Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Jeannie (administrator) on PC on 14-09-2014 13:42:53
Running from C:\Users\Jeannie\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Thisisu) C:\Users\Jeannie\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-10] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - URL
http://www.trovigo.com/Results.aspx...-4831-8CCD-FF0BA4A205FA&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON
http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 61.9.133.193 61.9.211.33
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-10]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 4283AC5D8092679787ADC63C4A6901F7DBC82EEE04E2B0C446490641C787E34F
CHR DefaultSearchURL: Default -> BFBFADCA14A6F56252F957027376ED2694E20922DA47CA937B7376221CF7C2A5
CHR Profile: C:\Users\Jeannie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Jeannie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jeannie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (avast! Online Security) - C:\Users\Jeannie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-10]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Jeannie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-25]
CHR Extension: (StayFocusd) - C:\Users\Jeannie\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2014-05-25]
CHR Extension: (Google Wallet) - C:\Users\Jeannie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]
CHR Extension: (Battlefield Play4Free) - C:\Users\Jeannie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-05-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-10] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
S4 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-14] () [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-30] ()
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [218248 2013-02-22] (Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-08-04] (SolidWorks) [File not signed]
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-30] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-10] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-10] ()
S3 Ctxusbr; C:\Windows\System32\DRIVERS\ctxusbr.sys [70048 2013-06-04] (Citrix Systems, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [33512 2014-09-11] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 13:42 - 2014-09-14 13:43 - 00021027 _____ () C:\Users\Jeannie\Downloads\FRST.txt
2014-09-14 13:42 - 2014-09-14 13:42 - 00000000 ____D () C:\FRST
2014-09-14 13:41 - 2014-09-14 13:42 - 02105856 _____ (Farbar) C:\Users\Jeannie\Downloads\FRST64.exe
2014-09-14 13:39 - 2014-09-14 13:39 - 00004093 _____ () C:\Users\Jeannie\Desktop\JRT.txt
2014-09-14 13:32 - 2014-09-14 13:32 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 13:29 - 2014-09-14 13:30 - 01016261 _____ (Thisisu) C:\Users\Jeannie\Downloads\JRT.exe
2014-09-14 13:14 - 2014-09-14 13:14 - 01373475 _____ () C:\Users\Jeannie\Downloads\adwcleaner_3.310.exe
2014-09-14 11:38 - 2014-09-14 11:38 - 00000000 _____ () C:\Users\Jeannie\AppData\Local\Temptable.xml
2014-09-13 17:54 - 2014-09-13 17:54 - 02041717 _____ () C:\Users\Jeannie\Downloads\I5-lotus blossom-A0 2.ai
2014-09-13 15:09 - 2014-09-13 15:09 - 00059904 _____ () C:\Users\Jeannie\Downloads\ASSEMBLY PART.sldasm
2014-09-13 15:08 - 2014-09-13 15:09 - 01605207 _____ () C:\Users\Jeannie\Downloads\Chain Saw of Saeed Nadri.3dxml
2014-09-13 15:07 - 2014-09-13 15:08 - 01603284 _____ () C:\Users\Jeannie\Downloads\Chain Saw of Saeed Nadri.rar
2014-09-13 14:56 - 2014-09-13 14:56 - 01634304 _____ () C:\Users\Jeannie\Downloads\ASSEMBLY PART.prt
2014-09-13 13:39 - 2014-09-13 13:39 - 00000000 ___RD () C:\Users\Jeannie\Creative Cloud Files
2014-09-13 13:34 - 2014-09-13 13:34 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-13 13:34 - 2014-09-13 13:34 - 00001301 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-13 13:17 - 2014-09-13 13:20 - 53565824 _____ (Citrix Systems, Inc.) C:\Users\Jeannie\Downloads\CitrixOnlinePluginWeb (2).exe
2014-09-13 12:05 - 2014-09-13 12:05 - 01648233 _____ () C:\Users\Jeannie\Downloads\I5-lotus blossom-A0.ai
2014-09-12 14:12 - 2014-09-12 14:12 - 02712169 _____ () C:\Users\Jeannie\Downloads\12,000 Wallpaper Dump - Imgur.zip
2014-09-12 13:25 - 2014-09-12 13:25 - 00000282 _____ () C:\Users\Jeannie\Downloads\chat_transcript.txt
2014-09-12 12:31 - 2014-09-12 12:31 - 00025014 _____ () C:\ComboFix.txt
2014-09-12 12:13 - 2014-09-12 12:14 - 05577449 ____R (Swearware) C:\Users\Jeannie\Downloads\ComboFix.exe
2014-09-11 20:12 - 2014-09-11 20:24 - 32516515 _____ () C:\Users\Jeannie\Downloads\Black & Decker Drill.rar
2014-09-11 20:08 - 2014-09-11 20:17 - 15444658 _____ () C:\Users\Jeannie\Downloads\t.zip
2014-09-11 19:44 - 2014-09-11 19:49 - 13991424 _____ () C:\Users\Jeannie\Downloads\boormachine.SLDPRT
2014-09-11 16:42 - 2014-09-11 17:12 - 00000008 ____H () C:\Users\Jeannie\Downloads\~$drill 3.SLDPRT
2014-09-11 16:37 - 2014-09-11 16:41 - 32381952 _____ () C:\Users\Jeannie\Downloads\drill 3.SLDPRT
2014-09-11 14:03 - 2014-09-11 14:27 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-11 14:03 - 2014-09-11 14:03 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 14:02 - 2014-09-11 14:27 - 00000000 ____D () C:\Users\Jeannie\Desktop\mbar
2014-09-11 14:02 - 2014-09-11 14:02 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-11 13:59 - 2014-09-11 14:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Jeannie\Downloads\mbar-1.07.0.1012.exe
2014-09-11 13:48 - 2014-09-11 13:48 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-11 13:48 - 2014-09-11 13:48 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-11 13:44 - 2014-09-11 13:45 - 04859480 _____ () C:\Users\Jeannie\Downloads\RogueKiller.exe
2014-09-10 21:10 - 2014-09-10 21:10 - 00284960 _____ () C:\Windows\Minidump\091014-41418-01.dmp
2014-09-10 21:00 - 2014-09-10 21:00 - 00281216 _____ () C:\Windows\Minidump\091014-38204-01.dmp
2014-09-10 20:58 - 2014-09-10 20:58 - 00284960 _____ () C:\Windows\Minidump\091014-41543-01.dmp
2014-09-10 19:42 - 2014-09-10 19:42 - 00023604 _____ () C:\Users\Jeannie\Desktop\dds.txt
2014-09-10 19:42 - 2014-09-10 19:42 - 00016752 _____ () C:\Users\Jeannie\Desktop\attach.txt
2014-09-10 19:39 - 2014-09-10 19:39 - 00688992 ____R (Swearware) C:\Users\Jeannie\Downloads\dds.com
2014-09-10 19:30 - 2014-09-10 19:30 - 00281952 _____ () C:\Windows\Minidump\091014-18501-01.dmp
2014-09-10 18:55 - 2014-09-10 18:55 - 00281168 _____ () C:\Windows\Minidump\091014-26925-01.dmp
2014-09-10 18:53 - 2014-09-10 18:53 - 00281632 _____ () C:\Windows\Minidump\091014-23212-01.dmp
2014-09-10 18:48 - 2014-09-10 18:48 - 00281160 _____ () C:\Windows\Minidump\091014-18579-01.dmp
2014-09-10 18:45 - 2014-09-10 18:45 - 00281160 _____ () C:\Windows\Minidump\091014-18766-01.dmp
2014-09-10 18:42 - 2014-09-10 18:42 - 00281528 _____ () C:\Windows\Minidump\091014-21980-01.dmp
2014-09-10 18:39 - 2014-09-10 18:39 - 00284960 _____ () C:\Windows\Minidump\091014-19578-01.dmp
2014-09-10 18:01 - 2014-09-10 21:10 - 00000000 ____D () C:\Windows\Minidump
2014-09-10 18:01 - 2014-09-10 21:09 - 583983296 _____ () C:\Windows\MEMORY.DMP
2014-09-10 18:01 - 2014-09-10 18:01 - 00284960 _____ () C:\Windows\Minidump\091014-20841-01.dmp
2014-09-10 17:55 - 2014-09-11 14:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 17:53 - 2014-09-10 17:53 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\AVAST Software
2014-09-10 17:52 - 2014-09-13 12:01 - 00002224 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-10 17:52 - 2014-09-10 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-10 17:51 - 2014-09-13 13:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-10 17:51 - 2014-09-10 17:51 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-10 17:51 - 2014-09-10 17:50 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-10 17:51 - 2014-09-10 17:50 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-10 17:51 - 2014-09-10 17:50 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-10 17:51 - 2014-09-10 17:50 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-10 17:51 - 2014-09-10 17:50 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-10 17:51 - 2014-09-10 17:50 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-10 17:51 - 2014-09-10 17:50 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-10 17:51 - 2014-09-10 17:50 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-10 17:50 - 2014-09-10 17:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-10 17:49 - 2014-09-10 17:49 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-10 17:48 - 2014-09-10 17:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-10 17:46 - 2014-09-10 17:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jeannie\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 17:39 - 2014-09-10 17:47 - 91906368 _____ (AVAST Software) C:\Users\Jeannie\Downloads\avast_free_antivirus_setup.exe
2014-09-09 18:12 - 2014-09-09 18:12 - 00136192 _____ () C:\Users\Jeannie\Downloads\washer 1 mm (1).SLDDRW
2014-09-05 23:17 - 2014-09-05 23:18 - 06194688 _____ () C:\Users\Jeannie\Downloads\attachments.zip
2014-09-05 23:10 - 2014-09-05 23:10 - 00136192 _____ () C:\Users\Jeannie\Downloads\washer 1 mm.SLDDRW
2014-09-05 23:05 - 2014-09-05 23:05 - 00136192 _____ () C:\Users\Jeannie\Downloads\washer (1).SLDDRW
2014-09-05 23:04 - 2014-09-05 23:04 - 00136192 _____ () C:\Users\Jeannie\Downloads\washer.SLDDRW
2014-09-04 23:46 - 2014-09-04 23:46 - 00334439 _____ () C:\Users\Jeannie\Downloads\P01andP07(600x800 mdf) (1).ai
2014-09-04 21:39 - 2014-09-04 21:39 - 00000000 ____D () C:\Users\Jeannie\Documents\Sustainabilty 2 group.Data
2014-09-04 21:39 - 2014-09-04 21:39 - 00000000 _____ () C:\Users\Jeannie\Documents\Sustainabilty 2 group.enl
2014-09-04 15:38 - 2014-09-04 15:38 - 00334439 _____ () C:\Users\Jeannie\Downloads\P01andP07(600x800 mdf).ai
2014-09-03 23:19 - 2014-09-14 13:21 - 00000000 ____D () C:\AdwCleaner
2014-09-03 23:19 - 2014-09-03 23:19 - 01370467 _____ () C:\Users\Jeannie\Downloads\adwcleaner_3.309.exe
2014-08-30 23:37 - 2014-08-30 23:39 - 29147688 _____ () C:\Users\Jeannie\Downloads\SolidWorksSetup (3).exe
2014-08-30 20:21 - 2014-08-30 20:21 - 00000222 _____ () C:\Users\Jeannie\Desktop\Heroes & Generals.url
2014-08-30 17:47 - 2014-08-30 17:47 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-30 17:47 - 2014-08-30 17:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-30 17:45 - 2014-08-30 17:45 - 04901352 _____ (Piriform Ltd) C:\Users\Jeannie\Downloads\ccsetup417.exe
2014-08-29 14:19 - 2014-08-29 14:19 - 00001268 _____ () C:\Users\Jeannie\Desktop\Revo Uninstaller.lnk
2014-08-29 14:19 - 2014-08-29 14:19 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-29 14:18 - 2014-08-29 14:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jeannie\Downloads\revosetup.exe
2014-08-29 14:14 - 2014-08-29 14:14 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-29 14:01 - 2011-06-26 16:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-29 14:01 - 2010-11-08 03:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-29 14:01 - 2009-04-20 14:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-29 14:01 - 2000-08-31 10:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-29 14:01 - 2000-08-31 10:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-29 14:01 - 2000-08-31 10:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-29 14:01 - 2000-08-31 10:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-29 14:01 - 2000-08-31 10:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-29 14:00 - 2014-09-12 12:31 - 00000000 ____D () C:\Qoobox
2014-08-29 13:43 - 2014-08-29 13:43 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Jeannie\Downloads\tdsskiller.exe
2014-08-29 13:41 - 2014-08-29 14:11 - 00000000 ____D () C:\Windows\erdnt
2014-08-29 13:37 - 2014-08-29 13:38 - 05576029 ____R (Swearware) C:\Users\Jeannie\Downloads\Comfis.exe
2014-08-29 13:29 - 2014-08-29 13:30 - 04862664 _____ (AVAST Software) C:\Users\Jeannie\Downloads\avast_free_antivirus_setup_online (2).exe
2014-08-29 13:26 - 2014-08-29 13:30 - 04862664 _____ (AVAST Software) C:\Users\Jeannie\Downloads\avast_free_antivirus_setup_online (1).exe
2014-08-29 13:26 - 2014-08-29 13:29 - 04862664 _____ (AVAST Software) C:\Users\Jeannie\Downloads\avast_free_antivirus_setup_online.exe
2014-08-27 19:24 - 2014-09-10 18:00 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\Saguxun
2014-08-27 19:20 - 2014-08-27 19:25 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\Peuwe
2014-08-26 11:25 - 2014-08-26 11:25 - 00009552 _____ () C:\Users\Jeannie\Downloads\ThirdAngleProjectionBlock.zip
2014-08-25 23:27 - 2014-08-25 23:31 - 00000000 ____D () C:\Users\Jeannie\Desktop\Sust submit
2014-08-23 23:03 - 2014-08-23 23:04 - 00152576 _____ () C:\Users\Jeannie\Downloads\3rd Angle Sketched Symbol.idw
2014-08-21 21:55 - 2014-08-23 22:18 - 00013225 _____ () C:\Users\Jeannie\Downloads\Water bottle use at Festivals (Responses).xlsx
2014-08-21 15:02 - 2014-08-22 16:28 - 00015294 _____ () C:\Users\Jeannie\Documents\Sustainability.enl
2014-08-21 15:02 - 2014-08-21 15:02 - 00000000 ____D () C:\Users\Jeannie\Documents\Sustainability.Data
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 13:43 - 2014-09-14 13:42 - 00021027 _____ () C:\Users\Jeannie\Downloads\FRST.txt
2014-09-14 13:42 - 2014-09-14 13:42 - 00000000 ____D () C:\FRST
2014-09-14 13:42 - 2014-09-14 13:41 - 02105856 _____ (Farbar) C:\Users\Jeannie\Downloads\FRST64.exe
2014-09-14 13:39 - 2014-09-14 13:39 - 00004093 _____ () C:\Users\Jeannie\Desktop\JRT.txt
2014-09-14 13:32 - 2014-09-14 13:32 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 13:31 - 2009-07-14 14:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-14 13:31 - 2009-07-14 14:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-14 13:30 - 2014-09-14 13:29 - 01016261 _____ (Thisisu) C:\Users\Jeannie\Downloads\JRT.exe
2014-09-14 13:28 - 2013-07-13 14:52 - 00000000 ____D () C:\Users\Jeannie\AppData\Local\Adobe
2014-09-14 13:28 - 2013-06-25 21:35 - 01500310 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 13:27 - 2014-05-21 21:49 - 00000429 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-14 13:26 - 2013-06-25 21:42 - 00000000 ____D () C:\Users\Jeannie\Documents\Youcam
2014-09-14 13:26 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-14 13:24 - 2013-06-25 21:37 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 13:23 - 2010-11-21 13:47 - 00080250 _____ () C:\Windows\PFRO.log
2014-09-14 13:23 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 13:23 - 2009-07-14 14:51 - 00084873 _____ () C:\Windows\setupact.log
2014-09-14 13:21 - 2014-09-03 23:19 - 00000000 ____D () C:\AdwCleaner
2014-09-14 13:14 - 2014-09-14 13:14 - 01373475 _____ () C:\Users\Jeannie\Downloads\adwcleaner_3.310.exe
2014-09-14 13:14 - 2014-08-04 10:49 - 00000000 ____D () C:\Users\Jeannie\AppData\Local\TempSWBackupDirectory
2014-09-14 12:58 - 2013-06-25 21:37 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 12:54 - 2013-10-12 15:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-14 11:38 - 2014-09-14 11:38 - 00000000 _____ () C:\Users\Jeannie\AppData\Local\Temptable.xml
2014-09-14 11:09 - 2014-08-04 10:48 - 00000000 ____D () C:\Users\Jeannie\AppData\Local\SolidWorks
2014-09-14 11:09 - 2014-08-03 13:20 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\SolidWorks
2014-09-13 23:41 - 2014-02-21 20:07 - 00000000 ____D () C:\Users\Jeannie\Desktop\Pics
2014-09-13 17:54 - 2014-09-13 17:54 - 02041717 _____ () C:\Users\Jeannie\Downloads\I5-lotus blossom-A0 2.ai
2014-09-13 16:24 - 2009-07-14 15:13 - 00779018 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 15:09 - 2014-09-13 15:09 - 00059904 _____ () C:\Users\Jeannie\Downloads\ASSEMBLY PART.sldasm
2014-09-13 15:09 - 2014-09-13 15:08 - 01605207 _____ () C:\Users\Jeannie\Downloads\Chain Saw of Saeed Nadri.3dxml
2014-09-13 15:08 - 2014-09-13 15:07 - 01603284 _____ () C:\Users\Jeannie\Downloads\Chain Saw of Saeed Nadri.rar
2014-09-13 14:56 - 2014-09-13 14:56 - 01634304 _____ () C:\Users\Jeannie\Downloads\ASSEMBLY PART.prt
2014-09-13 13:39 - 2014-09-13 13:39 - 00000000 ___RD () C:\Users\Jeannie\Creative Cloud Files
2014-09-13 13:39 - 2013-06-25 21:39 - 00000000 ____D () C:\Users\Jeannie
2014-09-13 13:37 - 2014-09-10 17:51 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-13 13:34 - 2014-09-13 13:34 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-13 13:34 - 2014-09-13 13:34 - 00001301 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-13 13:34 - 2014-08-04 04:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 13:33 - 2012-07-10 06:44 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-13 13:20 - 2014-09-13 13:17 - 53565824 _____ (Citrix Systems, Inc.) C:\Users\Jeannie\Downloads\CitrixOnlinePluginWeb (2).exe
2014-09-13 12:05 - 2014-09-13 12:05 - 01648233 _____ () C:\Users\Jeannie\Downloads\I5-lotus blossom-A0.ai
2014-09-13 12:01 - 2014-09-10 17:52 - 00002224 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-13 12:01 - 2013-11-24 16:10 - 00002100 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-09-12 14:12 - 2014-09-12 14:12 - 02712169 _____ () C:\Users\Jeannie\Downloads\12,000 Wallpaper Dump - Imgur.zip
2014-09-12 13:25 - 2014-09-12 13:25 - 00000282 _____ () C:\Users\Jeannie\Downloads\chat_transcript.txt
2014-09-12 12:31 - 2014-09-12 12:31 - 00025014 _____ () C:\ComboFix.txt
2014-09-12 12:31 - 2014-08-29 14:00 - 00000000 ____D () C:\Qoobox
2014-09-12 12:29 - 2009-07-14 12:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-12 12:14 - 2014-09-12 12:13 - 05577449 ____R (Swearware) C:\Users\Jeannie\Downloads\ComboFix.exe
2014-09-11 20:24 - 2014-09-11 20:12 - 32516515 _____ () C:\Users\Jeannie\Downloads\Black & Decker Drill.rar
2014-09-11 20:17 - 2014-09-11 20:08 - 15444658 _____ () C:\Users\Jeannie\Downloads\t.zip
2014-09-11 19:49 - 2014-09-11 19:44 - 13991424 _____ () C:\Users\Jeannie\Downloads\boormachine.SLDPRT
2014-09-11 18:17 - 2014-08-09 02:30 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\Luxology
2014-09-11 18:01 - 2014-03-11 18:30 - 00000000 ____D () C:\Users\Jeannie\AppData\Local\Windows Live
2014-09-11 17:12 - 2014-09-11 16:42 - 00000008 ____H () C:\Users\Jeannie\Downloads\~$drill 3.SLDPRT
2014-09-11 16:41 - 2014-09-11 16:37 - 32381952 _____ () C:\Users\Jeannie\Downloads\drill 3.SLDPRT
2014-09-11 14:27 - 2014-09-11 14:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-11 14:27 - 2014-09-11 14:02 - 00000000 ____D () C:\Users\Jeannie\Desktop\mbar
2014-09-11 14:03 - 2014-09-11 14:03 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 14:03 - 2014-09-10 17:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-11 14:02 - 2014-09-11 14:02 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-11 14:01 - 2014-09-11 13:59 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Jeannie\Downloads\mbar-1.07.0.1012.exe
2014-09-11 13:48 - 2014-09-11 13:48 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-11 13:48 - 2014-09-11 13:48 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-11 13:45 - 2014-09-11 13:44 - 04859480 _____ () C:\Users\Jeannie\Downloads\RogueKiller.exe
2014-09-10 21:10 - 2014-09-10 21:10 - 00284960 _____ () C:\Windows\Minidump\091014-41418-01.dmp
2014-09-10 21:10 - 2014-09-10 18:01 - 00000000 ____D () C:\Windows\Minidump
2014-09-10 21:09 - 2014-09-10 18:01 - 583983296 _____ () C:\Windows\MEMORY.DMP
2014-09-10 21:00 - 2014-09-10 21:00 - 00281216 _____ () C:\Windows\Minidump\091014-38204-01.dmp
2014-09-10 20:58 - 2014-09-10 20:58 - 00284960 _____ () C:\Windows\Minidump\091014-41543-01.dmp
2014-09-10 19:42 - 2014-09-10 19:42 - 00023604 _____ () C:\Users\Jeannie\Desktop\dds.txt
2014-09-10 19:42 - 2014-09-10 19:42 - 00016752 _____ () C:\Users\Jeannie\Desktop\attach.txt
2014-09-10 19:39 - 2014-09-10 19:39 - 00688992 ____R (Swearware) C:\Users\Jeannie\Downloads\dds.com
2014-09-10 19:30 - 2014-09-10 19:30 - 00281952 _____ () C:\Windows\Minidump\091014-18501-01.dmp
2014-09-10 19:25 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PLA
2014-09-10 19:01 - 2013-06-25 21:37 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-10 18:55 - 2014-09-10 18:55 - 00281168 _____ () C:\Windows\Minidump\091014-26925-01.dmp
2014-09-10 18:53 - 2014-09-10 18:53 - 00281632 _____ () C:\Windows\Minidump\091014-23212-01.dmp
2014-09-10 18:48 - 2014-09-10 18:48 - 00281160 _____ () C:\Windows\Minidump\091014-18579-01.dmp
2014-09-10 18:45 - 2014-09-10 18:45 - 00281160 _____ () C:\Windows\Minidump\091014-18766-01.dmp
2014-09-10 18:42 - 2014-09-10 18:42 - 00281528 _____ () C:\Windows\Minidump\091014-21980-01.dmp
2014-09-10 18:39 - 2014-09-10 18:39 - 00284960 _____ () C:\Windows\Minidump\091014-19578-01.dmp
2014-09-10 18:01 - 2014-09-10 18:01 - 00284960 _____ () C:\Windows\Minidump\091014-20841-01.dmp
2014-09-10 18:00 - 2014-08-27 19:24 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\Saguxun
2014-09-10 17:53 - 2014-09-10 17:53 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\AVAST Software
2014-09-10 17:52 - 2014-09-10 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-10 17:51 - 2014-09-10 17:51 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-10 17:50 - 2014-09-10 17:51 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-10 17:50 - 2014-09-10 17:51 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-10 17:50 - 2014-09-10 17:51 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-10 17:50 - 2014-09-10 17:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-10 17:50 - 2014-09-10 17:51 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-10 17:50 - 2014-09-10 17:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-10 17:50 - 2014-09-10 17:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-10 17:50 - 2014-09-10 17:51 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-10 17:50 - 2014-09-10 17:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-10 17:50 - 2014-09-10 17:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jeannie\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 17:49 - 2014-09-10 17:49 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-10 17:49 - 2014-09-10 17:48 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-10 17:47 - 2014-09-10 17:39 - 91906368 _____ (AVAST Software) C:\Users\Jeannie\Downloads\avast_free_antivirus_setup.exe
2014-09-10 14:05 - 2014-05-29 21:54 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\Skype
2014-09-09 18:12 - 2014-09-09 18:12 - 00136192 _____ () C:\Users\Jeannie\Downloads\washer 1 mm (1).SLDDRW
2014-09-06 00:10 - 2014-08-09 12:28 - 00000000 ____D () C:\Users\Jeannie\AppData\Local\CrashDumps
2014-09-05 23:18 - 2014-09-05 23:17 - 06194688 _____ () C:\Users\Jeannie\Downloads\attachments.zip
2014-09-05 23:10 - 2014-09-05 23:10 - 00136192 _____ () C:\Users\Jeannie\Downloads\washer 1 mm.SLDDRW
2014-09-05 23:05 - 2014-09-05 23:05 - 00136192 _____ () C:\Users\Jeannie\Downloads\washer (1).SLDDRW
2014-09-05 23:04 - 2014-09-05 23:04 - 00136192 _____ () C:\Users\Jeannie\Downloads\washer.SLDDRW
2014-09-04 23:46 - 2014-09-04 23:46 - 00334439 _____ () C:\Users\Jeannie\Downloads\P01andP07(600x800 mdf) (1).ai
2014-09-04 21:39 - 2014-09-04 21:39 - 00000000 ____D () C:\Users\Jeannie\Documents\Sustainabilty 2 group.Data
2014-09-04 21:39 - 2014-09-04 21:39 - 00000000 _____ () C:\Users\Jeannie\Documents\Sustainabilty 2 group.enl
2014-09-04 15:38 - 2014-09-04 15:38 - 00334439 _____ () C:\Users\Jeannie\Downloads\P01andP07(600x800 mdf).ai
2014-09-03 23:19 - 2014-09-03 23:19 - 01370467 _____ () C:\Users\Jeannie\Downloads\adwcleaner_3.309.exe
2014-09-02 17:45 - 2014-06-05 12:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-31 00:06 - 2014-08-04 04:44 - 00000000 ____D () C:\ProgramData\DassaultSystemes
2014-08-31 00:02 - 2014-08-04 04:35 - 00002727 _____ () C:\Users\Public\Desktop\SolidWorks 2013 x64 Edition.lnk
2014-08-31 00:02 - 2014-08-04 04:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2013
2014-08-30 23:44 - 2014-08-04 04:14 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-08-30 23:42 - 2014-08-04 04:24 - 00000000 ____D () C:\Program Files\SolidWorks Corp
2014-08-30 23:41 - 2014-08-04 04:24 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared
2014-08-30 23:39 - 2014-08-30 23:37 - 29147688 _____ () C:\Users\Jeannie\Downloads\SolidWorksSetup (3).exe
2014-08-30 20:37 - 2012-07-06 06:02 - 00029035 _____ () C:\Windows\DirectX.log
2014-08-30 20:21 - 2014-08-30 20:21 - 00000222 _____ () C:\Users\Jeannie\Desktop\Heroes & Generals.url
2014-08-30 17:47 - 2014-08-30 17:47 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-30 17:47 - 2014-08-30 17:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-30 17:45 - 2014-08-30 17:45 - 04901352 _____ (Piriform Ltd) C:\Users\Jeannie\Downloads\ccsetup417.exe
2014-08-29 14:19 - 2014-08-29 14:19 - 00001268 _____ () C:\Users\Jeannie\Desktop\Revo Uninstaller.lnk
2014-08-29 14:19 - 2014-08-29 14:19 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-29 14:18 - 2014-08-29 14:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jeannie\Downloads\revosetup.exe
2014-08-29 14:14 - 2014-08-29 14:14 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-29 14:11 - 2014-08-29 13:41 - 00000000 ____D () C:\Windows\erdnt
2014-08-29 13:43 - 2014-08-29 13:43 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Jeannie\Downloads\tdsskiller.exe
2014-08-29 13:38 - 2014-08-29 13:37 - 05576029 ____R (Swearware) C:\Users\Jeannie\Downloads\Comfis.exe
2014-08-29 13:30 - 2014-08-29 13:29 - 04862664 _____ (AVAST Software) C:\Users\Jeannie\Downloads\avast_free_antivirus_setup_online (2).exe
2014-08-29 13:30 - 2014-08-29 13:26 - 04862664 _____ (AVAST Software) C:\Users\Jeannie\Downloads\avast_free_antivirus_setup_online (1).exe
2014-08-29 13:29 - 2014-08-29 13:26 - 04862664 _____ (AVAST Software) C:\Users\Jeannie\Downloads\avast_free_antivirus_setup_online.exe
2014-08-28 14:23 - 2013-06-25 21:37 - 00000000 ____D () C:\Program Files\Google
2014-08-28 14:23 - 2013-06-25 21:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-27 22:21 - 2014-07-27 16:29 - 00000000 ____D () C:\Windows\pss
2014-08-27 20:54 - 2013-07-06 13:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 19:25 - 2014-08-27 19:20 - 00000000 ____D () C:\Users\Jeannie\AppData\Roaming\Peuwe
2014-08-26 11:26 - 2007-11-29 15:03 - 00048640 _____ () C:\Users\Jeannie\Desktop\ThirdAngleProjectionBlock.SLDBLK
2014-08-26 11:25 - 2014-08-26 11:25 - 00009552 _____ () C:\Users\Jeannie\Downloads\ThirdAngleProjectionBlock.zip
2014-08-25 23:31 - 2014-08-25 23:27 - 00000000 ____D () C:\Users\Jeannie\Desktop\Sust submit
2014-08-25 11:46 - 2014-03-13 17:32 - 00000000 ____D () C:\Users\Jeannie\Desktop\Kyle
2014-08-24 17:51 - 2012-07-10 04:53 - 00000000 ____D () C:\ProgramData\CyberLink
2014-08-23 23:04 - 2014-08-23 23:03 - 00152576 _____ () C:\Users\Jeannie\Downloads\3rd Angle Sketched Symbol.idw
2014-08-23 22:18 - 2014-08-21 21:55 - 00013225 _____ () C:\Users\Jeannie\Downloads\Water bottle use at Festivals (Responses).xlsx
2014-08-23 21:38 - 2009-07-14 15:08 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-22 16:28 - 2014-08-21 15:02 - 00015294 _____ () C:\Users\Jeannie\Documents\Sustainability.enl
2014-08-21 15:02 - 2014-08-21 15:02 - 00000000 ____D () C:\Users\Jeannie\Documents\Sustainability.Data
2014-08-21 00:03 - 2014-03-27 22:24 - 00018474 _____ () C:\Users\Jeannie\Documents\My EndNote Library.enl
2014-08-17 20:37 - 2014-07-19 17:02 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2014-08-17 18:26 - 2014-01-20 17:17 - 00000000 ____D () C:\Users\Jeannie\Documents\My Received Files
Some content of TEMP:
====================
C:\Users\Jeannie\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\Jeannie\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-06 11:57
==================== End Of Log ============================