cxn520 Posted July 2, 2014 ID:848468 Share Posted July 2, 2014 Malware hasn't been able to update. I'm 99% sure my computer is infected, because suprasavings keeps on popping up on the websites I visit. Here are the logs, please help!!! Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014 Ran by Ceni Cen (administrator) on PC on 02-07-2014 16:07:53 Running from C:\Users\Ceni Cen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4FPD3KE Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe ( ) C:\Windows\System32\dleacoms.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Program Files\pcmax\pcmax.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe () C:\Program Files\003\vxlsnyaiet64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe () C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe () C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe (McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe (McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.) HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-15] (Intel® Corporation) HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10365952 2011-05-19] (Intel Corporation) HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055016 2011-04-29] () HKLM\...\Run: [dleamon.exe] => C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] () HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] () HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.) HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] () HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd) HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] () HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] () HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.) HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] () HKLM-x32\...\Run: [dleamon.exe] => C:\Program Files (x86) (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] () HKLM-x32\...\Run: [EzPrint] => C:\Program Files (x86) (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] () HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Dell V310-V510 Series] => C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe [316072 2011-01-23] () HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [sMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [147248 2014-02-11] (SMART Technologies) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM-x32\...\Run: [sMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [9024304 2013-11-20] (SMART Technologies ULC) HKLM-x32\...\Run: [sMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [204592 2014-02-12] (SMART Technologies) HKLM-x32\...\Run: [sMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [744752 2014-02-12] (SMART Technologies) HKLM-x32\...\Run: [sMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1933616 2014-02-12] (SMART Technologies) HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies) HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] () Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [Google Update] => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.) HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google) HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3289088 2007-11-20] (Google) HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] () HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\MountPoints2: {dae4b27d-42dd-11e1-962d-4c80936ce95d} - E:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BodyMedia Sync.lnk ShortcutTarget: BodyMedia Sync.lnk -> C:\Program Files (x86)\BodyMedia\Sync\BodyMediaSync.exe (BodyMedia, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms} SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?q={searchTerms}&src=6&q={searchTerms}&st=12&i=998&did=10874&ppd=,,,,,,,,,www.smilebox.com&barid=1523565901011287578 SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms} SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?q={searchTerms}&src=6&q={searchTerms}&st=12&i=998&did=10874&ppd=,,,,,,,,,www.smilebox.com&barid=1523565901011287578 SearchScopes: HKCU - DefaultScope {6DBF433D-8403-4E85-8B85-C525340F74F8} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = SearchScopes: HKCU - {6DBF433D-8403-4E85-8B85-C525340F74F8} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?src=6&q={searchTerms}&barid=1523565901011287578&crg=&ppd=,,,,,,,,,www.smilebox.com&st=23&i=998&did=10874 BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll () BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: No Name - {9194649F-7143-4308-90C1-D6A35B0E354E} - No File BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll () Toolbar: HKCU - No Name - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No File Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.1107 - C:\windows\system32\itruscert\NPComBrg701.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @hehehi.com/hehehi - C:\PROGRA~2\WEBQQP~1\nphehehi.dll (Shenzhen Mining Technology Co., Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ceni Cen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ceni Cen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-12-30] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-12-30] ==================== Services (Whitelisted) ================= R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed] R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed] R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed] S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed] S2 dleaCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [45224 2010-05-21] () R2 dlea_device; C:\windows\system32\dleacoms.exe [1052328 2010-05-21] ( ) R2 dlea_device; C:\windows\SysWOW64\dleacoms.exe [598696 2010-05-21] ( ) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-15] () R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed] R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2014-02-12] (SMART Technologies) R2 SupraSavingsService64; C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe [172544 2014-06-25] () [File not signed] R2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe [706560 2014-06-20] () [File not signed] ==================== Drivers (Whitelisted) ==================== R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.) R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com) S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-03-07] (SMART Technologies) R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-03-07] (SMART Technologies) S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-03-07] (SMART Technologies ULC) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-02 16:07 - 2014-07-02 16:08 - 00000000 ____D () C:\FRST 2014-07-02 12:41 - 2014-07-02 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-02 11:20 - 2014-07-02 11:21 - 00726888 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup (1).exe 2014-07-02 11:19 - 2014-07-02 11:19 - 00732728 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup.exe 2014-07-02 11:11 - 2014-07-02 11:16 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job 2014-07-02 11:11 - 2014-07-02 11:11 - 17275240 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-02 11:11 - 2014-07-02 11:11 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35 2014-06-27 14:59 - 2014-06-27 14:59 - 17273780 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012 (1).exe 2014-06-27 14:58 - 2014-06-27 14:58 - 17276700 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012.exe 2014-06-27 12:24 - 2014-06-27 12:24 - 00000000 ____D () C:\windows\Sun 2014-06-27 12:17 - 2014-06-27 12:17 - 00000020 _____ () C:\Users\Ceni Cen\Downloads\SPug 2014-06-27 11:21 - 2014-06-27 11:21 - 01075776 _____ (OR Interactive Ltd) C:\Users\Ceni Cen\Downloads\IDM2.exe 2014-06-27 10:21 - 2014-06-27 10:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF 2014-06-22 11:22 - 2014-07-02 15:27 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job 2014-06-22 11:22 - 2014-06-22 11:22 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1 2014-06-20 18:43 - 2014-06-20 18:43 - 00000047 _____ () C:\Users\Ceni Cen\AppData\Roaming\WB.CFG 2014-06-20 17:50 - 2014-07-02 15:44 - 00000000 ____D () C:\Program Files\suprasavings 2014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer 2014-06-20 17:45 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\003 2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg 2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax 2014-06-20 17:40 - 2014-06-20 17:40 - 00228728 _____ (Fusion Install ) C:\Users\Ceni Cen\Downloads\Java_Updater_Setup.exe 2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter64.sys 2014-06-11 20:32 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-06-11 20:32 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-06-11 20:32 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-06-11 20:32 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-06-11 20:32 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-06-11 20:32 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-06-11 20:32 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-06-11 20:32 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-06-11 20:32 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-06-11 20:32 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-06-11 20:32 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-06-11 20:32 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-06-11 20:32 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-06-11 20:32 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-06-11 20:32 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-06-11 20:32 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 20:32 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-06-11 20:32 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-06-11 20:32 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-06-11 20:32 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-06-11 20:32 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-06-11 20:32 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-06-11 20:32 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-06-11 20:32 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-06-11 20:32 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-06-11 20:32 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-06-11 20:32 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-06-11 20:32 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-06-11 20:32 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-06-11 20:32 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-06-11 20:32 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-06-11 20:32 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-06-11 20:32 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 20:32 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-06-11 20:32 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-06-11 20:32 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-06-11 20:32 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-06-11 20:32 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-06-11 20:32 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2014-06-11 20:32 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-06-11 20:32 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-06-11 20:32 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-06-11 20:32 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-06-11 20:32 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-06-11 20:32 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-06-11 20:32 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2014-06-11 20:32 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2014-06-11 20:32 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll 2014-06-11 20:32 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll 2014-06-11 20:32 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll 2014-06-11 20:32 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-06-11 20:32 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 20:32 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2014-06-11 20:32 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2014-06-11 20:32 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2014-06-11 20:32 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2014-06-11 20:32 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll 2014-06-11 20:32 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-06-11 20:32 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll 2014-06-11 20:32 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll 2014-06-11 20:31 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-06-11 20:31 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-06-11 20:31 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-06-11 20:31 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-06-11 20:31 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-06-11 20:31 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-06-03 18:48 - 2014-06-03 18:48 - 00155135 _____ () C:\ProgramData\SPL5F8F.tmp 2014-06-03 18:32 - 2014-06-03 18:32 - 00264971 _____ () C:\ProgramData\SPLEB1B.tmp ==================== One Month Modified Files and Folders ======= 2014-07-02 16:08 - 2014-07-02 16:07 - 00000000 ____D () C:\FRST 2014-07-02 15:48 - 2011-12-30 09:57 - 01592585 _____ () C:\windows\WindowsUpdate.log 2014-07-02 15:47 - 2012-01-05 15:48 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Nero 2014-07-02 15:44 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\suprasavings 2014-07-02 15:43 - 2013-02-11 15:18 - 00000000 ___RD () C:\Users\Ceni Cen\Google Drive 2014-07-02 15:41 - 2013-02-27 15:47 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-07-02 15:27 - 2014-06-22 11:22 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job 2014-07-02 15:16 - 2012-01-05 15:38 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA.job 2014-07-02 15:01 - 2009-07-14 01:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI 2014-07-02 13:05 - 2012-01-05 15:37 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Deployment 2014-07-02 12:45 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-02 12:45 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-02 12:41 - 2014-07-02 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-02 12:37 - 2011-12-30 10:50 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks 2014-07-02 12:37 - 2011-12-30 10:50 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks 2014-07-02 12:37 - 2011-12-30 10:40 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup 2014-07-02 12:36 - 2013-02-11 15:16 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-02 12:36 - 2012-01-19 22:05 - 00076149 _____ () C:\ProgramData\dleascan.log 2014-07-02 12:36 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-07-02 12:36 - 2009-07-14 00:51 - 00070653 _____ () C:\windows\setupact.log 2014-07-02 12:33 - 2012-01-05 15:38 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Google 2014-07-02 11:55 - 2010-11-20 23:47 - 00277456 _____ () C:\windows\PFRO.log 2014-07-02 11:21 - 2014-07-02 11:20 - 00726888 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup (1).exe 2014-07-02 11:19 - 2014-07-02 11:19 - 00732728 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup.exe 2014-07-02 11:16 - 2014-07-02 11:11 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job 2014-07-02 11:11 - 2014-07-02 11:11 - 17275240 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-02 11:11 - 2014-07-02 11:11 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35 2014-07-02 11:11 - 2012-01-05 15:38 - 00003900 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA 2014-06-27 14:59 - 2014-06-27 14:59 - 17273780 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012 (1).exe 2014-06-27 14:58 - 2014-06-27 14:58 - 17276700 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012.exe 2014-06-27 12:24 - 2014-06-27 12:24 - 00000000 ____D () C:\windows\Sun 2014-06-27 12:17 - 2014-06-27 12:17 - 00000020 _____ () C:\Users\Ceni Cen\Downloads\SPug 2014-06-27 11:21 - 2014-06-27 11:21 - 01075776 _____ (OR Interactive Ltd) C:\Users\Ceni Cen\Downloads\IDM2.exe 2014-06-27 10:24 - 2012-01-19 22:05 - 00000404 _____ () C:\ProgramData\FastPics.log 2014-06-27 10:21 - 2014-06-27 10:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF 2014-06-22 11:22 - 2014-06-22 11:22 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1 2014-06-22 11:22 - 2013-02-11 15:16 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-22 11:22 - 2012-01-05 15:48 - 00000000 ____D () C:\Temp 2014-06-20 19:49 - 2013-05-22 06:08 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask 2014-06-20 18:43 - 2014-06-20 18:43 - 00000047 _____ () C:\Users\Ceni Cen\AppData\Roaming\WB.CFG 2014-06-20 17:50 - 2014-06-20 17:45 - 00000000 ____D () C:\Program Files\003 2014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer 2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg 2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax 2014-06-20 17:40 - 2014-06-20 17:40 - 00228728 _____ (Fusion Install ) C:\Users\Ceni Cen\Downloads\Java_Updater_Setup.exe 2014-06-17 19:50 - 2013-02-11 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-06-17 08:06 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF 2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter64.sys 2014-06-12 03:10 - 2013-08-14 17:02 - 00000000 ____D () C:\windows\system32\MRT 2014-06-12 03:08 - 2012-02-24 11:40 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-06-12 03:08 - 2012-01-20 22:24 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-08 11:41 - 2012-01-19 22:05 - 00021198 _____ () C:\ProgramData\dlea.log 2014-06-07 21:38 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache 2014-06-03 20:04 - 2012-02-13 14:15 - 00166970 _____ () C:\ProgramData\dleaJSW.log 2014-06-03 18:59 - 2012-01-19 22:06 - 00000000 ____D () C:\ProgramData\DL_cats 2014-06-03 18:48 - 2014-06-03 18:48 - 00155135 _____ () C:\ProgramData\SPL5F8F.tmp 2014-06-03 18:32 - 2014-06-03 18:32 - 00264971 _____ () C:\ProgramData\SPLEB1B.tmp ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-07 21:27 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014 Ran by Ceni Cen at 2014-07-02 16:10:22 Running from C:\Users\Ceni Cen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4FPD3KE Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.) BodyMedia SYNC (x32 Version: 2.3.1.102 - BodyMedia, Inc.) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated) Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.) Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell) Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell) Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.) Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps) Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft) Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps) Dell Toolbar (HKLM-x32\...\{09B71986-2AC5-482d-B6CB-42EA34F4F85B}) (Version: 1.8.12.0 - ) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.) Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version: - Dell, Inc.) Dell V310-V510 Series (HKLM-x32\...\Dell V310-V510 Series) (Version: - Dell, Inc.) Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - ) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT) iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2466 - Bandoo Media Inc) <==== ATTENTION Intel PROSet Wireless (Version: - ) Hidden Intel PROSet Wireless (x32 Version: - ) Hidden Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Intel® WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation) Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.) Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden Nero Blu-ray Player (x32 Version: 12.0.20030 - Nero AG) Hidden Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.) PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.) QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.) Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden Roxio Burn (x32 Version: 1.8 - Roxio) Hidden Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio) Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden Roxio File Backup (Version: 1.3.2 - Roxio) Hidden SMART Chinese (Simplified) Language Pack (HKLM-x32\...\{36D626DC-33D2-4B0E-BA3A-85CF20EAC372}) (Version: 11.4.27.0 - SMART Technologies ULC) SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC) SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.723.0 - SMART Technologies ULC) SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC) SMART Product Drivers (HKLM-x32\...\{53330A17-78DE-458E-9997-292A2D6D3ADD}) (Version: 11.4.872.1 - SMART Technologies ULC) Smilebox (HKCU\...\Smilebox) (Version: 1.0.0.26929 - Smilebox, Inc.) Smilebox Bundle (HKLM-x32\...\Smilebox Bundle) (Version: 2.0.0.5 - Perion Network Ltd.) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG) SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.) TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft) Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft) Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft) Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft) WebQQÊÓƵ²å¼þ (HKLM-x32\...\WebQQÊÓƵ²å¼þ) (Version: - ) Widevine Media Optimizer Chrome 6.0.0 (HKCU\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH) ==================== Restore Points ========================= 18-04-2014 07:00:49 Windows Update 26-04-2014 01:27:36 MinitabCIA 06-05-2014 07:01:11 Windows Update 07-05-2014 07:00:29 Windows Update 16-05-2014 07:01:20 Windows Update 08-06-2014 01:34:47 Scheduled Checkpoint 12-06-2014 07:02:32 Windows Update ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {06E6F51D-8632-4F8C-AD19-EA86DAB47A81} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {2BF6B222-C3D6-40AF-B85C-2EBBDD3ADE20} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35 => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.) Task: {59014C64-B907-4F7B-843F-F01BA353407A} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe Task: {7AE8BE22-A1CA-41EC-84CC-1583009564AD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.) Task: {816A7AEA-1FF3-4D4F-8581-0E9F778A1F8D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.) Task: {890A420A-80D7-4DFD-990B-90B27D9F6F4F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated) Task: {984F9537-7FC7-42D2-AB03-2CE084E7A2B7} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.) Task: {CBCE2D9D-AA03-4E44-BE0B-422726FED0E4} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.) Task: {CC0E6BAC-2B42-42C3-935A-6B4633C81777} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.) Task: {CDFA340D-4694-4FFA-91F4-BD88B3F7139B} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] () <==== ATTENTION Task: {F5596B1E-9698-42C4-80AD-BFA85A35135D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.) Task: {FDB9D482-5637-4E04-980A-F9E6756A0C78} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA.job => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2012-02-13 14:05 - 2009-12-31 02:17 - 00053760 _____ () C:\windows\System32\DLEAPMON.DLL 2012-02-13 14:05 - 2009-01-13 09:15 - 05709824 _____ () C:\windows\System32\DLEAOEM.DLL 2012-01-26 00:45 - 2009-11-04 09:17 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\dleadrpp.dll 2012-01-19 21:55 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll 2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2014-05-29 07:16 - 2014-05-29 07:16 - 00241344 _____ () C:\Program Files\pcmax\pcmax.exe 2014-06-25 13:58 - 2014-06-25 13:58 - 00172544 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe 2014-06-12 15:05 - 2014-06-12 15:05 - 00110080 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\nfapi.dll 2014-06-12 15:05 - 2014-06-12 15:05 - 00456192 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\ProtocolFilters.dll 2014-06-20 17:50 - 2014-06-20 17:50 - 00706560 _____ () C:\Program Files\003\vxlsnyaiet64.exe 2011-12-30 11:35 - 2011-04-10 14:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2012-02-13 14:03 - 2011-01-23 21:22 - 00770728 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe 2012-02-13 14:03 - 2011-01-23 21:22 - 00139944 _____ () C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe 2011-12-30 10:40 - 2011-08-18 12:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2010-11-17 12:35 - 2010-11-17 12:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe 2011-04-29 20:18 - 2011-04-29 20:18 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe 2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-02-13 14:02 - 2009-11-26 04:49 - 00086180 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacfg.dll 2012-02-13 14:03 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleascw.dll 2012-02-13 14:03 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleadatr.dll 2012-02-13 14:03 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaDRS.dll 2012-02-13 14:03 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacaps.dll 2012-02-13 14:03 - 2009-03-05 13:55 - 00059904 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacnv4.dll 2009-02-20 09:50 - 2009-02-20 09:50 - 00381440 _____ () C:\windows\system32\dleasm.dll 2009-02-20 09:50 - 2009-02-20 09:50 - 00028672 _____ () C:\windows\system32\dleasmr.dll 2012-02-13 14:03 - 2009-06-22 09:08 - 00708608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epwizard.DLL 2012-02-13 14:03 - 2009-06-22 09:06 - 00159744 _____ () C:\Program Files (x86)\Dell V310-V510 Series\customui.dll 2012-02-13 14:03 - 2009-06-22 09:06 - 00114688 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Eputil.DLL 2012-02-13 14:03 - 2009-06-22 09:05 - 00139264 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Imagutil.DLL 2012-02-13 14:03 - 2009-06-22 09:06 - 00061440 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epfunct.DLL 2012-02-13 14:03 - 2009-06-22 09:08 - 02203648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPWizRes.dll 2012-02-13 14:03 - 2009-06-22 09:08 - 00045056 _____ () C:\Program Files (x86)\Dell V310-V510 Series\epstring.dll 2012-02-13 14:03 - 2009-06-22 09:08 - 00196608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPOEMDll.dll 2012-02-13 14:03 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Dell V310-V510 Series\iptk.dll 2012-02-13 14:03 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaptp.dll 2014-07-02 12:36 - 2014-07-02 12:36 - 00098816 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32api.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00110080 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pywintypes27.dll 2014-07-02 12:36 - 2014-07-02 12:36 - 00364544 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pythoncom27.dll 2014-07-02 12:36 - 2014-07-02 12:36 - 00045568 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_socket.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 01160704 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_ssl.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00320512 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32com.shell.shell.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00713216 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_hashlib.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 01175040 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._core_.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00805888 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._gdi_.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00811008 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._windows_.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 01062400 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._controls_.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00735232 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._misc_.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00128512 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_elementtree.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00127488 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pyexpat.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00557056 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pysqlite2._sqlite.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00007168 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\hashobjs_ext.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00087552 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_ctypes.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00119808 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32file.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00108544 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32security.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00018432 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32event.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00038912 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32inet.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00070656 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._html2.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00167936 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32gui.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00011264 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32crypt.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00027136 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_multiprocessing.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00122368 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._wizard.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00010240 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\select.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00024064 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32pipe.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00686080 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\unicodedata.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00025600 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32pdh.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00525640 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\windows._lib_cacheinvalidation.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00035840 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32process.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00017408 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32profile.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00022528 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32ts.pyd 2014-07-02 12:36 - 2014-07-02 12:36 - 00078336 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._animate.pyd 2010-11-25 00:44 - 2010-11-25 00:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll 2011-04-29 20:13 - 2011-04-29 20:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll 2011-04-29 20:13 - 2011-04-29 20:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll 2013-08-22 19:43 - 2013-08-22 19:43 - 00272688 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node 2013-08-22 19:44 - 2013-08-22 19:44 - 00039216 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node 2013-08-22 19:44 - 2013-08-22 19:44 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node 2013-08-22 19:44 - 2013-08-22 19:44 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node 2013-08-22 19:44 - 2013-08-22 19:44 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node 2014-02-13 04:47 - 2014-02-13 04:47 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll 2011-12-30 10:05 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: SMART Virtual TabletPC Description: SMART Virtual TabletPC Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: SMART Technologies ULC Service: SMARTVTabletPCx64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/02/2014 03:45:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/02/2014 03:14:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2278 Start Time: 01cf96294ec45104 Termination Time: 24 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2108837 Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2108837 Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2107729 Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2107729 Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/02/2014 02:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2106590 Error: (07/02/2014 02:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2106590 System errors: ============= Error: (07/02/2014 01:11:01 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (07/02/2014 01:04:42 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (07/02/2014 00:40:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2014 00:37:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/02/2014 00:37:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The McAfee McShield service failed to start due to the following error: %%1053 Error: (07/02/2014 00:37:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee McShield service to connect. Error: (07/02/2014 00:36:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The dleaCATSCustConnectService service failed to start due to the following error: %%1053 Error: (07/02/2014 00:36:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect. Error: (07/02/2014 11:57:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2014 11:56:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 50% Total physical RAM: 6050.05 MB Available physical RAM: 3019.08 MB Total Pagefile: 12098.29 MB Available Pagefile: 8578.82 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:683.89 GB) (Free:591.93 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 001738BE) Partition 1: (Not Active) - (Size=100 MB) - (Type=DE) Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=684 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Psychotic Posted July 3, 2014 ID:848664 Share Posted July 3, 2014 Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding. Please atatch the log files and do the following: Scan with aswMBRPlease download aswMBR ( 4.5MB ) to your desktop.Double click the aswMBR.exe icon, and click Run. There will be a short delay before the next dialog box comes up. Please just wait a minute or two. When asked if you'd like to "download the latest Avast! virus definitions", click Yes. Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready. Click the Scan button to start the scan once the update has finished downloading On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record). Link to post Share on other sites More sharing options...
cxn520 Posted July 4, 2014 Author ID:849211 Share Posted July 4, 2014 aswMBR version 1.0.1.2041 Copyright© 2014 AVAST SoftwareRun date: 2014-07-04 11:51:33-----------------------------11:51:33.724 OS Version: Windows x64 6.1.7601 Service Pack 111:51:33.724 Number of processors: 4 586 0x2A0711:51:33.728 ComputerName: PC UserName: 11:51:44.921 Initialize success11:51:45.141 VM: initialized successfully11:51:45.166 VM: Intel CPU supported 11:53:35.454 VM: supported disk I/O iaStor.sys11:55:37.860 AVAST engine defs: 1407040011:55:52.497 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-111:55:52.500 Disk 0 Vendor: ST975042 0002 Size: 715404MB BusType: 311:55:56.148 VM: Disk 0 MBR read successfully11:55:56.151 Disk 0 MBR scan11:55:56.233 Disk 0 Windows 7 default MBR code11:55:56.248 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 204811:55:56.304 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 20684811:55:56.308 Disk 0 Boot: NTFS code=111:55:56.380 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 700302 MB offset 3092684811:55:56.800 Disk 0 scanning C:\windows\system32\drivers11:56:47.750 Service scanning11:57:15.845 Service pcmaxservice C:\Program Files\pcmax\pcmax.exe **INFECTED** Win32:Dropper-gen [Drp]11:57:41.377 Modules scanning11:57:41.382 Disk 0 trace - called modules:11:57:41.407 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys 11:57:41.412 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005c38060]11:57:41.416 3 CLASSPNP.SYS[fffff880015cb43f] -> nt!IofCallDriver -> [0xfffffa80058e8550]11:57:41.421 5 ACPI.sys[fffff88000fac7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80058ec050]11:57:43.611 AVAST engine scan C:\windows11:58:23.602 AVAST engine scan C:\windows\system3212:10:01.305 AVAST engine scan C:\windows\system32\drivers12:10:49.073 AVAST engine scan C:\Users\Ceni Cen13:04:59.591 AVAST engine scan C:\ProgramData13:22:50.196 Scan finished successfully13:46:43.814 Disk 0 MBR has been saved successfully to "C:\Users\Ceni Cen\Desktop\MBR.dat"13:46:43.831 The log file has been saved successfully to "C:\Users\Ceni Cen\Desktop\aswMBR.txt" Link to post Share on other sites More sharing options...
Psychotic Posted July 7, 2014 ID:849889 Share Posted July 7, 2014 Please attach the log files by FRST Link to post Share on other sites More sharing options...
cxn520 Posted July 8, 2014 Author ID:850358 Share Posted July 8, 2014 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014Ran by Ceni Cen (administrator) on PC on 02-07-2014 16:07:53Running from C:\Users\Ceni Cen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4FPD3KEPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe( ) C:\Windows\System32\dleacoms.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe() C:\Program Files\pcmax\pcmax.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe() C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe() C:\Program Files\003\vxlsnyaiet64.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe() C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe() C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe(Microsoft Corporation) C:\Windows\System32\StikyNot.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-15] (Intel® Corporation)HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10365952 2011-05-19] (Intel Corporation)HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055016 2011-04-29] ()HKLM\...\Run: [dleamon.exe] => C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] ()HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] ()HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] ()HKLM-x32\...\Run: [dleamon.exe] => C:\Program Files (x86) (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] ()HKLM-x32\...\Run: [EzPrint] => C:\Program Files (x86) (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] ()HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)HKLM-x32\...\Run: [Dell V310-V510 Series] => C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe [316072 2011-01-23] ()HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM-x32\...\Run: [sMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [147248 2014-02-11] (SMART Technologies)HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)HKLM-x32\...\Run: [sMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [9024304 2013-11-20] (SMART Technologies ULC)HKLM-x32\...\Run: [sMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [204592 2014-02-12] (SMART Technologies)HKLM-x32\...\Run: [sMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [744752 2014-02-12] (SMART Technologies)HKLM-x32\...\Run: [sMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1933616 2014-02-12] (SMART Technologies)HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies)HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer: [NoControlPanel] 0HKLM\...\Policies\Explorer: [HideSCAHealth] 1HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [Google Update] => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -sHKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3289088 2007-11-20] (Google)HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [HideSCAHealth] 1HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [NoFolderOptions] 0HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\MountPoints2: {dae4b27d-42dd-11e1-962d-4c80936ce95d} - E:\LaunchU3.exe -aStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BodyMedia Sync.lnkShortcutTarget: BodyMedia Sync.lnk -> C:\Program Files (x86)\BodyMedia\Sync\BodyMediaSync.exe (BodyMedia, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnkShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankSearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms}SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms}SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?q={searchTerms}&src=6&q={searchTerms}&st=12&i=998&did=10874&ppd=,,,,,,,,,www.smilebox.com&barid=1523565901011287578SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms}SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?q={searchTerms}&src=6&q={searchTerms}&st=12&i=998&did=10874&ppd=,,,,,,,,,www.smilebox.com&barid=1523565901011287578SearchScopes: HKCU - DefaultScope {6DBF433D-8403-4E85-8B85-C525340F74F8} URL = https://www.google.com/search?q={searchTerms}SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = SearchScopes: HKCU - {6DBF433D-8403-4E85-8B85-C525340F74F8} URL = https://www.google.com/search?q={searchTerms}SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?src=6&q={searchTerms}&barid=1523565901011287578&crg=&ppd=,,,,,,,,,www.smilebox.com&st=23&i=998&did=10874BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO-x32: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.)BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: No Name - {9194649F-7143-4308-90C1-D6A35B0E354E} - No FileBHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()Toolbar: HKCU - No Name - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No FileFilter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.1107 - C:\windows\system32\itruscert\NPComBrg701.dll No FileFF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @hehehi.com/hehehi - C:\PROGRA~2\WEBQQP~1\nphehehi.dll (Shenzhen Mining Technology Co., Ltd.)FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ceni Cen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ceni Cen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCoreFF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-12-30]FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-12-30] ==================== Services (Whitelisted) ================= R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]S2 dleaCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [45224 2010-05-21] ()R2 dlea_device; C:\windows\system32\dleacoms.exe [1052328 2010-05-21] ( )R2 dlea_device; C:\windows\SysWOW64\dleacoms.exe [598696 2010-05-21] ( )R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.)R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-15] ()R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2014-02-12] (SMART Technologies)R2 SupraSavingsService64; C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe [172544 2014-06-25] () [File not signed]R2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe [706560 2014-06-20] () [File not signed] ==================== Drivers (Whitelisted) ==================== R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-03-07] (SMART Technologies)R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-03-07] (SMART Technologies)S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-03-07] (SMART Technologies ULC) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-02 16:07 - 2014-07-02 16:08 - 00000000 ____D () C:\FRST2014-07-02 12:41 - 2014-07-02 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-07-02 11:20 - 2014-07-02 11:21 - 00726888 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup (1).exe2014-07-02 11:19 - 2014-07-02 11:19 - 00732728 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup.exe2014-07-02 11:11 - 2014-07-02 11:16 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job2014-07-02 11:11 - 2014-07-02 11:11 - 17275240 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2.0.2.1012.exe2014-07-02 11:11 - 2014-07-02 11:11 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f352014-06-27 14:59 - 2014-06-27 14:59 - 17273780 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012 (1).exe2014-06-27 14:58 - 2014-06-27 14:58 - 17276700 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012.exe2014-06-27 12:24 - 2014-06-27 12:24 - 00000000 ____D () C:\windows\Sun2014-06-27 12:17 - 2014-06-27 12:17 - 00000020 _____ () C:\Users\Ceni Cen\Downloads\SPug2014-06-27 11:21 - 2014-06-27 11:21 - 01075776 _____ (OR Interactive Ltd) C:\Users\Ceni Cen\Downloads\IDM2.exe2014-06-27 10:21 - 2014-06-27 10:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF2014-06-22 11:22 - 2014-07-02 15:27 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job2014-06-22 11:22 - 2014-06-22 11:22 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b12014-06-20 18:43 - 2014-06-20 18:43 - 00000047 _____ () C:\Users\Ceni Cen\AppData\Roaming\WB.CFG2014-06-20 17:50 - 2014-07-02 15:44 - 00000000 ____D () C:\Program Files\suprasavings2014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer2014-06-20 17:45 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\0032014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax2014-06-20 17:40 - 2014-06-20 17:40 - 00228728 _____ (Fusion Install ) C:\Users\Ceni Cen\Downloads\Java_Updater_Setup.exe2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter64.sys2014-06-11 20:32 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-06-11 20:32 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2014-06-11 20:32 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2014-06-11 20:32 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2014-06-11 20:32 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2014-06-11 20:32 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2014-06-11 20:32 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2014-06-11 20:32 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2014-06-11 20:32 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2014-06-11 20:32 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2014-06-11 20:32 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2014-06-11 20:32 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-06-11 20:32 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2014-06-11 20:32 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2014-06-11 20:32 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-06-11 20:32 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2014-06-11 20:32 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2014-06-11 20:32 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2014-06-11 20:32 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2014-06-11 20:32 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2014-06-11 20:32 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2014-06-11 20:32 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2014-06-11 20:32 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2014-06-11 20:32 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2014-06-11 20:32 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2014-06-11 20:32 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2014-06-11 20:32 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2014-06-11 20:32 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2014-06-11 20:32 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2014-06-11 20:32 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll2014-06-11 20:32 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2014-06-11 20:32 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2014-06-11 20:32 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2014-06-11 20:32 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2014-06-11 20:32 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2014-06-11 20:32 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2014-06-11 20:32 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2014-06-11 20:32 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2014-06-11 20:32 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll2014-06-11 20:32 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2014-06-11 20:32 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2014-06-11 20:32 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2014-06-11 20:32 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2014-06-11 20:32 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2014-06-11 20:32 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2014-06-11 20:32 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2014-06-11 20:32 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll2014-06-11 20:32 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll2014-06-11 20:32 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll2014-06-11 20:32 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll2014-06-11 20:32 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys2014-06-11 20:32 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS2014-06-11 20:32 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll2014-06-11 20:32 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll2014-06-11 20:32 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll2014-06-11 20:32 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll2014-06-11 20:32 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll2014-06-11 20:32 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll2014-06-11 20:32 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll2014-06-11 20:32 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll2014-06-11 20:31 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-06-11 20:31 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2014-06-11 20:31 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2014-06-11 20:31 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2014-06-11 20:31 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2014-06-11 20:31 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2014-06-03 18:48 - 2014-06-03 18:48 - 00155135 _____ () C:\ProgramData\SPL5F8F.tmp2014-06-03 18:32 - 2014-06-03 18:32 - 00264971 _____ () C:\ProgramData\SPLEB1B.tmp ==================== One Month Modified Files and Folders ======= 2014-07-02 16:08 - 2014-07-02 16:07 - 00000000 ____D () C:\FRST2014-07-02 15:48 - 2011-12-30 09:57 - 01592585 _____ () C:\windows\WindowsUpdate.log2014-07-02 15:47 - 2012-01-05 15:48 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Nero2014-07-02 15:44 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\suprasavings2014-07-02 15:43 - 2013-02-11 15:18 - 00000000 ___RD () C:\Users\Ceni Cen\Google Drive2014-07-02 15:41 - 2013-02-27 15:47 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2014-07-02 15:27 - 2014-06-22 11:22 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job2014-07-02 15:16 - 2012-01-05 15:38 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA.job2014-07-02 15:01 - 2009-07-14 01:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI2014-07-02 13:05 - 2012-01-05 15:37 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Deployment2014-07-02 12:45 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-07-02 12:45 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-07-02 12:41 - 2014-07-02 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-07-02 12:37 - 2011-12-30 10:50 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks2014-07-02 12:37 - 2011-12-30 10:50 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks2014-07-02 12:37 - 2011-12-30 10:40 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup2014-07-02 12:36 - 2013-02-11 15:16 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2014-07-02 12:36 - 2012-01-19 22:05 - 00076149 _____ () C:\ProgramData\dleascan.log2014-07-02 12:36 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT2014-07-02 12:36 - 2009-07-14 00:51 - 00070653 _____ () C:\windows\setupact.log2014-07-02 12:33 - 2012-01-05 15:38 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Google2014-07-02 11:55 - 2010-11-20 23:47 - 00277456 _____ () C:\windows\PFRO.log2014-07-02 11:21 - 2014-07-02 11:20 - 00726888 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup (1).exe2014-07-02 11:19 - 2014-07-02 11:19 - 00732728 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup.exe2014-07-02 11:16 - 2014-07-02 11:11 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job2014-07-02 11:11 - 2014-07-02 11:11 - 17275240 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2.0.2.1012.exe2014-07-02 11:11 - 2014-07-02 11:11 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f352014-07-02 11:11 - 2012-01-05 15:38 - 00003900 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA2014-06-27 14:59 - 2014-06-27 14:59 - 17273780 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012 (1).exe2014-06-27 14:58 - 2014-06-27 14:58 - 17276700 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012.exe2014-06-27 12:24 - 2014-06-27 12:24 - 00000000 ____D () C:\windows\Sun2014-06-27 12:17 - 2014-06-27 12:17 - 00000020 _____ () C:\Users\Ceni Cen\Downloads\SPug2014-06-27 11:21 - 2014-06-27 11:21 - 01075776 _____ (OR Interactive Ltd) C:\Users\Ceni Cen\Downloads\IDM2.exe2014-06-27 10:24 - 2012-01-19 22:05 - 00000404 _____ () C:\ProgramData\FastPics.log2014-06-27 10:21 - 2014-06-27 10:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF2014-06-22 11:22 - 2014-06-22 11:22 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b12014-06-22 11:22 - 2013-02-11 15:16 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-06-22 11:22 - 2012-01-05 15:48 - 00000000 ____D () C:\Temp2014-06-20 19:49 - 2013-05-22 06:08 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask2014-06-20 18:43 - 2014-06-20 18:43 - 00000047 _____ () C:\Users\Ceni Cen\AppData\Roaming\WB.CFG2014-06-20 17:50 - 2014-06-20 17:45 - 00000000 ____D () C:\Program Files\0032014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax2014-06-20 17:40 - 2014-06-20 17:40 - 00228728 _____ (Fusion Install ) C:\Users\Ceni Cen\Downloads\Java_Updater_Setup.exe2014-06-17 19:50 - 2013-02-11 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2014-06-17 08:06 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter64.sys2014-06-12 03:10 - 2013-08-14 17:02 - 00000000 ____D () C:\windows\system32\MRT2014-06-12 03:08 - 2012-02-24 11:40 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2014-06-12 03:08 - 2012-01-20 22:24 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-06-08 11:41 - 2012-01-19 22:05 - 00021198 _____ () C:\ProgramData\dlea.log2014-06-07 21:38 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache2014-06-03 20:04 - 2012-02-13 14:15 - 00166970 _____ () C:\ProgramData\dleaJSW.log2014-06-03 18:59 - 2012-01-19 22:06 - 00000000 ____D () C:\ProgramData\DL_cats2014-06-03 18:48 - 2014-06-03 18:48 - 00155135 _____ () C:\ProgramData\SPL5F8F.tmp2014-06-03 18:32 - 2014-06-03 18:32 - 00264971 _____ () C:\ProgramData\SPLEB1B.tmp ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-07 21:27 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Psychotic Posted July 9, 2014 ID:850729 Share Posted July 9, 2014 Please attach the addition.txt as well. Link to post Share on other sites More sharing options...
cxn520 Posted July 9, 2014 Author ID:850740 Share Posted July 9, 2014 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014Ran by Ceni Cen at 2014-07-02 16:10:22Running from C:\Users\Ceni Cen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4FPD3KEBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {ADA629C7-7F48-5689-624A-3B76997E0892}AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) HiddenAdobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)BodyMedia SYNC (x32 Version: 2.3.1.102 - BodyMedia, Inc.) HiddenBonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)Dell Toolbar (HKLM-x32\...\{09B71986-2AC5-482d-B6CB-42EA34F4F85B}) (Version: 1.8.12.0 - )Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version: - Dell, Inc.)Dell V310-V510 Series (HKLM-x32\...\Dell V310-V510 Series) (Version: - Dell, Inc.)Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) HiddenDell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) HiddenGoogle Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenHTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2466 - Bandoo Media Inc) <==== ATTENTIONIntel PROSet Wireless (Version: - ) HiddenIntel PROSet Wireless (x32 Version: - ) HiddenIntel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)Intel® PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)Intel® WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJava 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenMalwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) HiddenMicrosoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) HiddenMicrosoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) HiddenMSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) HiddenNero Blu-ray Player (x32 Version: 12.0.20030 - Nero AG) HiddenNero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) HiddenNero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) HiddenNero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) HiddenNero Update (x32 Version: 11.0.11800.31.0 - Nero AG) HiddenOpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) HiddenPlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)Roxio Activation Module (x32 Version: 1.0 - Roxio) HiddenRoxio BackOnTrack (x32 Version: 1.3.3 - Roxio) HiddenRoxio Burn (x32 Version: 1.8 - Roxio) HiddenRoxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) HiddenRoxio Creator Starter (x32 Version: 5.0.0 - Roxio) HiddenRoxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) HiddenRoxio File Backup (Version: 1.3.2 - Roxio) HiddenSMART Chinese (Simplified) Language Pack (HKLM-x32\...\{36D626DC-33D2-4B0E-BA3A-85CF20EAC372}) (Version: 11.4.27.0 - SMART Technologies ULC)SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC)SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.723.0 - SMART Technologies ULC)SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC)SMART Product Drivers (HKLM-x32\...\{53330A17-78DE-458E-9997-292A2D6D3ADD}) (Version: 11.4.872.1 - SMART Technologies ULC)Smilebox (HKCU\...\Smilebox) (Version: 1.0.0.26929 - Smilebox, Inc.)Smilebox Bundle (HKLM-x32\...\Smilebox Bundle) (Version: 2.0.0.5 - Perion Network Ltd.)Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) HiddenSyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG)SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) HiddenTI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) HiddenTrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)WebQQÊÓƵ²å¼þ (HKLM-x32\...\WebQQÊÓƵ²å¼þ) (Version: - )Widevine Media Optimizer Chrome 6.0.0 (HKCU\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH) ==================== Restore Points ========================= 18-04-2014 07:00:49 Windows Update26-04-2014 01:27:36 MinitabCIA06-05-2014 07:01:11 Windows Update07-05-2014 07:00:29 Windows Update16-05-2014 07:01:20 Windows Update08-06-2014 01:34:47 Scheduled Checkpoint12-06-2014 07:02:32 Windows Update ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {06E6F51D-8632-4F8C-AD19-EA86DAB47A81} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exeTask: {2BF6B222-C3D6-40AF-B85C-2EBBDD3ADE20} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35 => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)Task: {59014C64-B907-4F7B-843F-F01BA353407A} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exeTask: {7AE8BE22-A1CA-41EC-84CC-1583009564AD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)Task: {816A7AEA-1FF3-4D4F-8581-0E9F778A1F8D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)Task: {890A420A-80D7-4DFD-990B-90B27D9F6F4F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)Task: {984F9537-7FC7-42D2-AB03-2CE084E7A2B7} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)Task: {CBCE2D9D-AA03-4E44-BE0B-422726FED0E4} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)Task: {CC0E6BAC-2B42-42C3-935A-6B4633C81777} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)Task: {CDFA340D-4694-4FFA-91F4-BD88B3F7139B} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] () <==== ATTENTIONTask: {F5596B1E-9698-42C4-80AD-BFA85A35135D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)Task: {FDB9D482-5637-4E04-980A-F9E6756A0C78} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA.job => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll2012-02-13 14:05 - 2009-12-31 02:17 - 00053760 _____ () C:\windows\System32\DLEAPMON.DLL2012-02-13 14:05 - 2009-01-13 09:15 - 05709824 _____ () C:\windows\System32\DLEAOEM.DLL2012-01-26 00:45 - 2009-11-04 09:17 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\dleadrpp.dll2012-01-19 21:55 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe2014-05-29 07:16 - 2014-05-29 07:16 - 00241344 _____ () C:\Program Files\pcmax\pcmax.exe2014-06-25 13:58 - 2014-06-25 13:58 - 00172544 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe2014-06-12 15:05 - 2014-06-12 15:05 - 00110080 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\nfapi.dll2014-06-12 15:05 - 2014-06-12 15:05 - 00456192 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\ProtocolFilters.dll2014-06-20 17:50 - 2014-06-20 17:50 - 00706560 _____ () C:\Program Files\003\vxlsnyaiet64.exe2011-12-30 11:35 - 2011-04-10 14:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll2012-02-13 14:03 - 2011-01-23 21:22 - 00770728 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe2012-02-13 14:03 - 2011-01-23 21:22 - 00139944 _____ () C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe2011-12-30 10:40 - 2011-08-18 12:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE2010-11-17 12:35 - 2010-11-17 12:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe2011-04-29 20:18 - 2011-04-29 20:18 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2012-02-13 14:02 - 2009-11-26 04:49 - 00086180 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacfg.dll2012-02-13 14:03 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleascw.dll2012-02-13 14:03 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleadatr.dll2012-02-13 14:03 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaDRS.dll2012-02-13 14:03 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacaps.dll2012-02-13 14:03 - 2009-03-05 13:55 - 00059904 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacnv4.dll2009-02-20 09:50 - 2009-02-20 09:50 - 00381440 _____ () C:\windows\system32\dleasm.dll2009-02-20 09:50 - 2009-02-20 09:50 - 00028672 _____ () C:\windows\system32\dleasmr.dll2012-02-13 14:03 - 2009-06-22 09:08 - 00708608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epwizard.DLL2012-02-13 14:03 - 2009-06-22 09:06 - 00159744 _____ () C:\Program Files (x86)\Dell V310-V510 Series\customui.dll2012-02-13 14:03 - 2009-06-22 09:06 - 00114688 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Eputil.DLL2012-02-13 14:03 - 2009-06-22 09:05 - 00139264 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Imagutil.DLL2012-02-13 14:03 - 2009-06-22 09:06 - 00061440 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epfunct.DLL2012-02-13 14:03 - 2009-06-22 09:08 - 02203648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPWizRes.dll2012-02-13 14:03 - 2009-06-22 09:08 - 00045056 _____ () C:\Program Files (x86)\Dell V310-V510 Series\epstring.dll2012-02-13 14:03 - 2009-06-22 09:08 - 00196608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPOEMDll.dll2012-02-13 14:03 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Dell V310-V510 Series\iptk.dll2012-02-13 14:03 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaptp.dll2014-07-02 12:36 - 2014-07-02 12:36 - 00098816 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32api.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00110080 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pywintypes27.dll2014-07-02 12:36 - 2014-07-02 12:36 - 00364544 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pythoncom27.dll2014-07-02 12:36 - 2014-07-02 12:36 - 00045568 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_socket.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 01160704 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_ssl.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00320512 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32com.shell.shell.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00713216 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_hashlib.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 01175040 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._core_.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00805888 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._gdi_.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00811008 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._windows_.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 01062400 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._controls_.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00735232 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._misc_.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00128512 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_elementtree.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00127488 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pyexpat.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00557056 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pysqlite2._sqlite.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00007168 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\hashobjs_ext.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00087552 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_ctypes.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00119808 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32file.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00108544 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32security.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00018432 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32event.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00038912 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32inet.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00070656 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._html2.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00167936 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32gui.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00011264 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32crypt.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00027136 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_multiprocessing.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00122368 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._wizard.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00010240 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\select.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00024064 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32pipe.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00686080 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\unicodedata.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00025600 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32pdh.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00525640 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\windows._lib_cacheinvalidation.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00035840 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32process.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00017408 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32profile.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00022528 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32ts.pyd2014-07-02 12:36 - 2014-07-02 12:36 - 00078336 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._animate.pyd2010-11-25 00:44 - 2010-11-25 00:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll2011-04-29 20:13 - 2011-04-29 20:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll2011-04-29 20:13 - 2011-04-29 20:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll2013-08-22 19:43 - 2013-08-22 19:43 - 00272688 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node2013-08-22 19:44 - 2013-08-22 19:44 - 00039216 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node2013-08-22 19:44 - 2013-08-22 19:44 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node2013-08-22 19:44 - 2013-08-22 19:44 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node2013-08-22 19:44 - 2013-08-22 19:44 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node2014-02-13 04:47 - 2014-02-13 04:47 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll2011-12-30 10:05 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: SMART Virtual TabletPCDescription: SMART Virtual TabletPCClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: SMART Technologies ULCService: SMARTVTabletPCx64Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (07/02/2014 03:45:36 PM) (Source: SideBySide) (EventID: 80) (User: )Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/02/2014 03:14:41 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program IEXPLORE.EXE version 11.0.9600.17126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2278 Start Time: 01cf96294ec45104 Termination Time: 24 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2108837 Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2108837 Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2107729 Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2107729 Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/02/2014 02:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2106590 Error: (07/02/2014 02:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2106590 System errors:=============Error: (07/02/2014 01:11:01 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (07/02/2014 01:04:42 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (07/02/2014 00:40:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2014 00:37:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/02/2014 00:37:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The McAfee McShield service failed to start due to the following error: %%1053 Error: (07/02/2014 00:37:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee McShield service to connect. Error: (07/02/2014 00:36:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The dleaCATSCustConnectService service failed to start due to the following error: %%1053 Error: (07/02/2014 00:36:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect. Error: (07/02/2014 11:57:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2014 11:56:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions:========================= ==================== Memory info =========================== Percentage of memory in use: 50%Total physical RAM: 6050.05 MBAvailable physical RAM: 3019.08 MBTotal Pagefile: 12098.29 MBAvailable Pagefile: 8578.82 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:683.89 GB) (Free:591.93 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 001738BE)Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=684 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Psychotic Posted July 9, 2014 ID:850859 Share Posted July 9, 2014 Scan with CKScannerDownload CKScanner by askey127 from Here & save it to your Desktop.Right-click and Run as Administrator CKScanner.exe then click Search For Files When the cursor hourglass disappears, click Save List To File A message box will verify the file saved Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply We Need to Diagnose a Possible Problem with WGAThis may be preventing you from installing that service pack.Please download MGADiag and save it to your desktop. Double click the icon on your desktop. Click Continue Click Copy Go to Start -> Run and type in "Notepad" Go to Edit -> Paste in notepad. x out all of the numbers and letters in the line beginning with "Windows Product Key:" Copy and paste that log here. Link to post Share on other sites More sharing options...
cxn520 Posted July 12, 2014 Author ID:851880 Share Posted July 12, 2014 CKScanner 2.4 - Additional Security Risks - These are not necessarily badscanner sequence 3.MN.11.HLAPE0 ----- EOF ----- Link to post Share on other sites More sharing options...
cxn520 Posted July 12, 2014 Author ID:851883 Share Posted July 12, 2014 Diagnostic Report (1.9.0027.0):-----------------------------------------Windows Validation Data--> Validation Code: 0Cached Online Validation Code: 0x0Windows Product Key: *****-*****-xxxxx-xxxxx-xxxxxWindows Product Key Hash: +Rj3N34NLM2JqoBO/OzgzTZXgbY=Windows Product ID: 00359-OEM-8992687-00095Windows Product ID Type: 2Windows License Type: OEM SLPWindows OS version: 6.1.7601.2.00010300.1.0.003ID: {D6129C89-C9D2-4059-AD65-432170D5D97E}(1)Is Admin: YesTestCab: 0x0LegitcheckControl ActiveX: N/A, hr = 0x80070002Signed By: N/A, hr = 0x80070002Product Name: Windows 7 Home PremiumArchitecture: 0x00000009Build lab: 7601.win7sp1_gdr.140303-2144TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data-->ThreatID(s): N/A, hr = 0x80070002Version: N/A, hr = 0x80070002 Windows XP Notifications Data-->Cached Result: N/A, hr = 0x80070002File Exists: NoVersion: N/A, hr = 0x80070002WgaTray.exe Signed By: N/A, hr = 0x80070002WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data-->Cached Result: N/A, hr = 0x80070002Version: N/A, hr = 0x80070002OGAExec.exe Signed By: N/A, hr = 0x80070002OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data-->Office Status: 100 GenuineMicrosoft Office Enterprise 2007 - 100 GenuineOGA Version: N/A, 0x80070002Signed By: N/A, hr = 0x80070002Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005 Browser Data-->Proxy settings: N/AUser Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exeDownload signed ActiveX controls: PromptDownload unsigned ActiveX controls: DisabledRun ActiveX controls and plug-ins: AllowedInitialize and script ActiveX controls not marked as safe: DisabledAllow scripting of Internet Explorer Webbrowser control: DisabledActive scripting: AllowedScript ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data-->Office Details: <GenuineResults><MachineData><UGUID>{D6129C89-C9D2-4059-AD65-432170D5D97E}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RMV82</PKey><PID>00359-OEM-8992687-00095</PID><PIDType>2</PIDType><SID>S-1-5-21-2051148634-656423823-1457257949</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron N5110</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A09</Version><SMBIOSVersion major="2" minor="6"/><Date>20110930000000.000000+000</Date></BIOS><HWID>AD1D3A07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>WN09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>7480B9502DF0D86</Val><Hash>oYWOW5ayFE3pZ+jvTpuXYsY64JE=</Hash><Pid>89388-707-8722531-65657</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data-->Software licensing service version: 6.1.7601.17514 Name: Windows® 7, HomePremium editionDescription: Windows Operating System - Windows® 7, OEM_SLP channelActivation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64Application ID: 55c92734-d682-4d71-983e-d6ec3f16059fExtended PID: 00359-00178-926-800095-02-1033-7601.0000-3642011Installation ID: 011543924335733633371041180762578316456962189571519265Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340Partial Product Key: RMV82License Status: LicensedRemaining Windows rearm count: 1Trusted time: 7/12/2014 12:27:37 PM Windows Activation Technologies-->HrOffline: 0x00000000HrOnline: 0x00000000HealthStatus: 0x0000000000000000Event Time Stamp: 5:6:2014 04:14ActiveX: Registered, Version: 7.1.7600.16395Admin Service: Registered, Version: 7.1.7600.16395HealthStatus Bitmask Output: HWID Data-->HWID Hash Current: MgAAAAEAAQABAAEAAAACAAAABAABAAEAonYaWIrsBoZmZHR0jGy8xBYDqPgiI+6PLnM= OEM Activation 1.0 Data-->N/A OEM Activation 2.0 Data-->BIOS valid for OA 2.0: yesWindows marker version: 0x20001OEMID and OEMTableID Consistent: yesBIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC DELL WN09 FACP DELL WN09 HPET DELL WN09 MCFG DELL WN09 SSDT TrmRef PtidDevc SLIC DELL WN09 SSDT TrmRef PtidDevc SSDT TrmRef PtidDevc OSFR DELL M08 Link to post Share on other sites More sharing options...
Psychotic Posted July 13, 2014 ID:852310 Share Posted July 13, 2014 Add-/remove programmsClick on start-->control panel.Vista/7: Open Programs and FeaturesXP: Open add/remove programsSearch for and remove the following programs ilividClose the window. Fix with FRST (normal mode)WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Download the attached fixlist.txt and save it to the location where FRST is saved to.Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply. Full System Scan with Malwarebytes Antimalware If not existing, please download Malwarebytes Anti-Malware to your desktop.Double-click the downloaded setup file and follow the prompts to install the program.At the end, be sure a checkmark is placed next to the following:Launch Malwarebytes Anti-MalwareA 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.Click Finish.If the program is already installed:Run Malwarebytes AntimalwareOn the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes.After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the scan log which shows the Date and time of the scan just performed.Click 'Copy to Clipboard'Paste the contents of the clipboard into your reply. fixlist.txt Link to post Share on other sites More sharing options...
cxn520 Posted July 15, 2014 Author ID:852925 Share Posted July 15, 2014 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2014 01Ran by Ceni Cen at 2014-07-14 22:07:07 Run:1Running from C:\Users\Ceni Cen\DownloadsBoot Mode: Normal============================================== Content of fixlist:*****************HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()Toolbar: HKCU - No Name - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No FileTask: {CDFA340D-4694-4FFA-91F4-BD88B3F7139B} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] () <==== ATTENTIONBHO-x32: No Name - {9194649F-7143-4308-90C1-D6A35B0E354E} - No FileSearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-se...i=998&did=10874SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-se...565901011287578SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-se...565901011287578HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] () R2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe [706560 2014-06-20] () [File not signed]R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] () 2014-07-02 15:44 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\suprasavings2014-06-20 17:50 - 2014-06-20 17:45 - 00000000 ____D () C:\Program Files\0032014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax***************** HKU\S-1-5-21-2051148634-656423823-1457257949-1000\Software\Microsoft\Windows\CurrentVersion\Run\\pcreg => value deleted successfully.HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\pcreg => value deleted successfully.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{06E58E5E-F8CB-4049-991E-A41C03BD419E} => value deleted successfully.'HKCR\CLSID\{06E58E5E-F8CB-4049-991E-A41C03BD419E}'=> Key not found.'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDFA340D-4694-4FFA-91F4-BD88B3F7139B}' => Key deleted successfully.'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDFA340D-4694-4FFA-91F4-BD88B3F7139B}' => Key deleted successfully.C:\Windows\System32\Tasks\pcreg => Moved successfully.'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pcreg' => Key deleted successfully.'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9194649F-7143-4308-90C1-D6A35B0E354E}' => Key deleted successfully.'HKCR\Wow6432Node\CLSID\{9194649F-7143-4308-90C1-D6A35B0E354E}'=> Key not found.'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.'HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.'HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}' => Key deleted successfully.'HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}'=> Key not found.'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}' => Key deleted successfully.'HKCR\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}'=> Key not found.HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.'HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.'HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.'HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}' => Key deleted successfully.'HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}'=> Key not found.HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\pcreg => value deleted successfully.vxlsnyaiet64 => Service not found.pcmaxservice => Service stopped successfully.pcmaxservice => Service deleted successfully."C:\Program Files\suprasavings" => File/Directory not found.C:\Program Files\003 => Moved successfully.C:\Users\Ceni Cen\Documents\PC Speed Maximizer => Moved successfully."C:\windows\System32\Tasks\pcreg" => File/Directory not found.C:\Program Files\pcmax => Moved successfully. ==== End of Fixlog ==== Link to post Share on other sites More sharing options...
cxn520 Posted July 15, 2014 Author ID:852928 Share Posted July 15, 2014 Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/14/2014Scan Time: 10:11:28 PMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.07.15.01Rootkit Database: v2014.07.14.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Ceni Cen Scan Type: Threat ScanResult: CompletedObjects Scanned: 305065Time Elapsed: 16 min, 30 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: WarnPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) Link to post Share on other sites More sharing options...
Psychotic Posted July 15, 2014 ID:852993 Share Posted July 15, 2014 Looks good! Scan with ESET Online ScanPlease go to here to run the online scannner from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activex control to installClick StartMake sure that the option Remove found threats is unticked Click on Advanced Settings and ensure these options are ticked:Scan for potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth Technology[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic. Link to post Share on other sites More sharing options...
cxn520 Posted July 15, 2014 Author ID:853115 Share Posted July 15, 2014 C:\$Recycle.Bin\S-1-5-21-2051148634-656423823-1457257949-1000\$RODT9U3.exe Win32/Idmsq.A potentially unwanted applicationC:\FRST\Quarantine\C\Program Files\pcmax\pcmax.exe a variant of Win32/Conduit.SearchProtect.O potentially unwanted applicationC:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe applicationC:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe applicationC:\Program Files (x86)\sweetpacks bundle uninstaller_Smilebox_With_WP_1167364\uninstaller.exe a variant of Win32/ClientConnect.A potentially unwanted applicationC:\Users\Ceni Cen\Downloads\IDM2.exe Win32/Idmsq.A potentially unwanted applicationC:\Users\Ceni Cen\Downloads\OffercastInstaller_AVR_U-0087-01-PlateauLines-0805-01-en_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application Link to post Share on other sites More sharing options...
Psychotic Posted July 15, 2014 ID:853120 Share Posted July 15, 2014 Then we can do the cleanup - if you are facing any issues, report that immediately.Delete junk with adwCleanerPlease download AdwCleaner to your desktop.Run adwcleaner.exe Hit Scan and wait for the scan to finish. Confirm the message but don´t uncheck anything. Hit Clean When the run is finished, it will open up a text file Please post its contents within your next reply You´ll find the log file at C:\AdwCleaner[s1].txt alsoDelete junk with JRT Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message.SecurityCheckReboot your system before starting!Please download SecurityCheck: LINK1 LINK2Save it to your desktop, start it and follow the instructions in the window. After the scan finished the (checkup.txt) will open. Copy its content to your thread. Link to post Share on other sites More sharing options...
cxn520 Posted July 15, 2014 Author ID:853121 Share Posted July 15, 2014 # AdwCleaner v3.215 - Report created 15/07/2014 at 12:15:49# Updated 09/07/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Ceni Cen - PC# Running from : C:\Users\Ceni Cen\Downloads\adwcleaner_3.215.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\PremiumFolder Deleted : C:\Program Files (x86)\OAppsFolder Deleted : C:\Users\Ceni Cen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedhFile Deleted : C:\Users\Ceni Cen\AppData\LocalLow\SkwConfig.bin ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smilebox Bundle\Smilebox Bundle.lnk ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedhKey Deleted : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmakiKey Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXEKey Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exeValue Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancsKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCSKey Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}Key Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\Cr_InstallerKey Deleted : HKCU\Software\ilividKey Deleted : HKCU\Software\IMKey Deleted : HKCU\Software\ImInstallerKey Deleted : HKCU\Software\SoftonicKey Deleted : HKCU\Software\AppDataLow\Software\CompeteIncKey Deleted : HKCU\Software\AppDataLow\Software\FreecauseKey Deleted : HKLM\Software\CompeteIncKey Deleted : HKLM\Software\iLividSRTBKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results ToolbarKey Deleted : [x64] HKLM\SOFTWARE\SweetIM ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Google Chrome v35.0.1916.153 [ File : C:\Users\Ceni Cen\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}Deleted [Homepage] : hxxp://www.searchnu.com/406Deleted [Extension] : amfclgbdpgndipgoegfpkkgobahigbclDeleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh ************************* AdwCleaner[R0].txt - [5497 octets] - [15/07/2014 12:14:34]AdwCleaner[s0].txt - [5203 octets] - [15/07/2014 12:15:49] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5263 octets] ########## Link to post Share on other sites More sharing options...
cxn520 Posted July 15, 2014 Author ID:853129 Share Posted July 15, 2014 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 7 Home Premium x64Ran by Ceni Cen on Tue 07/15/2014 at 12:22:16.38~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"Failed to delete: [Folder] "C:\Program Files (x86)\coupons" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Tue 07/15/2014 at 12:30:49.68End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Link to post Share on other sites More sharing options...
cxn520 Posted July 15, 2014 Author ID:853130 Share Posted July 15, 2014 Results of screen317's Security Check version 0.99.85 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 60 Adobe Flash Player 14.0.0.145 Adobe Reader XI Google Chrome 35.0.1916.153 Google Chrome plugins... ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 8% ````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
Psychotic Posted July 15, 2014 ID:853147 Share Posted July 15, 2014 Your system is clean now! Uninstall our tools using delfixPlease follow these steps in order: In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed. In any case please download delfix to your desktop. Close all other programms and start delfix. Please check all the boxes and run the tool. delfix will now delete all found traces of our removal process [*] If there is still something left please delete it manualy.Delete System Restore PointsTo ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.Temp File CleanerWe need to download Temp File Cleaner (TFC) by OldTimer: Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2 Save and close all running applications Double-click on TFC.exe to run the program Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup When the scan is complete, if you were not asked to reboot the computer, please do so now More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/ Recommendations: How to protect yourselfSystem UpdatesPlease ensure to have automatic updates activated in your control panel.For further information and a tutorial, see this Microsoft Support article. ProtectionWhat you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.To keep your browser free of advertising, you may install the Adblock Plus browser extension.It will filter unwanted advertising out of the website´s content. To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.In addition, before accessing a dangerous classified web site, a warning screen is displayed. [*]Up to date SoftwareKeep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:Secunia Personal Software Inspector - checks if your software has updates available. SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software. Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser. [*]BackupHardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]BehaviourThe commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware. Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything. When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system. Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 6, 2014 Root Admin ID:862999 Share Posted August 6, 2014 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts