Hello Naat!
Thank you so much for your response, getting your help is just awesome!, I read your instructions carefully and below are the attached information you requested.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Jon (administrator) on JON-PC on 17-08-2014 09:20:26
Running from C:\Users\Jon\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
() C:\Program Files (x86)\Microsoft Device Health\DhMachineSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(LULU Software Limited) C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
(LULU Software Limited) C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe
(Black Oak Computers, Inc.) C:\Program Files (x86)\StrongVPN\StrongService.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
() C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell) C:\Users\Jon\AppData\Local\Apps\2.0\E501HQH7.W7B\ZYYOXPZQ.9Y7\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
(Dropbox, Inc.) C:\Users\Jon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Black Oak Computers, Inc.) C:\Program Files (x86)\StrongVPN\StrongDial.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2011-12-02] (Intel® Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-20] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1522901231-1283582495-1218869647-1002\...\Run: [StrongVPN Client] => C:\Program Files (x86)\StrongVPN\StrongDial.exe [1456976 2013-10-31] (Black Oak Computers, Inc.)
HKU\S-1-5-21-1522901231-1283582495-1218869647-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1522901231-1283582495-1218869647-1002\...\Run: [uTorrent] => C:\Users\Jon\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-02] (BitTorrent Inc.)
HKU\S-1-5-21-1522901231-1283582495-1218869647-1002\...\Run: [DellSystemDetect] => C:\Users\Jon\AppData\Local\Apps\2.0\E501HQH7.W7B\ZYYOXPZQ.9Y7\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [254976 2014-05-25] (Dell)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [245872 2013-01-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-01-19] (NVIDIA Corporation)
Startup: C:\Users\Jon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {62CB0BB2-C68F-48B4-81A5-300384E6876E} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Soda PDF 3D Reader Helper -> {2FE0F895-6D1D-4c80-A20D-18E42DE9B631} -> C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEHelper.dll (LULU Software Limited)
BHO-x32: Slick Savings -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Jon\AppData\Roaming\Slick Savings\Coupons.dll No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Soda PDF 3D Reader Toolbar - {64C9D46E-8F8B-4158-9780-A6581C7439B1} - C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEPlugin.dll (LULU Software Limited)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 202.106.195.68 202.106.46.151
Tcpip\..\Interfaces\{0148C10C-EB4C-4014-8E7E-80EAAA262B14}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{079CB822-48E2-49CD-9E34-7B6540A75446}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{08E15290-2EE6-4151-AE33-734EE05F02DC}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{08F5AEA4-24C6-4E89-B55F-8B9CFEAA3A71}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{09F6BAB6-5725-4AD6-A12B-D367E94CC2D0}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{0C5FE3CA-1D6F-42A9-978C-DC2ECEC1FB5A}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{1075C2A1-9234-4200-B4AF-74684863EC76}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{16D92A23-F0DF-4047-A65A-320223E60B0F}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{1AB172AC-0247-4112-8AEF-A35AF426D5E8}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{210AF53E-DC0A-4851-9A9C-6283C0644185}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{25EDA11A-5186-48E8-B777-D762D8EBC3B4}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{315EF552-8A64-4DCD-8817-C64594FCE1F1}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{31F43AEF-7A68-4B72-9422-F676E3EDAB0D}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{33091582-1C22-466A-B1E4-56C5C3E50EEB}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{35CF4281-91F3-406B-A4AF-3135FA799FCE}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{374924F8-731A-495A-902D-9F4B181033F8}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{38EADBE5-633A-4C28-B06B-1F302F860620}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3A4C6DD2-7E3B-439D-9F91-3ADE1070706F}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4092EDB9-9E52-4820-8BDD-F89556268786}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{41CCE0C2-5AC0-4EBB-AF25-AD0925675E09}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{44A778D4-1F2D-4428-9837-399EE090CAAB}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{475DC75E-A062-43FE-9A0F-89318C24A9B2}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{47B4DF88-AB8E-45C0-B526-E28FB87283A6}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{48254986-FF82-458E-8B41-C0875A8F0841}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4F16831C-8A8B-4265-B5F8-2D1EB5143AD9}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4F3861DF-294C-4FC6-9C6D-EC89878EBF83}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{53ED3653-11BD-4B0E-865F-7566A85493FB}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{54321544-E1D1-4B73-A50D-B8AE5A40070A}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{5678F66C-B7D4-403F-9865-D8F223E3C973}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{56D6EF08-C556-4598-9823-A67B18A52A8F}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{57111A7F-A7F0-469E-86EF-833FC6F4023C}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{5C14686B-DA9A-4564-B9C2-EAEC6A960248}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{5F6916D3-CCA2-4C42-9462-4F856ACBA3CE}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{609362C2-02B6-464A-B0C5-23FFC98550C8}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{61914B7D-95E5-4A7A-B7BC-AB2FF0B0CFCC}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6C79A3EC-969A-4360-BA57-8F6443230160}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6E7178A7-BE24-41C9-B0B3-AF6534A78B5A}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{72114875-4B52-4875-8A66-DF7D3DD9F98B}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{77D9EC10-89C2-4244-A4B7-AA658B7CB013}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{81A780E2-2A09-492F-B84C-D13DBEF579D7}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{81FF2FF6-D559-48D1-8EF7-DFE224D8EF6F}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{82C14FD6-59C6-4995-B47D-69E6D797B306}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{838BCC98-6A0C-4B70-89AC-699AAF972773}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{84D27277-0227-44AC-B316-2E33EF11C57D}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{89E32355-4A07-4737-A1AA-DF7445FA09D3}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{8AA910A2-082C-4E8A-BC8B-70F02FFB508C}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{8DB241B6-2A80-4F61-96CB-5D0CE19A5A57}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9EC0E35D-3963-43DF-826E-565AC691ACAE}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{A2670CA4-3FE3-4833-A27A-2A81CB39E8E5}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{A72C1604-E8FB-4C71-8B23-642F4E32E9EE}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{B9B1377F-89BE-4B01-8428-B222DE211B6D}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{C3871C3F-BCBC-459C-A524-90985B79D284}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{CDA3FF3D-D5F5-4F35-8F41-20D43F63FBFD}: [NameServer]219.141.140.10 219.141.136.10
Tcpip\..\Interfaces\{CEC8F194-A5AE-451C-AC63-5F1A2C11B75C}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{D036949F-C374-48E8-B69C-61723C811C62}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{D0D4D5A2-6B3B-4E0F-8F64-DFBAE9118343}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{D3F875FF-9F06-4A8E-A125-1DAC591E6EC6}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{DA05E8C2-2506-43E8-A1E3-F61B920FF0AD}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{DEE18DF8-33D3-4695-B640-0059A23E494F}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{E278746A-D886-4627-B299-7A7E523B1E02}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{E5CEE4DC-4F28-49D0-A116-3190F6FD11AF}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{E82E4AF9-8B4B-467C-BC01-3757D28937DB}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{EB9314C7-A004-4C66-BEFC-32391C6EF298}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{F5CE60A2-497B-4E75-9F18-2FA34A4AACB3}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{F73E8BEF-0F12-4B43-B2CB-4903E1EE7EAA}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{F7952B5C-DE7B-4FB1-8E08-477C41B2B16B}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{F7C0BBE9-5B7B-4221-AB7E-E5D202123D32}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{F85CB3E8-79BE-43DA-BBF4-9D4AA8068377}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{FA5FBB75-EB6D-42D2-8AA4-761BEEADD719}: [NameServer]8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{FC7299AC-481F-4425-BBCB-E139760EF79E}: [NameServer]8.8.8.8 8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\65lp77y5.default
FF DefaultSearchEngine: 百度
FF SelectedSearchEngine: 百度
FF Homepage: hxxp://baidu.com/
FF Keyword.URL: hxxp://www.baidu.com/baidu?tn=dealio_dg&wd=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\65lp77y5.default\searchplugins\baidu.xml
FF Extension: DealsFindoeRPro - C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\65lp77y5.default\Extensions\
[email protected] [2014-08-13]
FF Extension: saveron - C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\65lp77y5.default\Extensions\
[email protected] [2014-07-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
Chrome:
=======
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (Google Wallet) - C:\Users\Jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Program Files (x86)\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Program Files (x86)\Common Files\Spigot\GC\nta_1.0_0.crx [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [jpammgopeogkfkfjafahnachhacngopo] - C:\Users\Jon\AppData\Local\imeshvuzebandoo\GC\toolbar.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Jon\AppData\Local\Slick Savings\coupons.crx [2014-05-25]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-06-29] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-06-29] (Creative Labs) [File not signed]
R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-20] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-28] (Creative Technology Ltd)
R2 DeviceHealth; C:\Program Files (x86)\Microsoft Device Health\DhMachineSvc.exe [85664 2014-06-06] ()
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-12-01] (Red Bend Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-02] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-07] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 Soda PDF 3D Reader Helper Service; C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe [1162592 2013-08-20] (LULU Software Limited)
R2 Soda PDF 3D Reader Service; C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe [852320 2013-08-20] (LULU Software Limited)
R2 StrongVPN Service; C:\Program Files (x86)\StrongVPN\StrongService.exe [73552 2013-10-31] (Black Oak Computers, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-12-01] (Intel® Corporation) [File not signed]
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-23] (Broadcom Corporation.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-28] (Creative Technology Ltd)
S3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2011-02-03] (Dell Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-11-20] (Intel Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-01-19] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tapstrong; C:\Windows\System32\DRIVERS\tapstrong.sys [38760 2013-11-01] (The OpenVPN Project)
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 09:20 - 2014-08-17 09:20 - 00028003 _____ () C:\Users\Jon\Downloads\FRST.txt
2014-08-17 09:19 - 2014-08-17 09:20 - 00000000 ____D () C:\FRST
2014-08-17 09:17 - 2014-08-17 09:18 - 02101760 _____ (Farbar) C:\Users\Jon\Downloads\FRST64.exe
2014-08-17 00:44 - 2014-08-17 00:44 - 00078535 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e08.720p.hdtv.x264.killers.rartv.torrent
2014-08-16 14:45 - 2014-08-16 14:45 - 00025488 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e07.hdtv.x264.killers.ettv.torrent
2014-08-16 14:45 - 2014-08-16 14:45 - 00025488 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e07.hdtv.x264.killers.ettv (1).torrent
2014-08-16 14:39 - 2014-08-16 14:39 - 00026293 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e05.hdtv.x264.2hd.ettv.torrent
2014-08-16 10:07 - 2014-08-16 10:07 - 00084244 _____ () C:\Users\Jon\Downloads\Extras.Txt
2014-08-16 10:03 - 2014-08-16 10:03 - 00424190 _____ () C:\Users\Jon\Downloads\OTL.Txt
2014-08-16 09:55 - 2014-08-16 09:55 - 00602112 _____ (OldTimer Tools) C:\Users\Jon\Downloads\OTL.exe
2014-08-16 09:47 - 2014-08-16 09:47 - 00000000 ____D () C:\Program Files (x86)\saaveron
2014-08-16 09:46 - 2014-08-16 09:47 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jon\Downloads\HiJackThis.exe
2014-08-16 09:45 - 2014-08-16 09:45 - 00000000 ____D () C:\Program Files (x86)\DealssFiNderPrroo
2014-08-16 09:44 - 2014-08-17 08:27 - 00000340 _____ () C:\Windows\Tasks\微软设备健康助手自动更新.job
2014-08-16 09:44 - 2014-08-16 09:44 - 00003286 _____ () C:\Windows\System32\Tasks\微软设备健康助手自动更新
2014-08-16 09:44 - 2014-08-16 09:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Device Health
2014-08-16 09:34 - 2014-08-16 09:34 - 00000000 ____D () C:\Users\Jon\AppData\OICE_15_974FA576_32C1D314_B94
2014-08-16 09:30 - 2014-08-16 09:32 - 00000000 ____D () C:\Users\Jon\AppData\OICE_15_974FA576_32C1D314_DD5
2014-08-16 09:30 - 2014-07-01 06:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 09:30 - 2014-07-01 06:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 09:30 - 2014-03-10 05:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 09:30 - 2014-03-10 05:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 09:30 - 2014-03-10 05:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 09:30 - 2014-03-10 05:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 09:29 - 2014-06-06 14:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 09:29 - 2014-06-06 14:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 23:16 - 2014-08-15 23:16 - 00018120 _____ () C:\Users\Jon\Downloads\[kickass.to]cumfiesta.dillion.carter.molly.bliss.pure.bliss.07.29.2014.torrent
2014-08-15 23:00 - 2014-08-15 23:00 - 00096139 _____ () C:\Users\Jon\Downloads\[kickass.to]legends.2014.s01e01.720p.hdtv.x264.2hd.rartv.torrent
2014-08-15 14:12 - 2014-07-09 10:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 14:12 - 2014-07-09 10:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 14:12 - 2014-07-09 10:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 14:12 - 2014-07-09 10:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 14:12 - 2014-07-09 10:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 14:12 - 2014-07-09 09:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 14:12 - 2014-07-09 09:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 14:12 - 2014-07-09 09:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 14:12 - 2014-07-09 09:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 14:12 - 2014-07-09 09:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 14:12 - 2014-07-09 06:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 14:12 - 2014-07-09 06:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 14:11 - 2014-07-16 11:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 14:11 - 2014-07-16 10:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 14:11 - 2014-07-16 10:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-15 14:11 - 2014-06-03 18:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 14:11 - 2014-06-03 18:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 14:11 - 2014-06-03 18:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 14:11 - 2014-06-03 18:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 14:11 - 2014-06-03 17:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 14:11 - 2014-06-03 17:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 14:11 - 2014-06-03 17:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 14:10 - 2014-08-01 07:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 14:10 - 2014-08-01 07:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 14:10 - 2014-07-25 22:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 14:10 - 2014-07-25 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 14:10 - 2014-07-25 22:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 14:10 - 2014-07-25 21:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 14:10 - 2014-07-25 21:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 14:10 - 2014-07-25 21:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 14:10 - 2014-07-25 21:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 14:10 - 2014-07-25 21:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 14:10 - 2014-07-25 21:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 14:10 - 2014-07-25 21:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 14:10 - 2014-07-25 21:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 14:10 - 2014-07-25 21:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 14:10 - 2014-07-25 21:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 14:10 - 2014-07-25 21:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 14:10 - 2014-07-25 21:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 14:10 - 2014-07-25 20:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 14:10 - 2014-07-25 20:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 14:10 - 2014-07-25 20:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 14:10 - 2014-07-25 20:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 14:10 - 2014-07-25 20:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 14:10 - 2014-07-25 20:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 14:10 - 2014-07-25 20:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 14:10 - 2014-07-25 20:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 14:10 - 2014-07-25 20:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 14:10 - 2014-07-25 20:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 14:10 - 2014-07-25 20:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 14:10 - 2014-07-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 14:10 - 2014-07-25 20:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 14:10 - 2014-07-25 20:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 14:10 - 2014-07-25 20:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 14:10 - 2014-07-25 20:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 14:10 - 2014-07-25 20:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 14:10 - 2014-07-25 20:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 14:10 - 2014-07-25 20:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 14:10 - 2014-07-25 19:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 14:10 - 2014-07-25 19:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 14:10 - 2014-07-25 19:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 14:10 - 2014-07-25 19:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 14:10 - 2014-07-25 19:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 14:10 - 2014-07-25 19:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 14:10 - 2014-07-25 19:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 14:10 - 2014-07-25 19:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 14:10 - 2014-07-25 19:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 14:10 - 2014-07-25 19:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 14:10 - 2014-07-25 19:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 14:10 - 2014-07-25 19:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 14:10 - 2014-07-25 19:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 14:10 - 2014-07-25 19:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 14:10 - 2014-07-25 18:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 14:10 - 2014-07-25 18:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 14:10 - 2014-07-25 18:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 14:10 - 2014-07-25 18:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 14:10 - 2014-07-25 18:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 14:10 - 2014-07-25 18:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 14:06 - 2014-08-07 10:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 14:06 - 2014-08-07 10:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 14:06 - 2014-07-14 10:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 14:06 - 2014-07-14 09:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 23:37 - 2014-08-14 23:37 - 08546739 _____ () C:\Users\Jon\Downloads\the hot selling catalog (1).xlsx
2014-08-13 22:41 - 2014-08-13 22:41 - 00025429 _____ () C:\Users\Jon\Downloads\[kickass.to]the.last.ship.s01e08.hdtv.x264.lol.ettv.torrent
2014-08-13 22:41 - 2014-08-13 22:41 - 00025429 _____ () C:\Users\Jon\Downloads\[kickass.to]the.last.ship.s01e08.hdtv.x264.lol.ettv (1).torrent
2014-08-13 16:24 - 2014-08-17 00:00 - 00001456 _____ () C:\Users\Jon\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-08-13 15:49 - 2014-08-13 15:49 - 00003494 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Jon-PC-Jon
2014-08-13 15:08 - 2014-08-16 09:45 - 00000000 ____D () C:\ProgramData\DealssFiNderPrroo
2014-08-13 09:52 - 2014-08-13 09:52 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-08-13 09:52 - 2014-08-13 09:52 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-13 09:51 - 2014-08-13 09:51 - 00001213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-08-13 09:50 - 2014-08-13 09:52 - 00000000 ____D () C:\Program Files\Adobe
2014-08-13 09:50 - 2014-08-13 09:50 - 00001039 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-08-13 09:49 - 2014-08-13 09:49 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-08-13 09:45 - 2014-08-13 09:45 - 00001525 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-08-13 09:45 - 2014-08-13 09:45 - 00001359 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-08-13 09:39 - 2014-08-13 09:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-12 16:00 - 2014-08-12 16:00 - 00026624 _____ () C:\Users\Jon\Downloads\PIsunny140808-08 (2).xls
2014-08-10 00:50 - 2014-08-10 00:50 - 00051035 _____ () C:\Users\Jon\Downloads\[kickass.to]bigmouthfuls.13.09.30.dillion.carter.xxx.720p.mp4.ktr.torrent
2014-08-09 21:08 - 2014-08-09 21:09 - 08546739 _____ () C:\Users\Jon\Downloads\the hot selling catalog.xlsx
2014-08-08 23:55 - 2014-08-08 23:55 - 00138219 _____ () C:\Users\Jon\Downloads\[kickass.to]adobe.photoshop.cs6.13.0.1.extended.final.multilanguage.cracked.dll.chingliu.torrent
2014-08-08 10:24 - 2014-08-08 10:24 - 00026624 _____ () C:\Users\Jon\Downloads\PIsunny140808-08 (1).xls
2014-08-08 10:20 - 2014-08-08 10:21 - 00026624 _____ () C:\Users\Jon\Downloads\PIsunny140808-08.xls
2014-08-06 16:34 - 2014-08-06 16:34 - 00013047 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e04.hdtv.x264.asap.mp4.torrent
2014-08-06 16:34 - 2014-08-06 16:34 - 00013047 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e04.hdtv.x264.asap.mp4 (1).torrent
2014-08-06 10:20 - 2014-08-06 10:20 - 00035832 _____ () C:\Users\Jon\Downloads\[kickass.to]the.last.ship.s01e07.hdtv.x264.lol.ettv.torrent
2014-08-05 00:35 - 2014-08-05 00:35 - 00096256 _____ () C:\Users\Jon\Desktop\PI-US-Jon 140805 191usd Aspire Sample.xls
2014-08-03 23:26 - 2014-08-09 01:45 - 03949568 _____ () C:\Users\Jon\Desktop\Witshine.xls
2014-08-03 19:42 - 2014-08-15 14:09 - 00000000 ____D () C:\Users\Jon\Desktop\Thunder Cloud Vapers
2014-08-03 16:49 - 2014-08-17 02:00 - 00000506 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e207ba27-dd01-4152-a69d-1947ee1d0ec0.job
2014-08-03 16:49 - 2014-08-17 00:49 - 00000506 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e1c51ca0-b81d-40f6-9aa9-e93ff12c5b46.job
2014-08-03 16:49 - 2014-08-03 16:49 - 00003572 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task e207ba27-dd01-4152-a69d-1947ee1d0ec0
2014-08-03 16:49 - 2014-08-03 16:49 - 00003498 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task e1c51ca0-b81d-40f6-9aa9-e93ff12c5b46
2014-08-03 16:49 - 2014-08-03 16:49 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\SUPERAntiSpyware.com
2014-08-03 16:47 - 2014-08-17 00:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-03 16:47 - 2014-08-03 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-03 16:47 - 2014-08-03 16:47 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-03 16:47 - 2014-08-03 16:47 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-03 16:45 - 2014-08-03 16:46 - 18611048 _____ (SUPERAntiSpyware) C:\Users\Jon\Downloads\SUPERAntiSpyware.exe
2014-08-03 01:01 - 2014-08-03 01:01 - 00000000 ____D () C:\Users\Jon\AppData\Local\Skype
2014-08-03 01:01 - 2014-08-03 01:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-03 00:56 - 2014-08-03 00:56 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Jon\Downloads\SkypeSetup(1).exe
2014-08-03 00:37 - 2014-08-03 00:47 - 00000000 ____D () C:\Users\Jon\Desktop\Photo Book
2014-08-02 23:43 - 2014-08-03 10:01 - 00000000 ____D () C:\Users\Jon\Desktop\K1 Pictures and relationship evidence
2014-08-02 19:54 - 2014-05-15 00:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 19:54 - 2014-05-15 00:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 19:54 - 2014-05-15 00:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 19:54 - 2014-05-15 00:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 19:54 - 2014-05-15 00:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 19:54 - 2014-05-15 00:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 19:54 - 2014-05-15 00:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 19:54 - 2014-05-15 00:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 19:54 - 2014-05-15 00:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 19:54 - 2014-05-15 00:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 19:53 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 19:53 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 19:53 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 19:53 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-02 18:12 - 2014-08-02 18:13 - 00563731 _____ () C:\Users\Jon\Downloads\install.exe
2014-08-01 23:54 - 2014-08-06 10:24 - 00000000 ____D () C:\Users\Jon\AppData\Local\alipay
2014-08-01 23:54 - 2014-08-01 23:54 - 00000000 ____D () C:\alipay
2014-07-31 23:20 - 2014-08-16 23:26 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\TaobaoProtect
2014-07-31 22:33 - 2014-07-31 22:33 - 00043441 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e05.720p.hdtv.x264.killers.eztv.torrent
2014-07-31 22:33 - 2014-07-31 22:33 - 00041758 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e06.720p.hdtv.x264.immerse.eztv.torrent
2014-07-31 22:33 - 2014-07-31 22:33 - 00041758 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e06.720p.hdtv.x264.immerse.eztv (1).torrent
2014-07-31 22:33 - 2014-07-31 22:33 - 00012815 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e04.hdtv.x264.killers.eztv (1).torrent
2014-07-31 22:31 - 2014-07-31 22:31 - 00012927 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e03.hdtv.x264.asap.mp4.torrent
2014-07-31 22:30 - 2014-07-31 22:30 - 00023838 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e02.hdtv.x264.asap.ettv.torrent
2014-07-31 22:25 - 2014-07-31 22:25 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\alipay
2014-07-31 22:22 - 2014-08-07 14:24 - 00000000 ____D () C:\Program Files (x86)\alipay
2014-07-31 22:22 - 2014-07-31 22:22 - 00001078 _____ () C:\Users\Jon\AppData\Roaming\base64.cer
2014-07-31 22:21 - 2014-07-31 22:21 - 04151744 _____ () C:\Users\Jon\Downloads\aliedit.exe
2014-07-31 18:23 - 2014-07-31 18:24 - 01276520 _____ () C:\Windows\Minidump\073114-39889-01.dmp
2014-07-31 10:52 - 2014-07-31 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-31 10:05 - 2014-08-16 09:47 - 00000000 ____D () C:\ProgramData\saaveron
2014-07-31 10:05 - 2014-08-16 09:47 - 00000000 ____D () C:\ProgramData\93e16d846da0da69
2014-07-31 10:05 - 2014-07-31 10:05 - 00000000 ____D () C:\Users\Jon\AppData\Local\Packages
2014-07-31 01:48 - 2014-07-31 01:48 - 00011593 _____ () C:\Users\Jon\Downloads\[JSU发布组] RKI-111无码流出修复版 京香julia.torrent
2014-07-30 20:32 - 2014-07-30 20:33 - 01267168 _____ () C:\Windows\Minidump\073014-41371-01.dmp
2014-07-29 21:08 - 2014-07-29 21:08 - 01219768 _____ () C:\Windows\Minidump\072914-36644-01.dmp
2014-07-29 16:44 - 2014-07-29 16:45 - 01212840 _____ () C:\Windows\Minidump\072914-37377-01.dmp
2014-07-28 19:07 - 2014-07-28 21:43 - 00000000 ____D () C:\Users\Jon\Desktop\Taobao
2014-07-28 16:47 - 2014-07-28 16:47 - 01259800 _____ () C:\Windows\Minidump\072814-27690-01.dmp
2014-07-27 14:39 - 2014-07-27 14:40 - 01216552 _____ () C:\Windows\Minidump\072714-38781-01.dmp
2014-07-26 23:19 - 2014-07-26 23:19 - 20463341 _____ () C:\Users\Jon\Downloads\product catalog1.rar
2014-07-26 17:33 - 2014-07-26 17:34 - 01262768 _____ () C:\Windows\Minidump\072614-58547-01.dmp
2014-07-26 14:32 - 2014-07-26 14:33 - 01276720 _____ () C:\Windows\Minidump\072614-69810-01.dmp
2014-07-22 15:50 - 2014-07-22 15:50 - 00767456 _____ () C:\Windows\Minidump\072214-46878-01.dmp
2014-07-20 23:27 - 2014-08-17 08:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 23:27 - 2014-07-22 00:46 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-20 23:27 - 2014-07-20 23:27 - 00000000 ____D () C:\Users\Jon\AppData\Local\Macromedia
2014-07-20 22:23 - 2014-07-20 22:24 - 00000000 ____D () C:\Users\Sophia\AppData\Roaming\Mozilla
2014-07-20 22:23 - 2014-07-20 22:24 - 00000000 ____D () C:\Users\Sophia\AppData\Local\Mozilla
2014-07-20 17:18 - 2014-07-20 17:18 - 00008301 _____ () C:\Users\Jon\Downloads\[kickass.to]lorde.everybody.wants.to.rule.the.world.mp3.torrent
2014-07-20 06:16 - 2014-07-20 06:16 - 01192032 _____ () C:\Windows\Minidump\072014-58391-01.dmp
2014-07-20 02:24 - 2014-07-20 02:24 - 00011514 _____ () C:\Users\Jon\Downloads\[kickass.to]under.the.dome.s02e03.hdtv.x264.lol.eztv.torrent
2014-07-20 02:22 - 2014-07-20 02:22 - 00012871 _____ () C:\Users\Jon\Downloads\[kickass.to]the.last.ship.s01e04.hdtv.x264.lol.eztv (1).torrent
2014-07-19 11:40 - 2014-07-19 11:40 - 01262480 _____ () C:\Windows\Minidump\071914-55551-01.dmp
2014-07-18 23:52 - 2014-07-18 23:52 - 00015673 _____ () C:\Users\Jon\Downloads\[kickass.to]the.amazing.spider.man.2.2014.korsub.720p.webrip.x264.aac.jyk.torrent
2014-07-18 21:25 - 2014-07-19 12:12 - 00013106 ____H () C:\Users\Jon\Desktop\~WRL0915.tmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 09:20 - 2014-08-17 09:20 - 00028003 _____ () C:\Users\Jon\Downloads\FRST.txt
2014-08-17 09:20 - 2014-08-17 09:19 - 00000000 ____D () C:\FRST
2014-08-17 09:20 - 2013-07-10 23:34 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-17 09:19 - 2013-06-29 16:19 - 01347671 _____ () C:\Windows\WindowsUpdate.log
2014-08-17 09:18 - 2014-08-17 09:17 - 02101760 _____ (Farbar) C:\Users\Jon\Downloads\FRST64.exe
2014-08-17 09:17 - 2013-11-04 22:46 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\.strongvpn
2014-08-17 09:16 - 2009-07-14 13:13 - 00784326 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 09:15 - 2009-07-14 12:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 09:15 - 2009-07-14 12:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 09:13 - 2013-09-10 10:14 - 00000000 ___RD () C:\Users\Jon\Dropbox
2014-08-17 09:13 - 2013-09-10 09:56 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\Dropbox
2014-08-17 09:12 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\tracing
2014-08-17 09:11 - 2013-07-14 09:02 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\uTorrent
2014-08-17 09:11 - 2013-06-29 15:00 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-08-17 09:11 - 2013-06-29 15:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-08-17 09:11 - 2013-06-29 14:54 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn
2014-08-17 09:10 - 2013-10-10 14:37 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-17 09:10 - 2013-07-10 23:34 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 09:10 - 2009-07-14 12:45 - 05073024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 09:09 - 2013-10-08 21:14 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-08-17 09:09 - 2013-06-29 14:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-17 09:09 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 09:09 - 2009-07-14 12:51 - 00097954 _____ () C:\Windows\setupact.log
2014-08-17 09:07 - 2010-11-21 11:47 - 00430404 _____ () C:\Windows\PFRO.log
2014-08-17 09:07 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-17 08:27 - 2014-08-16 09:44 - 00000340 _____ () C:\Windows\Tasks\微软设备健康助手自动更新.job
2014-08-17 08:27 - 2014-07-20 23:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-17 02:00 - 2014-08-03 16:49 - 00000506 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e207ba27-dd01-4152-a69d-1947ee1d0ec0.job
2014-08-17 01:58 - 2014-05-25 16:54 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\vlc
2014-08-17 00:51 - 2014-08-03 16:47 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-17 00:49 - 2014-08-03 16:49 - 00000506 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e1c51ca0-b81d-40f6-9aa9-e93ff12c5b46.job
2014-08-17 00:44 - 2014-08-17 00:44 - 00078535 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e08.720p.hdtv.x264.killers.rartv.torrent
2014-08-17 00:00 - 2014-08-13 16:24 - 00001456 _____ () C:\Users\Jon\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-08-16 23:26 - 2014-07-31 23:20 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\TaobaoProtect
2014-08-16 14:49 - 2013-07-12 05:13 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-08-16 14:45 - 2014-08-16 14:45 - 00025488 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e07.hdtv.x264.killers.ettv.torrent
2014-08-16 14:45 - 2014-08-16 14:45 - 00025488 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e07.hdtv.x264.killers.ettv (1).torrent
2014-08-16 14:39 - 2014-08-16 14:39 - 00026293 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e05.hdtv.x264.2hd.ettv.torrent
2014-08-16 10:07 - 2014-08-16 10:07 - 00084244 _____ () C:\Users\Jon\Downloads\Extras.Txt
2014-08-16 10:03 - 2014-08-16 10:03 - 00424190 _____ () C:\Users\Jon\Downloads\OTL.Txt
2014-08-16 09:55 - 2014-08-16 09:55 - 00602112 _____ (OldTimer Tools) C:\Users\Jon\Downloads\OTL.exe
2014-08-16 09:50 - 2013-06-29 14:40 - 00000000 ____D () C:\Program Files (x86)\ST Microelectronics
2014-08-16 09:50 - 2013-06-29 14:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-16 09:47 - 2014-08-16 09:47 - 00000000 ____D () C:\Program Files (x86)\saaveron
2014-08-16 09:47 - 2014-08-16 09:46 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jon\Downloads\HiJackThis.exe
2014-08-16 09:47 - 2014-07-31 10:05 - 00000000 ____D () C:\ProgramData\saaveron
2014-08-16 09:47 - 2014-07-31 10:05 - 00000000 ____D () C:\ProgramData\93e16d846da0da69
2014-08-16 09:47 - 2014-07-14 11:18 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\NJStar
2014-08-16 09:46 - 2013-09-13 07:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-16 09:45 - 2014-08-16 09:45 - 00000000 ____D () C:\Program Files (x86)\DealssFiNderPrroo
2014-08-16 09:45 - 2014-08-13 15:08 - 00000000 ____D () C:\ProgramData\DealssFiNderPrroo
2014-08-16 09:44 - 2014-08-16 09:44 - 00003286 _____ () C:\Windows\System32\Tasks\微软设备健康助手自动更新
2014-08-16 09:44 - 2014-08-16 09:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Device Health
2014-08-16 09:43 - 2013-07-11 04:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-16 09:39 - 2013-09-13 07:25 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-16 09:34 - 2014-08-16 09:34 - 00000000 ____D () C:\Users\Jon\AppData\OICE_15_974FA576_32C1D314_B94
2014-08-16 09:32 - 2014-08-16 09:30 - 00000000 ____D () C:\Users\Jon\AppData\OICE_15_974FA576_32C1D314_DD5
2014-08-16 09:28 - 2014-05-07 15:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 23:16 - 2014-08-15 23:16 - 00018120 _____ () C:\Users\Jon\Downloads\[kickass.to]cumfiesta.dillion.carter.molly.bliss.pure.bliss.07.29.2014.torrent
2014-08-15 23:00 - 2014-08-15 23:00 - 00096139 _____ () C:\Users\Jon\Downloads\[kickass.to]legends.2014.s01e01.720p.hdtv.x264.2hd.rartv.torrent
2014-08-15 14:09 - 2014-08-03 19:42 - 00000000 ____D () C:\Users\Jon\Desktop\Thunder Cloud Vapers
2014-08-15 09:53 - 2014-03-11 09:39 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-15 09:14 - 2014-07-14 11:34 - 00000000 ____D () C:\Users\Jon\Desktop\X
2014-08-15 01:34 - 2013-10-18 09:09 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\Skype
2014-08-15 00:02 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-14 23:37 - 2014-08-14 23:37 - 08546739 _____ () C:\Users\Jon\Downloads\the hot selling catalog (1).xlsx
2014-08-13 22:41 - 2014-08-13 22:41 - 00025429 _____ () C:\Users\Jon\Downloads\[kickass.to]the.last.ship.s01e08.hdtv.x264.lol.ettv.torrent
2014-08-13 22:41 - 2014-08-13 22:41 - 00025429 _____ () C:\Users\Jon\Downloads\[kickass.to]the.last.ship.s01e08.hdtv.x264.lol.ettv (1).torrent
2014-08-13 16:31 - 2013-07-18 07:43 - 00000000 ____D () C:\Users\Jon\AppData\Local\Adobe
2014-08-13 16:12 - 2013-07-10 23:33 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\Adobe
2014-08-13 15:49 - 2014-08-13 15:49 - 00003494 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Jon-PC-Jon
2014-08-13 13:01 - 2013-07-12 05:10 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\PCDr
2014-08-13 09:53 - 2013-07-10 23:02 - 00114456 _____ () C:\Users\Jon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-13 09:52 - 2014-08-13 09:52 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-08-13 09:52 - 2014-08-13 09:52 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-13 09:52 - 2014-08-13 09:50 - 00000000 ____D () C:\Program Files\Adobe
2014-08-13 09:52 - 2014-08-13 09:39 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-13 09:52 - 2013-06-29 15:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-13 09:51 - 2014-08-13 09:51 - 00001213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-08-13 09:51 - 2013-09-05 00:37 - 00000000 ____D () C:\Users\Jon\Desktop\MISC
2014-08-13 09:50 - 2014-08-13 09:50 - 00001039 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-08-13 09:50 - 2014-01-08 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-13 09:49 - 2014-08-13 09:49 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-08-13 09:45 - 2014-08-13 09:45 - 00001525 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-08-13 09:45 - 2014-08-13 09:45 - 00001359 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-08-12 16:00 - 2014-08-12 16:00 - 00026624 _____ () C:\Users\Jon\Downloads\PIsunny140808-08 (2).xls
2014-08-10 00:50 - 2014-08-10 00:50 - 00051035 _____ () C:\Users\Jon\Downloads\[kickass.to]bigmouthfuls.13.09.30.dillion.carter.xxx.720p.mp4.ktr.torrent
2014-08-09 21:09 - 2014-08-09 21:08 - 08546739 _____ () C:\Users\Jon\Downloads\the hot selling catalog.xlsx
2014-08-09 10:29 - 2013-10-18 09:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-09 01:45 - 2014-08-03 23:26 - 03949568 _____ () C:\Users\Jon\Desktop\Witshine.xls
2014-08-08 23:55 - 2014-08-08 23:55 - 00138219 _____ () C:\Users\Jon\Downloads\[kickass.to]adobe.photoshop.cs6.13.0.1.extended.final.multilanguage.cracked.dll.chingliu.torrent
2014-08-08 10:24 - 2014-08-08 10:24 - 00026624 _____ () C:\Users\Jon\Downloads\PIsunny140808-08 (1).xls
2014-08-08 10:21 - 2014-08-08 10:20 - 00026624 _____ () C:\Users\Jon\Downloads\PIsunny140808-08.xls
2014-08-07 14:24 - 2014-07-31 22:22 - 00000000 ____D () C:\Program Files (x86)\alipay
2014-08-07 10:06 - 2014-08-15 14:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 10:01 - 2014-08-15 14:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 16:34 - 2014-08-06 16:34 - 00013047 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e04.hdtv.x264.asap.mp4.torrent
2014-08-06 16:34 - 2014-08-06 16:34 - 00013047 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e04.hdtv.x264.asap.mp4 (1).torrent
2014-08-06 10:24 - 2014-08-01 23:54 - 00000000 ____D () C:\Users\Jon\AppData\Local\alipay
2014-08-06 10:20 - 2014-08-06 10:20 - 00035832 _____ () C:\Users\Jon\Downloads\[kickass.to]the.last.ship.s01e07.hdtv.x264.lol.ettv.torrent
2014-08-05 00:35 - 2014-08-05 00:35 - 00096256 _____ () C:\Users\Jon\Desktop\PI-US-Jon 140805 191usd Aspire Sample.xls
2014-08-04 09:57 - 2014-04-10 00:50 - 00000000 ____D () C:\Windows\rescache
2014-08-03 17:23 - 2014-05-25 17:06 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-08-03 17:23 - 2013-10-27 15:53 - 00000000 ____D () C:\Users\Jon\Downloads\Zipper-BitTorrent-a
2014-08-03 16:49 - 2014-08-03 16:49 - 00003572 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task e207ba27-dd01-4152-a69d-1947ee1d0ec0
2014-08-03 16:49 - 2014-08-03 16:49 - 00003498 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task e1c51ca0-b81d-40f6-9aa9-e93ff12c5b46
2014-08-03 16:49 - 2014-08-03 16:49 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\SUPERAntiSpyware.com
2014-08-03 16:49 - 2014-08-03 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-03 16:47 - 2014-08-03 16:47 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-03 16:47 - 2014-08-03 16:47 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-03 16:46 - 2014-08-03 16:45 - 18611048 _____ (SUPERAntiSpyware) C:\Users\Jon\Downloads\SUPERAntiSpyware.exe
2014-08-03 10:01 - 2014-08-02 23:43 - 00000000 ____D () C:\Users\Jon\Desktop\K1 Pictures and relationship evidence
2014-08-03 01:01 - 2014-08-03 01:01 - 00000000 ____D () C:\Users\Jon\AppData\Local\Skype
2014-08-03 01:01 - 2014-08-03 01:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-03 01:01 - 2013-10-18 09:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-03 00:56 - 2014-08-03 00:56 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Jon\Downloads\SkypeSetup(1).exe
2014-08-03 00:47 - 2014-08-03 00:37 - 00000000 ____D () C:\Users\Jon\Desktop\Photo Book
2014-08-02 18:13 - 2014-08-02 18:12 - 00563731 _____ () C:\Users\Jon\Downloads\install.exe
2014-08-02 00:51 - 2013-07-10 23:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-01 23:54 - 2014-08-01 23:54 - 00000000 ____D () C:\alipay
2014-08-01 23:54 - 2014-07-10 23:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 07:41 - 2014-08-15 14:10 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 07:16 - 2014-08-15 14:10 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 22:33 - 2014-07-31 22:33 - 00043441 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e05.720p.hdtv.x264.killers.eztv.torrent
2014-07-31 22:33 - 2014-07-31 22:33 - 00041758 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e06.720p.hdtv.x264.immerse.eztv.torrent
2014-07-31 22:33 - 2014-07-31 22:33 - 00041758 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e06.720p.hdtv.x264.immerse.eztv (1).torrent
2014-07-31 22:33 - 2014-07-31 22:33 - 00012815 _____ () C:\Users\Jon\Downloads\[kickass.to]falling.skies.s04e04.hdtv.x264.killers.eztv (1).torrent
2014-07-31 22:31 - 2014-07-31 22:31 - 00012927 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e03.hdtv.x264.asap.mp4.torrent
2014-07-31 22:30 - 2014-07-31 22:30 - 00023838 _____ () C:\Users\Jon\Downloads\[kickass.to]ray.donovan.s02e02.hdtv.x264.asap.ettv.torrent
2014-07-31 22:25 - 2014-07-31 22:25 - 00000000 ____D () C:\Users\Jon\AppData\Roaming\alipay
2014-07-31 22:22 - 2014-07-31 22:22 - 00001078 _____ () C:\Users\Jon\AppData\Roaming\base64.cer
2014-07-31 22:21 - 2014-07-31 22:21 - 04151744 _____ () C:\Users\Jon\Downloads\aliedit.exe
2014-07-31 18:24 - 2014-07-31 18:23 - 01276520 _____ () C:\Windows\Minidump\073114-39889-01.dmp
2014-07-31 18:23 - 2013-07-15 06:59 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 10:52 - 2014-07-31 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-31 10:05 - 2014-07-31 10:05 - 00000000 ____D () C:\Users\Jon\AppData\Local\Packages
2014-07-31 09:45 - 2014-07-10 22:13 - 00000000 ____D () C:\ProgramData\374311380
2014-07-31 01:48 - 2014-07-31 01:48 - 00011593 _____ () C:\Users\Jon\Downloads\[JSU发布组] RKI-111无码流出修复版 京香julia.torrent
2014-07-30 20:33 - 2014-07-30 20:32 - 01267168 _____ () C:\Windows\Minidump\073014-41371-01.dmp
2014-07-29 21:08 - 2014-07-29 21:08 - 01219768 _____ () C:\Windows\Minidump\072914-36644-01.dmp
2014-07-29 16:45 - 2014-07-29 16:44 - 01212840 _____ () C:\Windows\Minidump\072914-37377-01.dmp
2014-07-28 21:43 - 2014-07-28 19:07 - 00000000 ____D () C:\Users\Jon\Desktop\Taobao
2014-07-28 21:11 - 2013-11-03 09:15 - 00000000 ____D () C:\Users\Jon\Documents\Tencent Files
2014-07-28 16:47 - 2014-07-28 16:47 - 01259800 _____ () C:\Windows\Minidump\072814-27690-01.dmp
2014-07-27 14:40 - 2014-07-27 14:39 - 01216552 _____ () C:\Windows\Minidump\072714-38781-01.dmp
2014-07-26 23:19 - 2014-07-26 23:19 - 20463341 _____ () C:\Users\Jon\Downloads\product catalog1.rar
2014-07-26 17:34 - 2014-07-26 17:33 - 01262768 _____ () C:\Windows\Minidump\072614-58547-01.dmp
2014-07-26 14:33 - 2014-07-26 14:32 - 01276720 _____ () C:\Windows\Minidump\072614-69810-01.dmp
2014-07-26 14:32 - 2013-07-13 09:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-26 14:32 - 2013-07-13 09:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 23:22 - 2013-07-13 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 22:52 - 2014-08-15 14:10 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 22:02 - 2014-08-15 14:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 22:01 - 2014-08-15 14:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 21:51 - 2014-08-15 14:10 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 21:30 - 2014-08-15 14:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 21:28 - 2014-08-15 14:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 21:28 - 2014-08-15 14:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 21:25 - 2014-08-15 14:10 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 21:25 - 2014-08-15 14:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 21:11 - 2014-08-15 14:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 21:10 - 2014-08-15 14:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 21:04 - 2014-08-15 14:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 21:03 - 2014-08-15 14:10 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 21:00 - 2014-08-15 14:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 21:00 - 2014-08-15 14:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 20:59 - 2014-08-15 14:10 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 20:47 - 2014-08-15 14:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 20:40 - 2014-08-15 14:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 20:34 - 2014-08-15 14:10 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 20:34 - 2014-08-15 14:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 20:33 - 2014-08-15 14:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 20:30 - 2014-08-15 14:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 20:28 - 2014-08-15 14:10 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 20:28 - 2014-08-15 14:10 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 20:21 - 2014-08-15 14:10 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 20:19 - 2014-08-15 14:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 20:18 - 2014-08-15 14:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 20:17 - 2014-08-15 14:10 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 20:17 - 2014-08-15 14:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 20:12 - 2014-08-15 14:10 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 20:10 - 2014-08-15 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 20:10 - 2014-08-15 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 20:08 - 2014-08-15 14:10 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 20:06 - 2014-08-15 14:10 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 19:52 - 2014-08-15 14:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 19:47 - 2014-08-15 14:10 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 19:43 - 2014-08-15 14:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 19:42 - 2014-08-15 14:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 19:39 - 2014-08-15 14:10 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 19:39 - 2014-08-15 14:10 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 19:36 - 2014-08-15 14:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 19:34 - 2014-08-15 14:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 19:29 - 2014-08-15 14:10 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 19:23 - 2014-08-15 14:10 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 19:13 - 2014-08-15 14:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 19:07 - 2014-08-15 14:10 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 19:07 - 2014-08-15 14:10 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 19:03 - 2014-08-15 14:10 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 18:52 - 2014-08-15 14:10 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 18:26 - 2014-08-15 14:10 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 18:17 - 2014-08-15 14:10 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 18:09 - 2014-08-15 14:10 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 18:05 - 2014-08-15 14:10 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 18:00 - 2014-08-15 14:10 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-25 00:39 - 2009-07-14 13:08 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-22 15:50 - 2014-07-22 15:50 - 00767456 _____ () C:\Windows\Minidump\072214-46878-01.dmp
2014-07-22 00:46 - 2014-07-20 23:27 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-22 00:46 - 2013-06-29 14:25 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-22 00:46 - 2013-06-29 14:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-20 23:27 - 2014-07-20 23:27 - 00000000 ____D () C:\Users\Jon\AppData\Local\Macromedia
2014-07-20 22:24 - 2014-07-20 22:23 - 00000000 ____D () C:\Users\Sophia\AppData\Roaming\Mozilla
2014-07-20 22:24 - 2014-07-20 22:23 - 00000000 ____D () C:\Users\Sophia\AppData\Local\Mozilla
2014-07-20 17:18 - 2014-07-20 17:18 - 00008301 _____ () C:\Users\Jon\Downloads\[kickass.to]lorde.everybody.wants.to.rule.the.world.mp3.torrent
2014-07-20 06:16 - 2014-07-20 06:16 - 01192032 _____ () C:\Windows\Minidump\072014-58391-01.dmp
2014-07-20 02:24 - 2014-07-20 02:24 - 00011514 _____ () C:\Users\Jon\Downloads\[kickass.to]under.the.dome.s02e03.hdtv.x264.lol.eztv.torrent
2014-07-20 02:22 - 2014-07-20 02:22 - 00012871 _____ () C:\Users\Jon\Downloads\[kickass.to]the.last.ship.s01e04.hdtv.x264.lol.eztv (1).torrent
2014-07-19 12:12 - 2014-07-18 21:25 - 00013106 ____H () C:\Users\Jon\Desktop\~WRL0915.tmp
2014-07-19 11:40 - 2014-07-19 11:40 - 01262480 _____ () C:\Windows\Minidump\071914-55551-01.dmp
2014-07-18 23:52 - 2014-07-18 23:52 - 00015673 _____ () C:\Users\Jon\Downloads\[kickass.to]the.amazing.spider.man.2.2014.korsub.720p.webrip.x264.aac.jyk.torrent
Files to move or delete:
====================
C:\Users\Jon\.exe
Some content of TEMP:
====================
C:\Users\Jon\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbfpvmx.dll
C:\Users\Jon\AppData\Local\Temp\exthelper.exe
C:\Users\Jon\AppData\Local\Temp\qqsafeud.exe
C:\Users\Jon\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-09 15:25
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by Jon at 2014-08-17 09:21:28
Running from C:\Users\Jon\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.)
Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - )
Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Dell System Detect Bootstrapper (HKCU\...\8e3135b376bd523e) (Version: 1.1.0.15 - Dell)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Heritage Sports 8.2 (HKLM-x32\...\Heritage Sports 8.2) (Version: 8.2.12.201405261500 - Heritage Sports)
Intel PROSet Wireless (Version: - ) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.00.0000 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Magic Online (HKLM-x32\...\{AF7733C1-FB0B-4FED-9730-E0433AF7A2EF}) (Version: 3.00.0000 - Wizards of the Coast)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Media Player Codec Pack 4.3.1 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.3.1 - Media Player Codec Pack) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Soda PDF 3D Reader (HKLM-x32\...\{025C48E1-4695-4F49-906E-EBABCD54EA51}) (Version: 5.0.30.11889 - LULU Software Limited)
Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StrongVPN Client (HKLM-x32\...\{6EB6293C-9286-4981-8672-956E1A92F33B}_is1) (Version: 1.3.4.5 - Black Oak Computers, Inc)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1108 - SUPERAntiSpyware.com)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version: - Gas Powered Games)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.4.0 - Synaptics Incorporated)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wmaiper (x32 Version: 012.000.1456 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
微软设备健康助手 (HKLM-x32\...\{2EAC4B0F-6E44-4FF6-AA5E-5D100F2BAA59}) (Version: 1.0.16.0 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1522901231-1283582495-1218869647-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
13-08-2014 21:33:58 Scheduled Checkpoint
16-08-2014 01:26:10 Windows Update
16-08-2014 01:53:58 Removed SearchMe Toolbar v9.6.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 10:34 - 2014-05-27 11:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2D195409-D940-438B-A18B-6DCF2DF62DA1} - System32\Tasks\AdobeAAMUpdater-1.0-Jon-PC-Jon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {3029194F-846D-447D-9A60-A5E220E3A22C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {4D6CF6E3-E260-488B-960A-5C3CD5E00E29} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {4FFF1F34-75B4-4F14-8A0A-121BF420D8C9} - System32\Tasks\SUPERAntiSpyware Scheduled Task e207ba27-dd01-4152-a69d-1947ee1d0ec0 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {62C77413-2950-4FB8-B240-05E9B02A1C92} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {861BC50B-BD8F-48D9-824E-87EB0359F0D7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {906EEAFE-31AA-4F4A-A5D2-B6F040EDA454} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {92DD13DA-90D6-4E6F-B4AF-8DC50BB1E3E5} - System32\Tasks\微软设备健康助手自动更新 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [2014-06-06] ()
Task: {A1DEFA4E-A9FD-47C1-9868-4A42A089E8F6} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2014-02-01] (PC-Doctor, Inc.)
Task: {B551F808-F4AD-463E-A5C5-4AD63E03E1E7} - System32\Tasks\SUPERAntiSpyware Scheduled Task e1c51ca0-b81d-40f6-9aa9-e93ff12c5b46 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {CED6F9E9-8D94-4899-A97F-B2B6580E735A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-10] (Google Inc.)
Task: {D3E7A6A7-90A0-4A02-852A-B08E5FE9A839} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-10] (Google Inc.)
Task: {F48D7409-85CB-4BAD-83BA-402DB224A8C2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2014-02-01] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e1c51ca0-b81d-40f6-9aa9-e93ff12c5b46.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e207ba27-dd01-4152-a69d-1947ee1d0ec0.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\微软设备健康助手自动更新.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-21 12:24 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-06-06 21:36 - 2014-06-06 21:36 - 00085664 _____ () C:\Program Files (x86)\Microsoft Device Health\DhMachineSvc.exe
2013-06-29 14:53 - 2013-01-18 23:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-12 10:37 - 2014-05-21 00:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-06-29 14:55 - 2012-01-27 10:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
2013-06-29 16:03 - 2012-02-15 01:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-06 21:36 - 2014-06-06 21:36 - 00064672 _____ () C:\Program Files (x86)\Microsoft Device Health\Collectors\system_collector.dll
2014-06-06 21:36 - 2014-06-06 21:36 - 00023200 _____ () C:\Program Files (x86)\Microsoft Device Health\Collectors\user_collector.dll
2014-06-06 21:36 - 2014-06-06 21:36 - 00020640 _____ () C:\Program Files (x86)\Microsoft Device Health\Actuators\win_update_actuator.dll
2014-08-17 09:12 - 2014-08-17 09:12 - 00043008 _____ () c:\users\jon\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbfpvmx.dll
2013-08-24 03:01 - 2013-08-24 03:01 - 25100288 _____ () C:\Users\Jon\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-20 03:23 - 2014-07-15 17:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-20 03:23 - 2014-07-15 17:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-20 03:23 - 2014-07-15 17:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-20 03:23 - 2014-07-15 17:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-20 03:23 - 2014-07-15 17:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-02-28 16:51 - 2014-02-28 16:51 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\e0cca00b42165c0b882a7ef23368c6ac\PSIClient.ni.dll
2013-06-29 14:38 - 2012-02-02 06:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk => C:\Windows\pss\CodecPackUpdateChecker.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NexDef Plug-in.lnk => C:\Windows\pss\NexDef Plug-in.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AlienwareOn-ScreenDisplay => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Command Center Controllers => "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Jon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Integrated Webcam Live! Central => "C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe" /mode2
MSCONFIG\startupreg: QQ2009 => "C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sound Blaster Recon3Di Control Panel => "c:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: StrongVPN Client => "C:\Program Files (x86)\StrongVPN\StrongDial.exe" --silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: uTorrent => "C:\Users\Jon\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/17/2014 09:13:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program uTorrent.exe version 3.4.2.32126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 6b0
Start Time: 01cfb9b82a8e0d07
Termination Time: 14
Application Path: C:\Users\Jon\AppData\Roaming\uTorrent\uTorrent.exe
Report Id: a1361652-25ab-11e4-8247-b90948f4e8f7
Error: (08/17/2014 09:10:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2014 01:39:45 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={17B18D64-9AAD-4555-A687-810E9B270415}: The user Jon-PC\Jon dialed a connection named StrongVPN - 309053-L2TP which has failed. The error code returned on failure is 789.
Error: (08/17/2014 01:38:39 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={05759DB9-D6FD-4400-8CD8-2340D38632EC}: The user Jon-PC\Jon dialed a connection named StrongVPN - 309053-L2TP which has failed. The error code returned on failure is 789.
Error: (08/17/2014 01:37:33 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={9E89E653-7818-4DA3-91CC-CD100BC5378C}: The user Jon-PC\Jon dialed a connection named StrongVPN - 309053-L2TP which has failed. The error code returned on failure is 789.
Error: (08/17/2014 01:36:27 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={53BC09E9-FA2C-4936-B843-42C90D543D58}: The user Jon-PC\Jon dialed a connection named StrongVPN - 309053-L2TP which has failed. The error code returned on failure is 789.
Error: (08/17/2014 01:35:21 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={46976D27-F1C9-4741-8362-5F337D217AC4}: The user Jon-PC\Jon dialed a connection named StrongVPN - 309053-L2TP which has failed. The error code returned on failure is 789.
Error: (08/17/2014 01:34:15 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={21105392-C52F-45D0-9FD8-213F311FAEE6}: The user Jon-PC\Jon dialed a connection named StrongVPN - 309053-L2TP which has failed. The error code returned on failure is 789.
Error: (08/17/2014 01:33:09 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={5C210B7C-5830-4346-8EFE-C7319C5780AB}: The user Jon-PC\Jon dialed a connection named StrongVPN - 309053-L2TP which has failed. The error code returned on failure is 789.
Error: (08/17/2014 01:32:03 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={B4D37B11-FCCF-4A72-BE89-72BFA87CD193}: The user Jon-PC\Jon dialed a connection named StrongVPN - 309053-L2TP which has failed. The error code returned on failure is 789.
System errors:
=============
Error: (08/17/2014 09:21:57 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:57 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:57 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:41 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:41 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:33 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:33 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:33 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:33 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Error: (08/17/2014 09:21:31 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume D:.
Microsoft Office Sessions:
=========================
Error: (08/17/2014 09:13:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: uTorrent.exe3.4.2.321266b001cfb9b82a8e0d0714C:\Users\Jon\AppData\Roaming\uTorrent\uTorrent.exea1361652-25ab-11e4-8247-b90948f4e8f7
Error: (08/17/2014 09:10:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2014 01:39:45 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {17B18D64-9AAD-4555-A687-810E9B270415}Jon-PC\JonStrongVPN - 309053-L2TP789
Error: (08/17/2014 01:38:39 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {05759DB9-D6FD-4400-8CD8-2340D38632EC}Jon-PC\JonStrongVPN - 309053-L2TP789
Error: (08/17/2014 01:37:33 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {9E89E653-7818-4DA3-91CC-CD100BC5378C}Jon-PC\JonStrongVPN - 309053-L2TP789
Error: (08/17/2014 01:36:27 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {53BC09E9-FA2C-4936-B843-42C90D543D58}Jon-PC\JonStrongVPN - 309053-L2TP789
Error: (08/17/2014 01:35:21 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {46976D27-F1C9-4741-8362-5F337D217AC4}Jon-PC\JonStrongVPN - 309053-L2TP789
Error: (08/17/2014 01:34:15 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {21105392-C52F-45D0-9FD8-213F311FAEE6}Jon-PC\JonStrongVPN - 309053-L2TP789
Error: (08/17/2014 01:33:09 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {5C210B7C-5830-4346-8EFE-C7319C5780AB}Jon-PC\JonStrongVPN - 309053-L2TP789
Error: (08/17/2014 01:32:03 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {B4D37B11-FCCF-4A72-BE89-72BFA87CD193}Jon-PC\JonStrongVPN - 309053-L2TP789
CodeIntegrity Errors:
===================================
Date: 2014-05-27 11:23:08.443
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-05-27 11:23:08.409
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i7-3740QM CPU @ 2.70GHz
Percentage of memory in use: 41%
Total physical RAM: 8074.31 MB
Available physical RAM: 4692.05 MB
Total Pagefile: 16146.8 MB
Available Pagefile: 12662.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:452.1 GB) (Free:22.71 GB) NTFS
Drive e: (DATAPART2) (Fixed) (Total:59.62 GB) (Free:59.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 8443CBBC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8443CF76)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 8443CF64)
Partition 1: (Not Active) - (Size=59.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-17 09:26:18
-----------------------------
09:26:18.149 OS Version: Windows x64 6.1.7601 Service Pack 1
09:26:18.149 Number of processors: 8 586 0x3A09
09:26:18.150 ComputerName: JON-PC UserName: Jon
09:26:19.580 Initialize success
09:26:19.619 VM: initialized successfully
09:26:19.684 VM: Intel CPU supported
09:26:26.013 VM: disk I/O iaStorA.sys
09:26:43.094 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\000000a2
09:26:43.098 Disk 0 Vendor: ATA_____ A500 Size: 476940MB BusType: 8
09:26:43.103 Disk 1 \Device\Harddisk1\DR1 -> \Device\000000a3
09:26:43.108 Disk 1 Vendor: ATA_____ A500 Size: 476940MB BusType: 8
09:26:43.113 Disk 2 \Device\Harddisk2\DR2 -> \Device\000000a5
09:26:43.118 Disk 2 Vendor: ATA_____ 3D1Q Size: 61057MB BusType: 8
09:26:43.234 Disk 0 MBR read error 0
09:26:43.240 Disk 0 MBR scan
09:26:43.246 Disk 0 unknown MBR code
09:26:43.252 MBR BIOS signature not found 0
09:26:43.499 Disk 0 scanning C:\Windows\system32\drivers
09:26:49.160 Service scanning
09:27:03.785 Modules scanning
09:27:03.795 Disk 0 trace - called modules:
09:27:03.841 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
09:27:03.849 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800844c790]
09:27:03.856 3 CLASSPNP.SYS[fffff880017a643f] -> nt!IofCallDriver -> [0xfffffa8008394a90]
09:27:03.863 5 iaStorF.sys[fffff880019a39a0] -> nt!IofCallDriver -> \Device\000000a2[0xfffffa8007dc79c0]
09:27:03.872 Scan finished successfully
09:27:14.727 Disk 0 MBR has been saved successfully to "C:\Users\Jon\Desktop\MBR.dat"
09:27:14.736 The log file has been saved successfully to "C:\Users\Jon\Desktop\aswMBR.txt"