Jump to content

Help please!


Recommended Posts

Malware hasn't been able to update. I'm 99% sure my computer is infected, because suprasavings keeps on popping up on the websites I visit. Here are the logs, please help!!!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014

Ran by Ceni Cen (administrator) on PC on 02-07-2014 16:07:53

Running from C:\Users\Ceni Cen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4FPD3KE

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

( ) C:\Windows\System32\dleacoms.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

() C:\Program Files\pcmax\pcmax.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe

() C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe

() C:\Program Files\003\vxlsnyaiet64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

() C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe

() C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe

(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe

(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe

(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)

HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-15] (Intel® Corporation)

HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10365952 2011-05-19] (Intel Corporation)

HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055016 2011-04-29] ()

HKLM\...\Run: [dleamon.exe] => C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] ()

HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] ()

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)

HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)

HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()

HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()

HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)

HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)

HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] ()

HKLM-x32\...\Run: [dleamon.exe] => C:\Program Files (x86) (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] ()

HKLM-x32\...\Run: [EzPrint] => C:\Program Files (x86) (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] ()

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [Dell V310-V510 Series] => C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe [316072 2011-01-23] ()

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM-x32\...\Run: [sMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [147248 2014-02-11] (SMART Technologies)

HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)

HKLM-x32\...\Run: [sMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [9024304 2013-11-20] (SMART Technologies ULC)

HKLM-x32\...\Run: [sMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [204592 2014-02-12] (SMART Technologies)

HKLM-x32\...\Run: [sMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [744752 2014-02-12] (SMART Technologies)

HKLM-x32\...\Run: [sMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1933616 2014-02-12] (SMART Technologies)

HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies)

HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [Google Update] => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3289088 2007-11-20] (Google)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\MountPoints2: {dae4b27d-42dd-11e1-962d-4c80936ce95d} - E:\LaunchU3.exe -a

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BodyMedia Sync.lnk

ShortcutTarget: BodyMedia Sync.lnk -> C:\Program Files (x86)\BodyMedia\Sync\BodyMediaSync.exe (BodyMedia, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms}

SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?q={searchTerms}&src=6&q={searchTerms}&st=12&i=998&did=10874&ppd=,,,,,,,,,www.smilebox.com&barid=1523565901011287578

SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3550141913754724&q={searchTerms}

SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?q={searchTerms}&src=6&q={searchTerms}&st=12&i=998&did=10874&ppd=,,,,,,,,,www.smilebox.com&barid=1523565901011287578

SearchScopes: HKCU - DefaultScope {6DBF433D-8403-4E85-8B85-C525340F74F8} URL = https://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =

SearchScopes: HKCU - {6DBF433D-8403-4E85-8B85-C525340F74F8} URL = https://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =

SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =

SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-search.net/?src=6&q={searchTerms}&barid=1523565901011287578&crg=&ppd=,,,,,,,,,www.smilebox.com&st=23&i=998&did=10874

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()

BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: No Name - {9194649F-7143-4308-90C1-D6A35B0E354E} - No File

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()

Toolbar: HKCU - No Name - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No File

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.1107 - C:\windows\system32\itruscert\NPComBrg701.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @hehehi.com/hehehi - C:\PROGRA~2\WEBQQP~1\nphehehi.dll (Shenzhen Mining Technology Co., Ltd.)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ceni Cen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ceni Cen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore

FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-12-30]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-12-30]

==================== Services (Whitelisted) =================

R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]

R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]

R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]

S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]

S2 dleaCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [45224 2010-05-21] ()

R2 dlea_device; C:\windows\system32\dleacoms.exe [1052328 2010-05-21] ( )

R2 dlea_device; C:\windows\SysWOW64\dleacoms.exe [598696 2010-05-21] ( )

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)

S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)

S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.)

R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-15] ()

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]

R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)

R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2014-02-12] (SMART Technologies)

R2 SupraSavingsService64; C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe [172544 2014-06-25] () [File not signed]

R2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe [706560 2014-06-20] () [File not signed]

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)

R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)

S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)

R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-03-07] (SMART Technologies)

R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-03-07] (SMART Technologies)

S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-03-07] (SMART Technologies ULC)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-02 16:07 - 2014-07-02 16:08 - 00000000 ____D () C:\FRST

2014-07-02 12:41 - 2014-07-02 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-07-02 11:20 - 2014-07-02 11:21 - 00726888 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup (1).exe

2014-07-02 11:19 - 2014-07-02 11:19 - 00732728 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup.exe

2014-07-02 11:11 - 2014-07-02 11:16 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job

2014-07-02 11:11 - 2014-07-02 11:11 - 17275240 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-02 11:11 - 2014-07-02 11:11 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35

2014-06-27 14:59 - 2014-06-27 14:59 - 17273780 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012 (1).exe

2014-06-27 14:58 - 2014-06-27 14:58 - 17276700 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012.exe

2014-06-27 12:24 - 2014-06-27 12:24 - 00000000 ____D () C:\windows\Sun

2014-06-27 12:17 - 2014-06-27 12:17 - 00000020 _____ () C:\Users\Ceni Cen\Downloads\SPug

2014-06-27 11:21 - 2014-06-27 11:21 - 01075776 _____ (OR Interactive Ltd) C:\Users\Ceni Cen\Downloads\IDM2.exe

2014-06-27 10:21 - 2014-06-27 10:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF

2014-06-22 11:22 - 2014-07-02 15:27 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job

2014-06-22 11:22 - 2014-06-22 11:22 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1

2014-06-20 18:43 - 2014-06-20 18:43 - 00000047 _____ () C:\Users\Ceni Cen\AppData\Roaming\WB.CFG

2014-06-20 17:50 - 2014-07-02 15:44 - 00000000 ____D () C:\Program Files\suprasavings

2014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer

2014-06-20 17:45 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\003

2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg

2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax

2014-06-20 17:40 - 2014-06-20 17:40 - 00228728 _____ (Fusion Install ) C:\Users\Ceni Cen\Downloads\Java_Updater_Setup.exe

2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter64.sys

2014-06-11 20:32 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-06-11 20:32 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-06-11 20:32 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-06-11 20:32 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-06-11 20:32 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-06-11 20:32 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-06-11 20:32 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-06-11 20:32 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-06-11 20:32 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-06-11 20:32 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-06-11 20:32 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-06-11 20:32 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-06-11 20:32 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-06-11 20:32 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-06-11 20:32 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-06-11 20:32 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-06-11 20:32 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-06-11 20:32 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-06-11 20:32 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-06-11 20:32 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-06-11 20:32 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-06-11 20:32 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-06-11 20:32 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-06-11 20:32 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-06-11 20:32 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-06-11 20:32 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-06-11 20:32 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-06-11 20:32 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-06-11 20:32 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-06-11 20:32 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2014-06-11 20:32 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-06-11 20:32 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-06-11 20:32 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-11 20:32 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-06-11 20:32 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-06-11 20:32 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-06-11 20:32 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-06-11 20:32 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-06-11 20:32 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2014-06-11 20:32 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-06-11 20:32 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-06-11 20:32 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-06-11 20:32 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-06-11 20:32 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-06-11 20:32 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-06-11 20:32 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-06-11 20:32 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll

2014-06-11 20:32 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll

2014-06-11 20:32 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll

2014-06-11 20:32 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll

2014-06-11 20:32 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys

2014-06-11 20:32 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS

2014-06-11 20:32 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll

2014-06-11 20:32 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll

2014-06-11 20:32 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll

2014-06-11 20:32 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll

2014-06-11 20:32 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll

2014-06-11 20:32 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll

2014-06-11 20:32 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll

2014-06-11 20:32 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll

2014-06-11 20:31 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-06-11 20:31 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-06-11 20:31 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-06-11 20:31 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-06-11 20:31 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-06-11 20:31 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-06-03 18:48 - 2014-06-03 18:48 - 00155135 _____ () C:\ProgramData\SPL5F8F.tmp

2014-06-03 18:32 - 2014-06-03 18:32 - 00264971 _____ () C:\ProgramData\SPLEB1B.tmp

==================== One Month Modified Files and Folders =======

2014-07-02 16:08 - 2014-07-02 16:07 - 00000000 ____D () C:\FRST

2014-07-02 15:48 - 2011-12-30 09:57 - 01592585 _____ () C:\windows\WindowsUpdate.log

2014-07-02 15:47 - 2012-01-05 15:48 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Nero

2014-07-02 15:44 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\suprasavings

2014-07-02 15:43 - 2013-02-11 15:18 - 00000000 ___RD () C:\Users\Ceni Cen\Google Drive

2014-07-02 15:41 - 2013-02-27 15:47 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job

2014-07-02 15:27 - 2014-06-22 11:22 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job

2014-07-02 15:16 - 2012-01-05 15:38 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA.job

2014-07-02 15:01 - 2009-07-14 01:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI

2014-07-02 13:05 - 2012-01-05 15:37 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Deployment

2014-07-02 12:45 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-02 12:45 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-02 12:41 - 2014-07-02 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-07-02 12:37 - 2011-12-30 10:50 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-07-02 12:37 - 2011-12-30 10:50 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2014-07-02 12:37 - 2011-12-30 10:40 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-07-02 12:36 - 2013-02-11 15:16 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-02 12:36 - 2012-01-19 22:05 - 00076149 _____ () C:\ProgramData\dleascan.log

2014-07-02 12:36 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-07-02 12:36 - 2009-07-14 00:51 - 00070653 _____ () C:\windows\setupact.log

2014-07-02 12:33 - 2012-01-05 15:38 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Google

2014-07-02 11:55 - 2010-11-20 23:47 - 00277456 _____ () C:\windows\PFRO.log

2014-07-02 11:21 - 2014-07-02 11:20 - 00726888 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup (1).exe

2014-07-02 11:19 - 2014-07-02 11:19 - 00732728 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup.exe

2014-07-02 11:16 - 2014-07-02 11:11 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job

2014-07-02 11:11 - 2014-07-02 11:11 - 17275240 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-02 11:11 - 2014-07-02 11:11 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35

2014-07-02 11:11 - 2012-01-05 15:38 - 00003900 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA

2014-06-27 14:59 - 2014-06-27 14:59 - 17273780 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012 (1).exe

2014-06-27 14:58 - 2014-06-27 14:58 - 17276700 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012.exe

2014-06-27 12:24 - 2014-06-27 12:24 - 00000000 ____D () C:\windows\Sun

2014-06-27 12:17 - 2014-06-27 12:17 - 00000020 _____ () C:\Users\Ceni Cen\Downloads\SPug

2014-06-27 11:21 - 2014-06-27 11:21 - 01075776 _____ (OR Interactive Ltd) C:\Users\Ceni Cen\Downloads\IDM2.exe

2014-06-27 10:24 - 2012-01-19 22:05 - 00000404 _____ () C:\ProgramData\FastPics.log

2014-06-27 10:21 - 2014-06-27 10:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF

2014-06-22 11:22 - 2014-06-22 11:22 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1

2014-06-22 11:22 - 2013-02-11 15:16 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-22 11:22 - 2012-01-05 15:48 - 00000000 ____D () C:\Temp

2014-06-20 19:49 - 2013-05-22 06:08 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask

2014-06-20 18:43 - 2014-06-20 18:43 - 00000047 _____ () C:\Users\Ceni Cen\AppData\Roaming\WB.CFG

2014-06-20 17:50 - 2014-06-20 17:45 - 00000000 ____D () C:\Program Files\003

2014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer

2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg

2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax

2014-06-20 17:40 - 2014-06-20 17:40 - 00228728 _____ (Fusion Install ) C:\Users\Ceni Cen\Downloads\Java_Updater_Setup.exe

2014-06-17 19:50 - 2013-02-11 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2014-06-17 08:06 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF

2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter64.sys

2014-06-12 03:10 - 2013-08-14 17:02 - 00000000 ____D () C:\windows\system32\MRT

2014-06-12 03:08 - 2012-02-24 11:40 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-06-12 03:08 - 2012-01-20 22:24 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-08 11:41 - 2012-01-19 22:05 - 00021198 _____ () C:\ProgramData\dlea.log

2014-06-07 21:38 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache

2014-06-03 20:04 - 2012-02-13 14:15 - 00166970 _____ () C:\ProgramData\dleaJSW.log

2014-06-03 18:59 - 2012-01-19 22:06 - 00000000 ____D () C:\ProgramData\DL_cats

2014-06-03 18:48 - 2014-06-03 18:48 - 00155135 _____ () C:\ProgramData\SPL5F8F.tmp

2014-06-03 18:32 - 2014-06-03 18:32 - 00264971 _____ () C:\ProgramData\SPLEB1B.tmp

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-07 21:27

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014

Ran by Ceni Cen at 2014-07-02 16:10:22

Running from C:\Users\Ceni Cen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4FPD3KE

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {ADA629C7-7F48-5689-624A-3B76997E0892}

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)

Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)

BodyMedia SYNC (x32 Version: 2.3.1.102 - BodyMedia, Inc.) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)

Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)

Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)

Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)

Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)

Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)

Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)

Dell Toolbar (HKLM-x32\...\{09B71986-2AC5-482d-B6CB-42EA34F4F85B}) (Version: 1.8.12.0 - )

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)

Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version: - Dell, Inc.)

Dell V310-V510 Series (HKLM-x32\...\Dell V310-V510 Series) (Version: - Dell, Inc.)

Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)

Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)

DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden

Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)

Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)

HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)

iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2466 - Bandoo Media Inc) <==== ATTENTION

Intel PROSet Wireless (Version: - ) Hidden

Intel PROSet Wireless (x32 Version: - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)

Intel® WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden

Nero Blu-ray Player (x32 Version: 12.0.20030 - Nero AG) Hidden

Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden

Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden

Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden

OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)

PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)

QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)

Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden

Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden

Roxio Burn (x32 Version: 1.8 - Roxio) Hidden

Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)

Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden

Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden

Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden

Roxio File Backup (Version: 1.3.2 - Roxio) Hidden

SMART Chinese (Simplified) Language Pack (HKLM-x32\...\{36D626DC-33D2-4B0E-BA3A-85CF20EAC372}) (Version: 11.4.27.0 - SMART Technologies ULC)

SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC)

SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.723.0 - SMART Technologies ULC)

SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC)

SMART Product Drivers (HKLM-x32\...\{53330A17-78DE-458E-9997-292A2D6D3ADD}) (Version: 11.4.872.1 - SMART Technologies ULC)

Smilebox (HKCU\...\Smilebox) (Version: 1.0.0.26929 - Smilebox, Inc.)

Smilebox Bundle (HKLM-x32\...\Smilebox Bundle) (Version: 2.0.0.5 - Perion Network Ltd.)

Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden

SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG)

SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden

TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)

TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden

TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)

Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)

Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)

Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)

Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)

Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)

WebQQÊÓƵ²å¼þ (HKLM-x32\...\WebQQÊÓƵ²å¼þ) (Version: - )

Widevine Media Optimizer Chrome 6.0.0 (HKCU\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)

==================== Restore Points =========================

18-04-2014 07:00:49 Windows Update

26-04-2014 01:27:36 MinitabCIA

06-05-2014 07:01:11 Windows Update

07-05-2014 07:00:29 Windows Update

16-05-2014 07:01:20 Windows Update

08-06-2014 01:34:47 Scheduled Checkpoint

12-06-2014 07:02:32 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {06E6F51D-8632-4F8C-AD19-EA86DAB47A81} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {2BF6B222-C3D6-40AF-B85C-2EBBDD3ADE20} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35 => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)

Task: {59014C64-B907-4F7B-843F-F01BA353407A} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

Task: {7AE8BE22-A1CA-41EC-84CC-1583009564AD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {816A7AEA-1FF3-4D4F-8581-0E9F778A1F8D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {890A420A-80D7-4DFD-990B-90B27D9F6F4F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)

Task: {984F9537-7FC7-42D2-AB03-2CE084E7A2B7} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)

Task: {CBCE2D9D-AA03-4E44-BE0B-422726FED0E4} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)

Task: {CC0E6BAC-2B42-42C3-935A-6B4633C81777} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)

Task: {CDFA340D-4694-4FFA-91F4-BD88B3F7139B} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] () <==== ATTENTION

Task: {F5596B1E-9698-42C4-80AD-BFA85A35135D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)

Task: {FDB9D482-5637-4E04-980A-F9E6756A0C78} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA.job => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2012-02-13 14:05 - 2009-12-31 02:17 - 00053760 _____ () C:\windows\System32\DLEAPMON.DLL

2012-02-13 14:05 - 2009-01-13 09:15 - 05709824 _____ () C:\windows\System32\DLEAOEM.DLL

2012-01-26 00:45 - 2009-11-04 09:17 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\dleadrpp.dll

2012-01-19 21:55 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll

2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2014-05-29 07:16 - 2014-05-29 07:16 - 00241344 _____ () C:\Program Files\pcmax\pcmax.exe

2014-06-25 13:58 - 2014-06-25 13:58 - 00172544 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe

2014-06-12 15:05 - 2014-06-12 15:05 - 00110080 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\nfapi.dll

2014-06-12 15:05 - 2014-06-12 15:05 - 00456192 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\ProtocolFilters.dll

2014-06-20 17:50 - 2014-06-20 17:50 - 00706560 _____ () C:\Program Files\003\vxlsnyaiet64.exe

2011-12-30 11:35 - 2011-04-10 14:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2012-02-13 14:03 - 2011-01-23 21:22 - 00770728 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe

2012-02-13 14:03 - 2011-01-23 21:22 - 00139944 _____ () C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe

2011-12-30 10:40 - 2011-08-18 12:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

2010-11-17 12:35 - 2010-11-17 12:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

2011-04-29 20:18 - 2011-04-29 20:18 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-02-13 14:02 - 2009-11-26 04:49 - 00086180 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacfg.dll

2012-02-13 14:03 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleascw.dll

2012-02-13 14:03 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleadatr.dll

2012-02-13 14:03 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaDRS.dll

2012-02-13 14:03 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacaps.dll

2012-02-13 14:03 - 2009-03-05 13:55 - 00059904 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacnv4.dll

2009-02-20 09:50 - 2009-02-20 09:50 - 00381440 _____ () C:\windows\system32\dleasm.dll

2009-02-20 09:50 - 2009-02-20 09:50 - 00028672 _____ () C:\windows\system32\dleasmr.dll

2012-02-13 14:03 - 2009-06-22 09:08 - 00708608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epwizard.DLL

2012-02-13 14:03 - 2009-06-22 09:06 - 00159744 _____ () C:\Program Files (x86)\Dell V310-V510 Series\customui.dll

2012-02-13 14:03 - 2009-06-22 09:06 - 00114688 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Eputil.DLL

2012-02-13 14:03 - 2009-06-22 09:05 - 00139264 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Imagutil.DLL

2012-02-13 14:03 - 2009-06-22 09:06 - 00061440 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epfunct.DLL

2012-02-13 14:03 - 2009-06-22 09:08 - 02203648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPWizRes.dll

2012-02-13 14:03 - 2009-06-22 09:08 - 00045056 _____ () C:\Program Files (x86)\Dell V310-V510 Series\epstring.dll

2012-02-13 14:03 - 2009-06-22 09:08 - 00196608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPOEMDll.dll

2012-02-13 14:03 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Dell V310-V510 Series\iptk.dll

2012-02-13 14:03 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaptp.dll

2014-07-02 12:36 - 2014-07-02 12:36 - 00098816 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32api.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00110080 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pywintypes27.dll

2014-07-02 12:36 - 2014-07-02 12:36 - 00364544 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pythoncom27.dll

2014-07-02 12:36 - 2014-07-02 12:36 - 00045568 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_socket.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 01160704 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_ssl.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00320512 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32com.shell.shell.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00713216 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_hashlib.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 01175040 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._core_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00805888 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._gdi_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00811008 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._windows_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 01062400 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._controls_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00735232 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._misc_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00128512 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_elementtree.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00127488 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pyexpat.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00557056 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pysqlite2._sqlite.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00007168 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\hashobjs_ext.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00087552 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_ctypes.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00119808 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32file.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00108544 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32security.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00018432 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32event.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00038912 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32inet.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00070656 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._html2.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00167936 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32gui.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00011264 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32crypt.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00027136 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_multiprocessing.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00122368 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._wizard.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00010240 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\select.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00024064 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32pipe.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00686080 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\unicodedata.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00025600 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32pdh.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00525640 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\windows._lib_cacheinvalidation.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00035840 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32process.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00017408 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32profile.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00022528 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32ts.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00078336 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._animate.pyd

2010-11-25 00:44 - 2010-11-25 00:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

2011-04-29 20:13 - 2011-04-29 20:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll

2011-04-29 20:13 - 2011-04-29 20:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll

2013-08-22 19:43 - 2013-08-22 19:43 - 00272688 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node

2013-08-22 19:44 - 2013-08-22 19:44 - 00039216 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node

2013-08-22 19:44 - 2013-08-22 19:44 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node

2013-08-22 19:44 - 2013-08-22 19:44 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node

2013-08-22 19:44 - 2013-08-22 19:44 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node

2014-02-13 04:47 - 2014-02-13 04:47 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll

2011-12-30 10:05 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: SMART Virtual TabletPC

Description: SMART Virtual TabletPC

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: SMART Technologies ULC

Service: SMARTVTabletPCx64

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (07/02/2014 03:45:36 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2014 03:14:41 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program IEXPLORE.EXE version 11.0.9600.17126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2278

Start Time: 01cf96294ec45104

Termination Time: 24

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2108837

Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2108837

Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2107729

Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2107729

Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2014 02:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2106590

Error: (07/02/2014 02:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2106590

System errors:

=============

Error: (07/02/2014 01:11:01 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (07/02/2014 01:04:42 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (07/02/2014 00:40:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/02/2014 00:37:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/02/2014 00:37:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The McAfee McShield service failed to start due to the following error:

%%1053

Error: (07/02/2014 00:37:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee McShield service to connect.

Error: (07/02/2014 00:36:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The dleaCATSCustConnectService service failed to start due to the following error:

%%1053

Error: (07/02/2014 00:36:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect.

Error: (07/02/2014 11:57:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/02/2014 11:56:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Microsoft Office Sessions:

=========================

==================== Memory info ===========================

Percentage of memory in use: 50%

Total physical RAM: 6050.05 MB

Available physical RAM: 3019.08 MB

Total Pagefile: 12098.29 MB

Available Pagefile: 8578.82 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:683.89 GB) (Free:591.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 001738BE)

Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)

Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=684 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
Please atatch the log files and do the following:
 
 
Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

Link to post
Share on other sites

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software

Run date: 2014-07-04 11:51:33

-----------------------------

11:51:33.724    OS Version: Windows x64 6.1.7601 Service Pack 1

11:51:33.724    Number of processors: 4 586 0x2A07

11:51:33.728    ComputerName: PC  UserName: 

11:51:44.921    Initialize success

11:51:45.141    VM: initialized successfully

11:51:45.166    VM: Intel CPU supported 

11:53:35.454    VM: supported disk I/O iaStor.sys

11:55:37.860    AVAST engine defs: 14070400

11:55:52.497    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

11:55:52.500    Disk 0 Vendor: ST975042 0002 Size: 715404MB BusType: 3

11:55:56.148    VM: Disk 0 MBR read successfully

11:55:56.151    Disk 0 MBR scan

11:55:56.233    Disk 0 Windows 7 default MBR code

11:55:56.248    Disk 0 Partition 1 00     DE Dell Utility DELL 8.0      100 MB offset 2048

11:55:56.304    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 206848

11:55:56.308    Disk 0 Boot: NTFS     code=1

11:55:56.380    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       700302 MB offset 30926848

11:55:56.800    Disk 0 scanning C:\windows\system32\drivers

11:56:47.750    Service scanning

11:57:15.845    Service pcmaxservice C:\Program Files\pcmax\pcmax.exe **INFECTED** Win32:Dropper-gen [Drp]

11:57:41.377    Modules scanning

11:57:41.382    Disk 0 trace - called modules:

11:57:41.407    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys 

11:57:41.412    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005c38060]

11:57:41.416    3 CLASSPNP.SYS[fffff880015cb43f] -> nt!IofCallDriver -> [0xfffffa80058e8550]

11:57:41.421    5 ACPI.sys[fffff88000fac7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80058ec050]

11:57:43.611    AVAST engine scan C:\windows

11:58:23.602    AVAST engine scan C:\windows\system32

12:10:01.305    AVAST engine scan C:\windows\system32\drivers

12:10:49.073    AVAST engine scan C:\Users\Ceni Cen

13:04:59.591    AVAST engine scan C:\ProgramData

13:22:50.196    Scan finished successfully

13:46:43.814    Disk 0 MBR has been saved successfully to "C:\Users\Ceni Cen\Desktop\MBR.dat"

13:46:43.831    The log file has been saved successfully to "C:\Users\Ceni Cen\Desktop\aswMBR.txt"
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014

Ran by Ceni Cen (administrator) on PC on 02-07-2014 16:07:53

Running from C:\Users\Ceni Cen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4FPD3KE

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

( ) C:\Windows\System32\dleacoms.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

() C:\Program Files\pcmax\pcmax.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe

() C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe

() C:\Program Files\003\vxlsnyaiet64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

() C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe

() C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe

(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe

(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe

(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe

(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)

HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-15] (Intel® Corporation)

HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10365952 2011-05-19] (Intel Corporation)

HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055016 2011-04-29] ()

HKLM\...\Run: [dleamon.exe] => C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] ()

HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] ()

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)

HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)

HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()

HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()

HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)

HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)

HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] ()

HKLM-x32\...\Run: [dleamon.exe] => C:\Program Files (x86) (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] ()

HKLM-x32\...\Run: [EzPrint] => C:\Program Files (x86) (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] ()

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [Dell V310-V510 Series] => C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe [316072 2011-01-23] ()

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM-x32\...\Run: [sMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [147248 2014-02-11] (SMART Technologies)

HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)

HKLM-x32\...\Run: [sMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [9024304 2013-11-20] (SMART Technologies ULC)

HKLM-x32\...\Run: [sMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [204592 2014-02-12] (SMART Technologies)

HKLM-x32\...\Run: [sMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [744752 2014-02-12] (SMART Technologies)

HKLM-x32\...\Run: [sMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1933616 2014-02-12] (SMART Technologies)

HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies)

HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [Google Update] => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3289088 2007-11-20] (Google)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\MountPoints2: {dae4b27d-42dd-11e1-962d-4c80936ce95d} - E:\LaunchU3.exe -a

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BodyMedia Sync.lnk

ShortcutTarget: BodyMedia Sync.lnk -> C:\Program Files (x86)\BodyMedia\Sync\BodyMediaSync.exe (BodyMedia, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank


SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 





SearchScopes: HKCU - DefaultScope {6DBF433D-8403-4E85-8B85-C525340F74F8} URL = https://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = 

SearchScopes: HKCU - {6DBF433D-8403-4E85-8B85-C525340F74F8} URL = https://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 

SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 


BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()

BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: No Name - {9194649F-7143-4308-90C1-D6A35B0E354E} -  No File

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()

Toolbar: HKCU - No Name - {06E58E5E-F8CB-4049-991E-A41C03BD419E} -  No File

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.1107 - C:\windows\system32\itruscert\NPComBrg701.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @hehehi.com/hehehi - C:\PROGRA~2\WEBQQP~1\nphehehi.dll (Shenzhen Mining Technology Co., Ltd.)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ceni Cen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ceni Cen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore

FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-12-30]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-12-30]

 

==================== Services (Whitelisted) =================

 

R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]

R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]

R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]

S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]

S2 dleaCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [45224 2010-05-21] ()

R2 dlea_device; C:\windows\system32\dleacoms.exe [1052328 2010-05-21] ( )

R2 dlea_device; C:\windows\SysWOW64\dleacoms.exe [598696 2010-05-21] ( )

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)

S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)

S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.)

R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-15] ()

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]

R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)

R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2014-02-12] (SMART Technologies)

R2 SupraSavingsService64; C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe [172544 2014-06-25] () [File not signed]

R2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe [706560 2014-06-20] () [File not signed]

 

==================== Drivers (Whitelisted) ====================

 

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)

R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)

S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)

R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-03-07] (SMART Technologies)

R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-03-07] (SMART Technologies)

S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-03-07] (SMART Technologies ULC)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-02 16:07 - 2014-07-02 16:08 - 00000000 ____D () C:\FRST

2014-07-02 12:41 - 2014-07-02 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-07-02 11:20 - 2014-07-02 11:21 - 00726888 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup (1).exe

2014-07-02 11:19 - 2014-07-02 11:19 - 00732728 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup.exe

2014-07-02 11:11 - 2014-07-02 11:16 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job

2014-07-02 11:11 - 2014-07-02 11:11 - 17275240 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-02 11:11 - 2014-07-02 11:11 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35

2014-06-27 14:59 - 2014-06-27 14:59 - 17273780 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012 (1).exe

2014-06-27 14:58 - 2014-06-27 14:58 - 17276700 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012.exe

2014-06-27 12:24 - 2014-06-27 12:24 - 00000000 ____D () C:\windows\Sun

2014-06-27 12:17 - 2014-06-27 12:17 - 00000020 _____ () C:\Users\Ceni Cen\Downloads\SPug

2014-06-27 11:21 - 2014-06-27 11:21 - 01075776 _____ (OR Interactive Ltd) C:\Users\Ceni Cen\Downloads\IDM2.exe

2014-06-27 10:21 - 2014-06-27 10:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF

2014-06-22 11:22 - 2014-07-02 15:27 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job

2014-06-22 11:22 - 2014-06-22 11:22 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1

2014-06-20 18:43 - 2014-06-20 18:43 - 00000047 _____ () C:\Users\Ceni Cen\AppData\Roaming\WB.CFG

2014-06-20 17:50 - 2014-07-02 15:44 - 00000000 ____D () C:\Program Files\suprasavings

2014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer

2014-06-20 17:45 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\003

2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg

2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax

2014-06-20 17:40 - 2014-06-20 17:40 - 00228728 _____ (Fusion Install ) C:\Users\Ceni Cen\Downloads\Java_Updater_Setup.exe

2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter64.sys

2014-06-11 20:32 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-06-11 20:32 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-06-11 20:32 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-06-11 20:32 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-06-11 20:32 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-06-11 20:32 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-06-11 20:32 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-06-11 20:32 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-06-11 20:32 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-06-11 20:32 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-06-11 20:32 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-06-11 20:32 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-06-11 20:32 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-06-11 20:32 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-06-11 20:32 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-06-11 20:32 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-06-11 20:32 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-06-11 20:32 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-06-11 20:32 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-06-11 20:32 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-06-11 20:32 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-06-11 20:32 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-06-11 20:32 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-06-11 20:32 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-06-11 20:32 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-06-11 20:32 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-06-11 20:32 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-06-11 20:32 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-06-11 20:32 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-06-11 20:32 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2014-06-11 20:32 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-06-11 20:32 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-06-11 20:32 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-11 20:32 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-06-11 20:32 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-06-11 20:32 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-06-11 20:32 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-06-11 20:32 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-06-11 20:32 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2014-06-11 20:32 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-06-11 20:32 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-06-11 20:32 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-06-11 20:32 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-06-11 20:32 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-06-11 20:32 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-06-11 20:32 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-06-11 20:32 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll

2014-06-11 20:32 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll

2014-06-11 20:32 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll

2014-06-11 20:32 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll

2014-06-11 20:32 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys

2014-06-11 20:32 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS

2014-06-11 20:32 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll

2014-06-11 20:32 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll

2014-06-11 20:32 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll

2014-06-11 20:32 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll

2014-06-11 20:32 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll

2014-06-11 20:32 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll

2014-06-11 20:32 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll

2014-06-11 20:32 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll

2014-06-11 20:31 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-06-11 20:31 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-06-11 20:31 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-06-11 20:31 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-06-11 20:31 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-06-11 20:31 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-06-03 18:48 - 2014-06-03 18:48 - 00155135 _____ () C:\ProgramData\SPL5F8F.tmp

2014-06-03 18:32 - 2014-06-03 18:32 - 00264971 _____ () C:\ProgramData\SPLEB1B.tmp

 

==================== One Month Modified Files and Folders =======

 

2014-07-02 16:08 - 2014-07-02 16:07 - 00000000 ____D () C:\FRST

2014-07-02 15:48 - 2011-12-30 09:57 - 01592585 _____ () C:\windows\WindowsUpdate.log

2014-07-02 15:47 - 2012-01-05 15:48 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Nero

2014-07-02 15:44 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\suprasavings

2014-07-02 15:43 - 2013-02-11 15:18 - 00000000 ___RD () C:\Users\Ceni Cen\Google Drive

2014-07-02 15:41 - 2013-02-27 15:47 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job

2014-07-02 15:27 - 2014-06-22 11:22 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job

2014-07-02 15:16 - 2012-01-05 15:38 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA.job

2014-07-02 15:01 - 2009-07-14 01:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI

2014-07-02 13:05 - 2012-01-05 15:37 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Deployment

2014-07-02 12:45 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-02 12:45 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-02 12:41 - 2014-07-02 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-07-02 12:37 - 2011-12-30 10:50 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-07-02 12:37 - 2011-12-30 10:50 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2014-07-02 12:37 - 2011-12-30 10:40 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-07-02 12:36 - 2013-02-11 15:16 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-02 12:36 - 2012-01-19 22:05 - 00076149 _____ () C:\ProgramData\dleascan.log

2014-07-02 12:36 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-07-02 12:36 - 2009-07-14 00:51 - 00070653 _____ () C:\windows\setupact.log

2014-07-02 12:33 - 2012-01-05 15:38 - 00000000 ____D () C:\Users\Ceni Cen\AppData\Local\Google

2014-07-02 11:55 - 2010-11-20 23:47 - 00277456 _____ () C:\windows\PFRO.log

2014-07-02 11:21 - 2014-07-02 11:20 - 00726888 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup (1).exe

2014-07-02 11:19 - 2014-07-02 11:19 - 00732728 _____ ( ) C:\Users\Ceni Cen\Downloads\Flash_setup.exe

2014-07-02 11:16 - 2014-07-02 11:11 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job

2014-07-02 11:11 - 2014-07-02 11:11 - 17275240 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-02 11:11 - 2014-07-02 11:11 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35

2014-07-02 11:11 - 2012-01-05 15:38 - 00003900 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA

2014-06-27 14:59 - 2014-06-27 14:59 - 17273780 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012 (1).exe

2014-06-27 14:58 - 2014-06-27 14:58 - 17276700 _____ (Malwarebytes Corporation ) C:\Users\Ceni Cen\Downloads\mbam-setup-2-0-2-1012.exe

2014-06-27 12:24 - 2014-06-27 12:24 - 00000000 ____D () C:\windows\Sun

2014-06-27 12:17 - 2014-06-27 12:17 - 00000020 _____ () C:\Users\Ceni Cen\Downloads\SPug

2014-06-27 11:21 - 2014-06-27 11:21 - 01075776 _____ (OR Interactive Ltd) C:\Users\Ceni Cen\Downloads\IDM2.exe

2014-06-27 10:24 - 2012-01-19 22:05 - 00000404 _____ () C:\ProgramData\FastPics.log

2014-06-27 10:21 - 2014-06-27 10:21 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF

2014-06-22 11:22 - 2014-06-22 11:22 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1

2014-06-22 11:22 - 2013-02-11 15:16 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-22 11:22 - 2012-01-05 15:48 - 00000000 ____D () C:\Temp

2014-06-20 19:49 - 2013-05-22 06:08 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask

2014-06-20 18:43 - 2014-06-20 18:43 - 00000047 _____ () C:\Users\Ceni Cen\AppData\Roaming\WB.CFG

2014-06-20 17:50 - 2014-06-20 17:45 - 00000000 ____D () C:\Program Files\003

2014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer

2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg

2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax

2014-06-20 17:40 - 2014-06-20 17:40 - 00228728 _____ (Fusion Install ) C:\Users\Ceni Cen\Downloads\Java_Updater_Setup.exe

2014-06-17 19:50 - 2013-02-11 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2014-06-17 08:06 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF

2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter64.sys

2014-06-12 03:10 - 2013-08-14 17:02 - 00000000 ____D () C:\windows\system32\MRT

2014-06-12 03:08 - 2012-02-24 11:40 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-06-12 03:08 - 2012-01-20 22:24 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-08 11:41 - 2012-01-19 22:05 - 00021198 _____ () C:\ProgramData\dlea.log

2014-06-07 21:38 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache

2014-06-03 20:04 - 2012-02-13 14:15 - 00166970 _____ () C:\ProgramData\dleaJSW.log

2014-06-03 18:59 - 2012-01-19 22:06 - 00000000 ____D () C:\ProgramData\DL_cats

2014-06-03 18:48 - 2014-06-03 18:48 - 00155135 _____ () C:\ProgramData\SPL5F8F.tmp

2014-06-03 18:32 - 2014-06-03 18:32 - 00264971 _____ () C:\ProgramData\SPLEB1B.tmp

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-06-07 21:27

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014

Ran by Ceni Cen at 2014-07-02 16:10:22

Running from C:\Users\Ceni Cen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4FPD3KE

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {ADA629C7-7F48-5689-624A-3B76997E0892}

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

 

==================== Installed Programs ======================

 

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)

BodyMedia SYNC (x32 Version: 2.3.1.102 - BodyMedia, Inc.) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)

Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)

Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)

Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)

Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)

Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)

Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)

Dell Toolbar (HKLM-x32\...\{09B71986-2AC5-482d-B6CB-42EA34F4F85B}) (Version: 1.8.12.0 - )

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)

Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version:  - Dell, Inc.)

Dell V310-V510 Series (HKLM-x32\...\Dell V310-V510 Series) (Version:  - Dell, Inc.)

Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)

Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)

DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden

Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)

Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)

HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)

iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2466 - Bandoo Media Inc) <==== ATTENTION

Intel PROSet Wireless (Version:  - ) Hidden

Intel PROSet Wireless (x32 Version:  - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)

Intel® WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden

Nero Blu-ray Player (x32 Version: 12.0.20030 - Nero AG) Hidden

Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden

Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden

Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden

OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)

PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)

QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)

Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden

Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden

Roxio Burn (x32 Version: 1.8 - Roxio) Hidden

Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)

Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden

Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden

Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden

Roxio File Backup (Version: 1.3.2 - Roxio) Hidden

SMART Chinese (Simplified) Language Pack (HKLM-x32\...\{36D626DC-33D2-4B0E-BA3A-85CF20EAC372}) (Version: 11.4.27.0 - SMART Technologies ULC)

SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC)

SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.723.0 - SMART Technologies ULC)

SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC)

SMART Product Drivers (HKLM-x32\...\{53330A17-78DE-458E-9997-292A2D6D3ADD}) (Version: 11.4.872.1 - SMART Technologies ULC)

Smilebox (HKCU\...\Smilebox) (Version: 1.0.0.26929 - Smilebox, Inc.)

Smilebox Bundle (HKLM-x32\...\Smilebox Bundle) (Version: 2.0.0.5 - Perion Network Ltd.)

Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden

SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG)

SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden

TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)

TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden

TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)

Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)

Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)

Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)

WebQQÊÓƵ²å¼þ (HKLM-x32\...\WebQQÊÓƵ²å¼þ) (Version:  - )

Widevine Media Optimizer Chrome 6.0.0 (HKCU\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)

 

==================== Restore Points  =========================

 

18-04-2014 07:00:49 Windows Update

26-04-2014 01:27:36 MinitabCIA

06-05-2014 07:01:11 Windows Update

07-05-2014 07:00:29 Windows Update

16-05-2014 07:01:20 Windows Update

08-06-2014 01:34:47 Scheduled Checkpoint

12-06-2014 07:02:32 Windows Update

 

==================== Hosts content: ==========================

 

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {06E6F51D-8632-4F8C-AD19-EA86DAB47A81} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {2BF6B222-C3D6-40AF-B85C-2EBBDD3ADE20} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35 => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)

Task: {59014C64-B907-4F7B-843F-F01BA353407A} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

Task: {7AE8BE22-A1CA-41EC-84CC-1583009564AD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {816A7AEA-1FF3-4D4F-8581-0E9F778A1F8D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {890A420A-80D7-4DFD-990B-90B27D9F6F4F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)

Task: {984F9537-7FC7-42D2-AB03-2CE084E7A2B7} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)

Task: {CBCE2D9D-AA03-4E44-BE0B-422726FED0E4} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)

Task: {CC0E6BAC-2B42-42C3-935A-6B4633C81777} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)

Task: {CDFA340D-4694-4FFA-91F4-BD88B3F7139B} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] () <==== ATTENTION

Task: {F5596B1E-9698-42C4-80AD-BFA85A35135D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)

Task: {FDB9D482-5637-4E04-980A-F9E6756A0C78} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8e2dd47a90b1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000Core1cf9607e06e9f35.job => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051148634-656423823-1457257949-1000UA.job => C:\Users\Ceni Cen\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2012-02-13 14:05 - 2009-12-31 02:17 - 00053760 _____ () C:\windows\System32\DLEAPMON.DLL

2012-02-13 14:05 - 2009-01-13 09:15 - 05709824 _____ () C:\windows\System32\DLEAOEM.DLL

2012-01-26 00:45 - 2009-11-04 09:17 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\dleadrpp.dll

2012-01-19 21:55 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll

2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2014-05-29 07:16 - 2014-05-29 07:16 - 00241344 _____ () C:\Program Files\pcmax\pcmax.exe

2014-06-25 13:58 - 2014-06-25 13:58 - 00172544 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe

2014-06-12 15:05 - 2014-06-12 15:05 - 00110080 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\nfapi.dll

2014-06-12 15:05 - 2014-06-12 15:05 - 00456192 _____ () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\ProtocolFilters.dll

2014-06-20 17:50 - 2014-06-20 17:50 - 00706560 _____ () C:\Program Files\003\vxlsnyaiet64.exe

2011-12-30 11:35 - 2011-04-10 14:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2012-02-13 14:03 - 2011-01-23 21:22 - 00770728 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe

2012-02-13 14:03 - 2011-01-23 21:22 - 00139944 _____ () C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe

2011-12-30 10:40 - 2011-08-18 12:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

2010-11-17 12:35 - 2010-11-17 12:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

2011-04-29 20:18 - 2011-04-29 20:18 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-02-13 14:02 - 2009-11-26 04:49 - 00086180 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacfg.dll

2012-02-13 14:03 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleascw.dll

2012-02-13 14:03 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleadatr.dll

2012-02-13 14:03 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaDRS.dll

2012-02-13 14:03 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacaps.dll

2012-02-13 14:03 - 2009-03-05 13:55 - 00059904 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacnv4.dll

2009-02-20 09:50 - 2009-02-20 09:50 - 00381440 _____ () C:\windows\system32\dleasm.dll

2009-02-20 09:50 - 2009-02-20 09:50 - 00028672 _____ () C:\windows\system32\dleasmr.dll

2012-02-13 14:03 - 2009-06-22 09:08 - 00708608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epwizard.DLL

2012-02-13 14:03 - 2009-06-22 09:06 - 00159744 _____ () C:\Program Files (x86)\Dell V310-V510 Series\customui.dll

2012-02-13 14:03 - 2009-06-22 09:06 - 00114688 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Eputil.DLL

2012-02-13 14:03 - 2009-06-22 09:05 - 00139264 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Imagutil.DLL

2012-02-13 14:03 - 2009-06-22 09:06 - 00061440 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epfunct.DLL

2012-02-13 14:03 - 2009-06-22 09:08 - 02203648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPWizRes.dll

2012-02-13 14:03 - 2009-06-22 09:08 - 00045056 _____ () C:\Program Files (x86)\Dell V310-V510 Series\epstring.dll

2012-02-13 14:03 - 2009-06-22 09:08 - 00196608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPOEMDll.dll

2012-02-13 14:03 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Dell V310-V510 Series\iptk.dll

2012-02-13 14:03 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaptp.dll

2014-07-02 12:36 - 2014-07-02 12:36 - 00098816 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32api.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00110080 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pywintypes27.dll

2014-07-02 12:36 - 2014-07-02 12:36 - 00364544 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pythoncom27.dll

2014-07-02 12:36 - 2014-07-02 12:36 - 00045568 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_socket.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 01160704 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_ssl.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00320512 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32com.shell.shell.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00713216 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_hashlib.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 01175040 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._core_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00805888 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._gdi_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00811008 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._windows_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 01062400 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._controls_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00735232 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._misc_.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00128512 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_elementtree.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00127488 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pyexpat.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00557056 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\pysqlite2._sqlite.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00007168 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\hashobjs_ext.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00087552 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_ctypes.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00119808 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32file.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00108544 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32security.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00018432 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32event.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00038912 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32inet.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00070656 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._html2.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00167936 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32gui.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00011264 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32crypt.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00027136 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\_multiprocessing.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00122368 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._wizard.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00010240 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\select.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00024064 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32pipe.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00686080 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\unicodedata.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00025600 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32pdh.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00525640 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\windows._lib_cacheinvalidation.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00035840 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32process.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00017408 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32profile.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00022528 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\win32ts.pyd

2014-07-02 12:36 - 2014-07-02 12:36 - 00078336 _____ () C:\Users\Ceni Cen\AppData\Local\Temp\_MEI32402\wx._animate.pyd

2010-11-25 00:44 - 2010-11-25 00:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

2011-04-29 20:13 - 2011-04-29 20:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll

2011-04-29 20:13 - 2011-04-29 20:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll

2013-08-22 19:43 - 2013-08-22 19:43 - 00272688 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node

2013-08-22 19:44 - 2013-08-22 19:44 - 00039216 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node

2013-08-22 19:44 - 2013-08-22 19:44 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node

2013-08-22 19:44 - 2013-08-22 19:44 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node

2013-08-22 19:44 - 2013-08-22 19:44 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node

2014-02-13 04:47 - 2014-02-13 04:47 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll

2011-12-30 10:05 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

 

==================== Faulty Device Manager Devices =============

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

Name: SMART Virtual TabletPC

Description: SMART Virtual TabletPC

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: SMART Technologies ULC

Service: SMARTVTabletPCx64

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/02/2014 03:45:36 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (07/02/2014 03:14:41 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program IEXPLORE.EXE version 11.0.9600.17126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 2278

 

Start Time: 01cf96294ec45104

 

Termination Time: 24

 

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

 

Report Id:

 

Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2108837

 

Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2108837

 

Error: (07/02/2014 02:58:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2107729

 

Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2107729

 

Error: (07/02/2014 02:58:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/02/2014 02:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2106590

 

Error: (07/02/2014 02:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2106590

 

 

System errors:

=============

Error: (07/02/2014 01:11:01 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 10. The internal error state is 10.

 

Error: (07/02/2014 01:04:42 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 10. The internal error state is 10.

 

Error: (07/02/2014 00:40:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (07/02/2014 00:37:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

 

Error: (07/02/2014 00:37:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The McAfee McShield service failed to start due to the following error: 

%%1053

 

Error: (07/02/2014 00:37:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee McShield service to connect.

 

Error: (07/02/2014 00:36:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The dleaCATSCustConnectService service failed to start due to the following error: 

%%1053

 

Error: (07/02/2014 00:36:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect.

 

Error: (07/02/2014 11:57:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (07/02/2014 11:56:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

 

 

Microsoft Office Sessions:

=========================

 

==================== Memory info =========================== 

 

Percentage of memory in use: 50%

Total physical RAM: 6050.05 MB

Available physical RAM: 3019.08 MB

Total Pagefile: 12098.29 MB

Available Pagefile: 8578.82 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:683.89 GB) (Free:591.93 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 001738BE)

Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)

Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=684 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

Scan with CKScanner

Download CKScanner by askey127 from Here & save it to your Desktop.

  • Right-click and Run as Administrator CKScanner.exe then click Search For Files
  • When the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved
  • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply

 
 
 
We Need to Diagnose a Possible Problem with WGA
This may be preventing you from installing that service pack.
  1. Please download MGADiag and save it to your desktop.
  2. Double click the mgadiag.png icon on your desktop.
  3. Click Continue
  4. Click Copy
  5. Go to Start -> Run and type in "Notepad"
  6. Go to Edit -> Paste in notepad.
  7. x out all of the numbers and letters in the line beginning with "Windows Product Key:"
  8. Copy and paste that log here.

Link to post
Share on other sites

Diagnostic Report (1.9.0027.0):

-----------------------------------------

Windows Validation Data-->

 

Validation Code: 0

Cached Online Validation Code: 0x0

Windows Product Key: *****-*****-xxxxx-xxxxx-xxxxx

Windows Product Key Hash: +Rj3N34NLM2JqoBO/OzgzTZXgbY=

Windows Product ID: 00359-OEM-8992687-00095

Windows Product ID Type: 2

Windows License Type: OEM SLP

Windows OS version: 6.1.7601.2.00010300.1.0.003

ID: {D6129C89-C9D2-4059-AD65-432170D5D97E}(1)

Is Admin: Yes

TestCab: 0x0

LegitcheckControl ActiveX: N/A, hr = 0x80070002

Signed By: N/A, hr = 0x80070002

Product Name: Windows 7 Home Premium

Architecture: 0x00000009

Build lab: 7601.win7sp1_gdr.140303-2144

TTS Error: 

Validation Diagnostic: 

Resolution Status: N/A

 

Vista WgaER Data-->

ThreatID(s): N/A, hr = 0x80070002

Version: N/A, hr = 0x80070002

 

Windows XP Notifications Data-->

Cached Result: N/A, hr = 0x80070002

File Exists: No

Version: N/A, hr = 0x80070002

WgaTray.exe Signed By: N/A, hr = 0x80070002

WgaLogon.dll Signed By: N/A, hr = 0x80070002

 

OGA Notifications Data-->

Cached Result: N/A, hr = 0x80070002

Version: N/A, hr = 0x80070002

OGAExec.exe Signed By: N/A, hr = 0x80070002

OGAAddin.dll Signed By: N/A, hr = 0x80070002

 

OGA Data-->

Office Status: 100 Genuine

Microsoft Office Enterprise 2007 - 100 Genuine

OGA Version: N/A, 0x80070002

Signed By: N/A, hr = 0x80070002

Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005

 

Browser Data-->

Proxy settings: N/A

User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)

Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Download signed ActiveX controls: Prompt

Download unsigned ActiveX controls: Disabled

Run ActiveX controls and plug-ins: Allowed

Initialize and script ActiveX controls not marked as safe: Disabled

Allow scripting of Internet Explorer Webbrowser control: Disabled

Active scripting: Allowed

Script ActiveX controls marked as safe for scripting: Allowed

 

File Scan Data-->

 

Other data-->

Office Details: <GenuineResults><MachineData><UGUID>{D6129C89-C9D2-4059-AD65-432170D5D97E}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RMV82</PKey><PID>00359-OEM-8992687-00095</PID><PIDType>2</PIDType><SID>S-1-5-21-2051148634-656423823-1457257949</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron N5110</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A09</Version><SMBIOSVersion major="2" minor="6"/><Date>20110930000000.000000+000</Date></BIOS><HWID>AD1D3A07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>WN09   </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>7480B9502DF0D86</Val><Hash>oYWOW5ayFE3pZ+jvTpuXYsY64JE=</Hash><Pid>89388-707-8722531-65657</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  

 

Spsys.log Content: 0x80070002

 

Licensing Data-->

Software licensing service version: 6.1.7601.17514

 

Name: Windows® 7, HomePremium edition

Description: Windows Operating System - Windows® 7, OEM_SLP channel

Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64

Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f

Extended PID: 00359-00178-926-800095-02-1033-7601.0000-3642011

Installation ID: 011543924335733633371041180762578316456962189571519265





Partial Product Key: RMV82

License Status: Licensed

Remaining Windows rearm count: 1

Trusted time: 7/12/2014 12:27:37 PM

 

Windows Activation Technologies-->

HrOffline: 0x00000000

HrOnline: 0x00000000

HealthStatus: 0x0000000000000000

Event Time Stamp: 5:6:2014 04:14

ActiveX: Registered, Version: 7.1.7600.16395

Admin Service: Registered, Version: 7.1.7600.16395

HealthStatus Bitmask Output:

 

 

HWID Data-->

HWID Hash Current: MgAAAAEAAQABAAEAAAACAAAABAABAAEAonYaWIrsBoZmZHR0jGy8xBYDqPgiI+6PLnM=

 

OEM Activation 1.0 Data-->

N/A

 

OEM Activation 2.0 Data-->

BIOS valid for OA 2.0: yes

Windows marker version: 0x20001

OEMID and OEMTableID Consistent: yes

BIOS Information: 

  ACPI Table Name OEMID Value OEMTableID Value

  APIC DELL WN09

  FACP DELL WN09

  HPET DELL WN09

  MCFG DELL WN09

  SSDT TrmRef PtidDevc

  SLIC DELL   WN09   

  SSDT TrmRef PtidDevc

  SSDT TrmRef PtidDevc

  OSFR DELL   M08    
Link to post
Share on other sites

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs
 

ilivid


Close the window.

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2014 01

Ran by Ceni Cen at 2014-07-14 22:07:07 Run:1

Running from C:\Users\Ceni Cen\Downloads

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

Toolbar: HKCU - No Name - {06E58E5E-F8CB-4049-991E-A41C03BD419E} -  No File

Task: {CDFA340D-4694-4FFA-91F4-BD88B3F7139B} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] () <==== ATTENTION

BHO-x32: No Name - {9194649F-7143-4308-90C1-D6A35B0E354E} -  No File

SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 

SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 

SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-se...i=998&did=10874

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = 

SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}

SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-se...565901011287578

SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}

SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.better-se...565901011287578

HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

 

R2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe [706560 2014-06-20] () [File not signed]

R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()

 

2014-07-02 15:44 - 2014-06-20 17:50 - 00000000 ____D () C:\Program Files\suprasavings

2014-06-20 17:50 - 2014-06-20 17:45 - 00000000 ____D () C:\Program Files\003

2014-06-20 17:49 - 2014-06-20 17:49 - 00000000 ____D () C:\Users\Ceni Cen\Documents\PC Speed Maximizer

2014-06-20 17:44 - 2014-06-20 17:44 - 00003684 _____ () C:\windows\System32\Tasks\pcreg

2014-06-20 17:44 - 2014-06-20 17:44 - 00000000 ____D () C:\Program Files\pcmax

*****************

 

HKU\S-1-5-21-2051148634-656423823-1457257949-1000\Software\Microsoft\Windows\CurrentVersion\Run\\pcreg => value deleted successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\pcreg => value deleted successfully.

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{06E58E5E-F8CB-4049-991E-A41C03BD419E} => value deleted successfully.

'HKCR\CLSID\{06E58E5E-F8CB-4049-991E-A41C03BD419E}'=> Key not found.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDFA340D-4694-4FFA-91F4-BD88B3F7139B}' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDFA340D-4694-4FFA-91F4-BD88B3F7139B}' => Key deleted successfully.

C:\Windows\System32\Tasks\pcreg => Moved successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pcreg' => Key deleted successfully.

'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9194649F-7143-4308-90C1-D6A35B0E354E}' => Key deleted successfully.

'HKCR\Wow6432Node\CLSID\{9194649F-7143-4308-90C1-D6A35B0E354E}'=> Key not found.

'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.

'HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.

'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.

'HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.

'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}' => Key deleted successfully.

'HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}'=> Key not found.

'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.

'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.

'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}' => Key deleted successfully.

'HKCR\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}'=> Key not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.

'HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.

'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.

'HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.

'HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.

'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}' => Key deleted successfully.

'HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}'=> Key not found.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\pcreg => value deleted successfully.

vxlsnyaiet64 => Service not found.

pcmaxservice => Service stopped successfully.

pcmaxservice => Service deleted successfully.

"C:\Program Files\suprasavings" => File/Directory not found.

C:\Program Files\003 => Moved successfully.

C:\Users\Ceni Cen\Documents\PC Speed Maximizer => Moved successfully.

"C:\windows\System32\Tasks\pcreg" => File/Directory not found.

C:\Program Files\pcmax => Moved successfully.

 

==== End of Fixlog ====

Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 7/14/2014

Scan Time: 10:11:28 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.07.15.01

Rootkit Database: v2014.07.14.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Ceni Cen

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 305065

Time Elapsed: 16 min, 30 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Warn

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Looks good! :)

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

C:\$Recycle.Bin\S-1-5-21-2051148634-656423823-1457257949-1000\$RODT9U3.exe Win32/Idmsq.A potentially unwanted application

C:\FRST\Quarantine\C\Program Files\pcmax\pcmax.exe a variant of Win32/Conduit.SearchProtect.O potentially unwanted application

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Program Files (x86)\sweetpacks bundle uninstaller_Smilebox_With_WP_1167364\uninstaller.exe a variant of Win32/ClientConnect.A potentially unwanted application

C:\Users\Ceni Cen\Downloads\IDM2.exe Win32/Idmsq.A potentially unwanted application

C:\Users\Ceni Cen\Downloads\OffercastInstaller_AVR_U-0087-01-PlateauLines-0805-01-en_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
Link to post
Share on other sites

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

# AdwCleaner v3.215 - Report created 15/07/2014 at 12:15:49

# Updated 09/07/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Ceni Cen - PC

# Running from : C:\Users\Ceni Cen\Downloads\adwcleaner_3.215.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Premium

Folder Deleted : C:\Program Files (x86)\OApps

Folder Deleted : C:\Users\Ceni Cen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

File Deleted : C:\Users\Ceni Cen\AppData\LocalLow\SkwConfig.bin

 

***** [ Shortcuts ] *****

 

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smilebox Bundle\Smilebox Bundle.lnk

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh

Key Deleted : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Cr_Installer

Key Deleted : HKCU\Software\ilivid

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause

Key Deleted : HKLM\Software\CompeteInc

Key Deleted : HKLM\Software\iLividSRTB

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar

Key Deleted : [x64] HKLM\SOFTWARE\SweetIM

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17207

 

 

-\\ Google Chrome v35.0.1916.153

 

[ File : C:\Users\Ceni Cen\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}

Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}

Deleted [Homepage] : hxxp://www.searchnu.com/406

Deleted [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl

Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh

 

*************************

 

AdwCleaner[R0].txt - [5497 octets] - [15/07/2014 12:14:34]

AdwCleaner[s0].txt - [5203 octets] - [15/07/2014 12:15:49]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5263 octets] ##########
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Ceni Cen on Tue 07/15/2014 at 12:22:16.38

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Failed to delete: [Folder] "C:\Program Files (x86)\coupons"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 07/15/2014 at 12:30:49.68

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.85  

 Windows 7 Service Pack 1 x64 (UAC is disabled!)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Security Center service is not running! This report may not be accurate! 

 Windows Firewall Enabled!  

McAfee Anti-Virus and Anti-Spyware   

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 60  

 Adobe Flash Player 14.0.0.145  

 Adobe Reader XI  

 Google Chrome 35.0.1916.153  

 Google Chrome plugins...  

````````Process Check: objlist.exe by Laurent````````  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 8% 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Your system is clean now! :)

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.





Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.




Temp File Cleaner

We need to download Temp File Cleaner (TFC) by OldTimer:

  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now

More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.