 - 2014-05-17 19:51 - 01016261 _____ (Thisisu) C:\Users\JD\Desktop\JRT.exe
2014-05-17 19:47 - 2014-05-17 10:51 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 11:32 - 2010-11-20 23:47 - 00161972 _____ () C:\Windows\PFRO.log
2014-05-17 10:51 - 2014-05-17 10:51 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 10:51 - 2014-05-17 10:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 10:46 - 2014-04-03 11:06 - 00000000 ____D () C:\Users\JD\Documents\Outlook Files
2014-05-17 10:44 - 2014-05-17 10:44 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\JD\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-17 10:41 - 2014-05-17 10:41 - 00003209 _____ () C:\Users\JD\Desktop\AdwCleaner[S0].txt
2014-05-17 10:39 - 2014-04-19 11:38 - 00000000 ____D () C:\AdwCleaner
2014-05-17 10:31 - 2014-05-17 10:31 - 01325827 _____ () C:\Users\JD\Desktop\AdwCleaner.exe
2014-05-16 22:20 - 2014-05-16 22:20 - 00049167 _____ () C:\Users\JD\Desktop\Addition.txt
2014-05-16 14:06 - 2014-05-16 14:02 - 00031780 _____ () C:\Users\JD\Desktop\dds.txt
2014-05-16 14:06 - 2014-05-16 14:02 - 00012772 _____ () C:\Users\JD\Desktop\attach.txt
2014-05-16 13:56 - 2014-05-16 13:56 - 00688992 ____R (Swearware) C:\Users\JD\Desktop\dds.com
2014-05-16 10:33 - 2014-01-09 11:08 - 00000000 ____D () C:\Users\JD\AppData\Roaming\vlc
2014-05-15 20:14 - 2014-01-23 13:57 - 00000000 ____D () C:\Users\JD\workspace
2014-05-15 03:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files\SRS Labs
2014-05-14 23:37 - 2014-05-14 23:37 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-05-14 23:37 - 2014-05-01 17:00 - 00000000 ____D () C:\Program Files\SRS Labs
2014-05-14 14:59 - 2014-05-14 14:57 - 07245560 _____ () C:\Users\JD\Desktop\python-2.7.6-docs-html.zip
2014-05-14 14:12 - 2014-05-14 14:09 - 00000000 ____D () C:\Android_ADT
2014-05-14 13:42 - 2014-05-14 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-05-14 13:42 - 2014-05-14 13:41 - 00000000 ____D () C:\Python
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 09:30 - 2014-05-14 09:30 - 00000000 ___RD () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 09:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 09:25 - 2014-01-08 03:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 09:23 - 2014-01-08 03:34 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 09:21 - 2013-12-27 11:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 21:36 - 2014-03-20 11:45 - 00000000 ____D () C:\Users\JD\.gimp-2.8
2014-05-13 21:35 - 2014-05-13 21:35 - 00002151 _____ () C:\Users\JD\AppData\Local\recently-used.xbel
2014-05-13 16:28 - 2014-01-04 08:44 - 00007608 _____ () C:\Users\JD\AppData\Local\resmon.resmoncfg
2014-05-13 14:30 - 2014-01-08 21:13 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-13 14:30 - 2014-01-08 21:12 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-13 14:30 - 2009-07-14 01:13 - 00803532 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 14:23 - 2013-12-27 02:53 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-13 14:18 - 2014-03-24 03:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-05-13 14:18 - 2014-03-24 03:31 - 00000000 ____D () C:\ProgramData\DivX
2014-05-13 14:18 - 2014-03-24 03:31 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-05-13 14:17 - 2014-01-06 16:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-13 14:14 - 2013-12-27 02:28 - 00000000 ____D () C:\Users\JD
2014-05-13 14:12 - 2014-04-28 08:30 - 00000000 ____D () C:\Users\JD\Documents\Cross+A
2014-05-13 14:12 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.6
2014-05-13 14:12 - 2014-04-03 15:41 - 00000000 ____D () C:\Users\standard
2014-05-13 14:12 - 2014-03-24 03:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming\DivX
2014-05-13 14:12 - 2014-02-18 22:50 - 00000000 ____D () C:\Users\JD\.android
2014-05-13 14:12 - 2014-02-10 23:15 - 00000000 ____D () C:\Users\JD\AppData\Roaming\VMware
2014-05-13 14:12 - 2014-02-09 13:24 - 00000000 ____D () C:\Windows\AutoKMS
2014-05-13 14:12 - 2014-01-08 03:35 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-13 14:12 - 2013-12-28 14:21 - 00000000 ____D () C:\Users\JD\AppData\Roaming\uTorrent
2014-05-13 14:12 - 2011-04-12 04:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\security
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-13 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-13 14:11 - 2014-02-24 18:26 - 00000000 ____D () C:\Users\JD\Documents\Visual Studio 2013
2014-05-13 14:11 - 2014-01-08 03:10 - 00000000 ____D () C:\Users\JD\Downloads\Compressed
2014-05-13 14:10 - 2014-01-24 23:01 - 00000000 ____D () C:\Users\JD\AppData\Roaming\IDM
2014-05-13 13:15 - 2014-05-13 13:15 - 00000000 ____D () C:\Windows\Sun
2014-05-13 13:12 - 2014-05-13 13:12 - 00000000 ____D () C:\Users\JD\AppData\Local\DDMSettings
2014-05-11 21:06 - 2014-02-10 23:15 - 00000000 ____D () C:\Users\JD\AppData\Local\VMware
2014-05-11 12:46 - 2014-05-11 12:46 - 00000000 ____D () C:\Users\JD\Documents\Virtual Machines
2014-05-10 19:47 - 2014-05-10 19:45 - 16281600 _____ () C:\Users\JD\Desktop\python-2.7.6.msi
2014-05-10 19:44 - 2014-05-10 19:44 - 00000000 ____D () C:\Users\JD\.idlerc
2014-05-09 12:32 - 2014-05-09 12:32 - 00000000 ____D () C:\Users\JD\Desktop\Archive-3c9f
2014-05-08 09:57 - 2014-05-08 09:53 - 00000074 _____ () C:\Users\JD\Desktop\cc.txt
2014-05-06 01:14 - 2014-05-14 09:23 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-14 09:23 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 23:48 - 2014-05-14 09:23 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:48 - 2014-05-14 09:23 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 23:37 - 2014-05-14 09:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:26 - 2014-05-14 09:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 22:12 - 2014-01-15 00:27 - 00000000 ____D () C:\Users\JD\AppData\Local\Spotify
2014-05-05 12:41 - 2014-05-05 12:41 - 00000032 _____ () C:\Users\JD\Desktop\sirius.txt
2014-05-04 17:12 - 2013-12-27 11:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-02 21:46 - 2014-05-02 21:46 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-05-02 20:49 - 2014-05-02 20:49 - 00000000 ____D () C:\Users\JD\AppData\Local\gtk-2.0
2014-05-01 16:50 - 2013-12-27 02:53 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-01 16:32 - 2013-12-27 02:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-01 13:47 - 2014-05-01 13:47 - 00000000 ____D () C:\Users\JD\AppData\Local\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-01 11:39 - 2014-05-01 11:39 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Roaming\Subversion
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Roaming\Intel
2014-05-01 07:11 - 2014-05-01 07:11 - 00000000 ____D () C:\Users\standard\AppData\Local\TSVNCache
2014-05-01 06:54 - 2009-07-14 00:45 - 00451976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-01 06:43 - 2014-03-25 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-30 23:36 - 2014-02-27 12:49 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Skype
2014-04-30 21:43 - 2014-01-14 14:37 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Spotify
2014-04-30 20:31 - 2013-12-28 14:25 - 00000000 ____D () C:\Users\JD\Downloads\torrents
2014-04-30 15:12 - 2014-04-30 15:12 - 00001773 _____ () C:\Users\JD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-04-30 09:13 - 2014-04-30 09:05 - 1066401792 _____ () C:\Users\JD\Downloads\kubuntu-14.04-desktop-amd64.iso
2014-04-30 08:54 - 2014-04-30 08:47 - 1010827264 _____ () C:\Users\JD\Downloads\ubuntu-14.04-desktop-amd64.iso
2014-04-30 01:03 - 2014-04-29 16:02 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Media Player Classic
2014-04-29 22:10 - 2014-03-03 18:25 - 00000000 ___RD () C:\Users\JD\Dropbox
2014-04-29 16:16 - 2014-04-29 16:16 - 00000000 ____D () C:\ProgramData\Real
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2014-04-29 16:02 - 2014-04-29 16:02 - 00000000 ____D () C:\Program Files (x86)\Media Player Classic - Home Cinema
2014-04-29 15:35 - 2014-04-29 15:34 - 00000000 ____D () C:\Users\JD\Desktop\Tor Browser
2014-04-29 15:31 - 2014-04-29 15:31 - 22913908 _____ () C:\Users\JD\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-28 19:40 - 2014-03-03 18:22 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Dropbox
2014-04-28 16:25 - 2014-04-28 16:25 - 00001376 _____ () C:\Users\JD\Downloads\UnfinishedUploads.usertesting
2014-04-28 16:25 - 2014-04-28 11:45 - 00000000 ____D () C:\Users\JD\Documents\UserTesting
2014-04-28 16:25 - 2014-04-28 11:43 - 00000000 ____D () C:\Users\JD\AppData\Local\UserTestingPlugin
2014-04-28 11:42 - 2014-04-28 11:42 - 24394056 _____ () C:\Users\JD\Downloads\InstallUserTestingPlugin-v1.8.exe
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\Documents\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Balabolka
2014-04-28 08:33 - 2014-04-28 08:33 - 00000000 ____D () C:\Program Files (x86)\Balabolka
2014-04-28 08:31 - 2014-04-28 08:31 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Hunspell
2014-04-28 08:31 - 2014-04-28 08:30 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Cross+A
2014-04-28 08:31 - 2014-04-28 08:30 - 00000000 ____D () C:\Program Files (x86)\CrossA
2014-04-26 13:36 - 2013-12-27 02:36 - 00000000 ____D () C:\Users\JD\AppData\Local\Adobe
2014-04-26 12:55 - 2013-12-27 02:37 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-26 12:55 - 2013-12-27 02:37 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 11:22 - 2014-04-03 11:27 - 00000000 ____D () C:\Users\JD\AppData\Local\Deployment
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\Rick Ross - Mastermind (iTunes)
2014-04-25 08:31 - 2014-04-25 08:31 - 00000000 ____D () C:\Users\JD\Downloads\iRickRossTheReturnofAlbertAnastasia
2014-04-25 08:30 - 2014-04-25 08:20 - 93042629 _____ () C:\Users\JD\Downloads\iRickRossTheReturnofAlbertAnastasia.rar
2014-04-25 08:22 - 2014-04-25 08:22 - 00120832 _____ () C:\Users\JD\Downloads\Chapter 13.ppt
2014-04-25 08:21 - 2014-04-25 08:21 - 00103424 _____ () C:\Users\JD\Downloads\divest_2001.ppt
2014-04-23 16:23 - 2014-01-12 21:32 - 00000000 ____D () C:\JUnit
2014-04-23 16:06 - 2014-01-12 21:37 - 00000000 ____D () C:\JUnit_workspace
2014-04-22 11:12 - 2014-01-04 08:55 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\ProgramData\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-04-22 11:11 - 2014-04-22 11:11 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-22 11:11 - 2014-02-24 17:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-22 11:11 - 2014-01-04 08:40 - 00183452 _____ () C:\Windows\DPINST.LOG
2014-04-22 11:11 - 2013-12-27 02:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-22 11:08 - 2014-04-22 11:07 - 95240144 _____ (Intel® Corporation) C:\Users\JD\Downloads\Wireless_16.11.0_s64.exe
2014-04-22 11:06 - 2014-04-22 11:06 - 26384736 _____ (Intel® Corporation) C:\Users\JD\Downloads\Wireless_16.11.0_Ds64.exe
2014-04-21 20:52 - 2014-04-21 20:52 - 00000000 ____D () C:\Users\JD\Downloads\eclipse-standard-kepler-SR2-win32-x86_64
2014-04-21 20:52 - 2014-04-21 20:42 - 210335332 _____ () C:\Users\JD\Downloads\eclipse-standard-kepler-SR2-win32-x86_64.zip
2014-04-21 16:39 - 2014-04-21 16:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-04-21 16:12 - 2014-04-21 16:12 - 00002209 _____ () C:\Users\JD\Desktop\Kindle.lnk
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\Documents\My Kindle Content
2014-04-21 16:12 - 2014-04-21 16:12 - 00000000 ____D () C:\Users\JD\AppData\Local\Amazon
2014-04-21 11:19 - 2014-04-03 11:30 - 00000018 _____ () C:\Users\JD\AppData\Roaming\LocationSetting.xml
2014-04-19 22:25 - 2014-04-19 22:25 - 00000000 ____D () C:\Users\JD\AppData\Local\TortoiseSVN
2014-04-19 22:22 - 2014-04-19 22:08 - 00000000 ____D () C:\Users\JD\AppData\Roaming\TortoiseSVN
2014-04-19 22:04 - 2014-04-19 22:04 - 00000000 ____D () C:\Users\JD\AppData\Roaming\Subversion
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\TortoiseSVN
2014-04-19 22:03 - 2014-04-19 22:03 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2014-04-19 20:35 - 2014-04-19 20:35 - 00000000 ____D () C:\Users\JD\Documents\Graphics
2014-04-19 11:35 - 2014-04-19 11:35 - 00000000 ____D () C:\ProgramData\Monodoc
2014-04-19 11:35 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-04-19 11:35 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-04-19 11:34 - 2014-04-19 11:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-04-19 11:29 - 2014-04-19 11:29 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-19 11:27 - 2014-02-07 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 01:19 - 2014-04-19 01:19 - 00000587 _____ () C:\Users\JD\Downloads\404.html
 
Some content of TEMP:
====================
C:\Users\JD\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe
[2014-05-14 09:13] - [2014-03-04 05:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C
 
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-09 20:52
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b4a3bbdbda8b494798b100fa51e48858
# engine=18312
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-18 06:32:25
# local_time=2014-05-18 02:32:25 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3074 16777213 100 84 1685258 34289585 0 0
# compatibility_mode=5893 16776574 100 94 8797687 151981395 0 0
# scanned=498175
# found=15
# cleaned=0
# scan_time=17569
sh=1A488C5A3C92DC50EEB7C63068E0BA23EB5A6917 ft=1 fh=6fb64385c043bfe7 vn="a variant of Win32/4Shared.T potentially unwanted application" ac=I fn="C:\Program Files (x86)\B1 Free Archiver\installer.exe"
sh=00FD22437D8D96651B6B2877CF4520460E65887C ft=1 fh=50ecb33ec8ca44cb vn="Win32/Somoto.N potentially unwanted application" ac=I fn="C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\File System\022\t\00\00000000"
sh=E4F4A549F04A2D24B4412CA700645D4F5F5ECB39 ft=1 fh=7d9c0937e85d90a2 vn="Win32/Somoto.N potentially unwanted application" ac=I fn="C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\File System\022\t\00\00000001"
sh=686FFA84B518F63667B17939C4F8B475226C06C6 ft=1 fh=ef34117524fb94cb vn="a variant of Win32/CNETInstaller.B potentially unwanted application" ac=I fn="C:\Users\JD\Downloads\cbsidlm-cbsi176-Spesoft_Free_Text_To_MP3_Speaker-SEO-10921837.exe"
sh=932E042070F1567ED5A116E98E3C04D7D07E0681 ft=1 fh=3bf8f6c29b1c29c3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\JD\Downloads\ccsetup409 (1).exe"
sh=C133DB147FA578119F34B675D45B477E110761B2 ft=1 fh=9272027fde077ca7 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\JD\Downloads\ccsetup412.exe"
sh=E294543BBA3DE08D493B17751FD3299001AEE36F ft=1 fh=f1639027913a61ae vn="a variant of Win32/OpenInstall potentially unwanted application" ac=I fn="C:\Users\JD\Downloads\DriverIdentifier(1).exe"
sh=E294543BBA3DE08D493B17751FD3299001AEE36F ft=1 fh=f1639027913a61ae vn="a variant of Win32/OpenInstall potentially unwanted application" ac=I fn="C:\Users\JD\Downloads\DriverIdentifier(2).exe"
sh=E294543BBA3DE08D493B17751FD3299001AEE36F ft=1 fh=f1639027913a61ae vn="a variant of Win32/OpenInstall potentially unwanted application" ac=I fn="C:\Users\JD\Downloads\DriverIdentifier.exe"
sh=3DA9EED22D0DA5773E165F8A93BAED6BA592F4FE ft=1 fh=0b39d341204c15e3 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\JD\Downloads\SpesoftTextToMP3Setup.exe"
sh=33B017C763E79F17E0F0D0A215033CA92E4E81C3 ft=1 fh=766597e0024fcdbd vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\JD\Downloads\spsetup124.exe"
sh=8A72F448F17C026A1B2A59686DE720079CCBA08F ft=1 fh=4d4a711952b3453e vn="Win32/DownWare.L potentially unwanted application" ac=I fn="C:\Users\JD\Downloads\Programs\DTLite4481-0347.exe"

 

Attached Files



#10 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:12 AM

Posted 18 May 2014 - 02:36 PM

Hey,
tell me how the computer is running after you performed the step below.
  • Please download the attached fixlist.txt file and save it to the same location as FRST

    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

Attached Files


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#11 T3HTR33

T3HTR33
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 18 May 2014 - 03:25 PM

Hello,
 
The computer is still having the problem. It is happening with Chrome open 7 tabs open. Watching a YouTube video. Happened again.This time I noticed a cmd.exe process (command prompt) open I had not started and it was using 25% CPU.
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by JD at 2014-05-18 16:22:52 Run:2
Running from C:\Users\JD\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
C:\Program Files (x86)\B1 Free Archiver
C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\File System\022\t\00\00000000
C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\File System\022\t\00\00000001
C:\Users\JD\Downloads\cbsidlm-cbsi176-Spesoft_Free_Text_To_MP3_Speaker-SEO-10921837.exe
C:\Users\JD\Downloads\ccsetup409 (1).exe
C:\Users\JD\Downloads\ccsetup412.exe
C:\Users\JD\Downloads\DriverIdentifier(1).exe
C:\Users\JD\Downloads\DriverIdentifier(2).exe
C:\Users\JD\Downloads\DriverIdentifier.exe
C:\Users\JD\Downloads\SpesoftTextToMP3Setup.exe
C:\Users\JD\Downloads\spsetup124.exe
C:\Users\JD\Downloads\Programs\DTLite4481-0347.exe
 
*****************
 
C:\Program Files (x86)\B1 Free Archiver => Moved successfully.
C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\File System\022\t\00\00000000 => Moved successfully.
C:\Users\JD\AppData\Local\Google\Chrome\User Data\Default\File System\022\t\00\00000001 => Moved successfully.
C:\Users\JD\Downloads\cbsidlm-cbsi176-Spesoft_Free_Text_To_MP3_Speaker-SEO-10921837.exe => Moved successfully.
C:\Users\JD\Downloads\ccsetup409 (1).exe => Moved successfully.
C:\Users\JD\Downloads\ccsetup412.exe => Moved successfully.
C:\Users\JD\Downloads\DriverIdentifier(1).exe => Moved successfully.
C:\Users\JD\Downloads\DriverIdentifier(2).exe => Moved successfully.
C:\Users\JD\Downloads\DriverIdentifier.exe => Moved successfully.
C:\Users\JD\Downloads\SpesoftTextToMP3Setup.exe => Moved successfully.
C:\Users\JD\Downloads\spsetup124.exe => Moved successfully.
C:\Users\JD\Downloads\Programs\DTLite4481-0347.exe => Moved successfully.
 
==== End of Fixlog ====

Edited by T3HTR33, 18 May 2014 - 10:14 PM.


#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:12 AM

Posted 19 May 2014 - 09:31 AM

Step 1: TFC
  • Download TFC (by OldTimer) to your desktop
  • Double click on TFC.exe to run it
  • Once started, TFC will close all windows so make sure you have saved all of your work!
  • Click on the Start button to begin the cleaning
  • Let it run uninterrupted. The process should take a few minutes so be patient
  • When it finishes it should automatically reboot your computer, if it doesn't then please manually reboot to complete the cleaning process
Step 2: SFC Scan
  • Click on the Start Start%20Orb.jpg button and in the search box, type Command Prompt
  • When you see Command Prompt on the list, right-click on it and select Run as administrator
  • When command prompt opens, copy and paste the following commands into it, press enter after each

    sfc /scannow
  • This will take some time to complete.
Step 3: Export CBS folder
  • Click the Start button StartButton_16x16.gif then click Computer.
  • Double-click on the C: drive, under the Hard Disk Drives category, and then scroll down to, and double click on the Windows folder.
  • Find and double click on the Logs folder.
  • Right-click on the CBS folder, and select Copy.
  • Go back to your Desktop, right-click on it, and select Paste. You should now see a copy of the CBS folder appear on your Desktop called CBS.
  • Right-click on this new folder, and navigate through Send to, and select Compressed (zipped) folder.
  • A new file, also called CBS (CBS.zip), but this time with a different icon, will be created.
  • Attach this to your next post please. If it is too big, please use an alternative uploading method then send me the link (Dropbox, SkyDrive, SendSpace etc.).

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 T3HTR33

T3HTR33
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 19 May 2014 - 10:28 AM

https://www.dropbox.com/s/yp2s5p5cejrtwg8/CBS.zip



#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:12 AM

Posted 19 May 2014 - 11:26 AM

Just to check for RootKits, but I believe the issue is related to Hardware,

aswMBR

Please download aswMBR from one of the links below and save it to your Desktop.

Download Mirror #1

  • Right-click on aswMBR.exe and select Run as Administrator.
  • Click Yes when asked to download the Avast! definitions.
  • Click Scan to initiate the scan.
  • When the scan finishes, click Save Log and save this to your Desktop.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Then, please perform a new FRST Scan and post the Logs.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#15 T3HTR33

T3HTR33
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 19 May 2014 - 02:45 PM

Every time I run the antiroot kit it crashes. It never finishes. But I think it is hardware related as my internal wifi card has failed, my battery is failing, and I have a line of horizontal pixels across my screen. Should I get new memory sticks? The laptop is 4 years old.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users