Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows FireWall [Closed]


  • This topic is locked This topic is locked

#1
tuchek76

tuchek76

    Member

  • Member
  • PipPip
  • 11 posts

I cant get my windows Firewall to start. I keep getting "Due to an unidentified problem, Windows cannot display Windows Firewall Settings." Any help. I have been trying to get this pc to share on my network. It also is a fail


  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello tuchek76,

 

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.


  • 0

#3
tuchek76

tuchek76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014 01
Ran by Dell (administrator) on DELL-1 on 01-06-2014 09:34:51
Running from C:\Users\Dell\Desktop\Stuff\Downloads
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(SigmaTel, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(SkyHawke) C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Curse) C:\Users\Dell\AppData\Local\Apps\2.0\21VCLZH0.840\2P9TW1PY.0KB\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\WSCStatusController.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\WSCStatusController.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ECenter] => C:\Dell\E-Center\EULALauncher.exe [17920 2008-02-28] ( )
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-12] (SigmaTel, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [CaddieSyncConduit] => C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2544960 2013-05-08] (SkyHawke)
HKLM\...\Run: [Bluetooth HCI Monitor] => C:\Windows\system32\HCIMNTR.DLL [9728 2006-12-07] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554408 2013-05-15] (Lavasoft)
HKLM\...\Run: [SearchProtection] => C:\ProgramData\Search Protection\_run.bat [136 2013-04-01] ()
HKLM\...\Run: [InstaLAN] => C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [3643224 2014-01-23] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [143792 2013-10-09] (Trend Micro Inc.)
HKLM\...\RunOnce: [DCERegBootClean] - C:\Windows\RegBootClean.exe [209432 2014-06-01] ()
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Run: [OE] => C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [OE] => C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-03-28] (AMD)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [DellSystemDetect] => C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-01-31] (Google Inc.)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [CaddieSync Express] => C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2544960 2013-05-08] (SkyHawke)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1006\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rand McNally Dock.lnk
ShortcutTarget: Rand McNally Dock.lnk -> C:\Program Files\Rand McNally\RNDDock\StartupLauncher.bat ()
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} -  No File
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...archTerms}=
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://lavasoft.blek...&q={searchTerms}
SearchScopes: HKCU - {812DA0E2-0242-4697-8D33-DFBB1FF47629} URL = http://search.condui...&ctid=CT3201318
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.)
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO: No Name - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -  No File
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} -  No File
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...C_2.3.8.110.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
DPF: {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinn...dy/jeopardy.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-05-31]
FF HKLM\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-05-31]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ []

========================== Services (Whitelisted) =================

R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152576 2011-04-19] ()
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] ()
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [651232 2014-01-23] ()
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [81408 2011-05-04] ()
R2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-09-12] (SigmaTel, Inc.)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75776 2013-01-15] (Advanced Micro Devices)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [9986048 2013-03-29] (Advanced Micro Devices, Inc.)
S3 SaiK0836; C:\Windows\System32\DRIVERS\SaiK0836.sys [139272 2010-07-08] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [20744 2010-07-08] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43656 2010-07-08] (Saitek)
S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [40560 2010-04-15] (Belcarra Technologies)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-09-12] (SigmaTel, Inc.)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [102904 2013-09-04] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [288840 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC32.sys [40736 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [85280 2013-06-13] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [83352 2013-09-04] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [282272 2013-05-22] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [92304 2012-05-02] (Trend Micro Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [340624 2013-07-17] (BitDefender S.R.L.)
S1 hlnfd; system32\drivers\hlnfd.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S1 qknfd; system32\drivers\qknfd.sys [X]
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-01 09:34 - 2014-06-01 09:34 - 00000000 ____D () C:\FRST
2014-06-01 09:33 - 2014-06-01 09:33 - 00016742 _____ () C:\Windows\RegBootClean.CFG
2014-05-31 14:00 - 2014-05-31 14:00 - 00001181 _____ () C:\Users\Dell\Desktop\Trend Micro Titanium Internet Security.lnk
2014-05-31 13:58 - 2013-09-04 01:23 - 00102904 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2014-05-31 13:58 - 2013-09-04 01:20 - 00083352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2014-05-31 13:58 - 2013-09-04 01:12 - 00288840 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-05-31 13:58 - 2013-07-01 08:08 - 00040736 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC32.sys
2014-05-31 13:58 - 2013-06-13 01:35 - 00085280 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2014-05-31 13:58 - 2013-05-22 10:37 - 00282272 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2014-05-31 13:58 - 2012-05-02 14:27 - 00092304 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmtdi.sys
2014-05-31 13:55 - 2014-05-31 13:55 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-05-31 13:54 - 2014-05-31 13:54 - 00000000 ____D () C:\Program Files\Trend Micro
2014-05-31 13:48 - 2014-05-31 13:48 - 00000950 _____ () C:\Windows\PFRO.log
2014-05-31 12:45 - 2014-05-31 14:03 - 00000000 ___HD () C:\TMRescueDisk
2014-05-31 12:43 - 2014-05-31 12:43 - 00001150 _____ () C:\Users\Public\Desktop\Trend Micro Titanium Internet Security Installer.lnk
2014-05-31 12:40 - 2014-05-31 14:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-05-31 12:31 - 2014-05-31 12:31 - 00000036 _____ () C:\Users\Dell\AppData\Local\housecall.guid.cache
2014-05-31 09:49 - 2011-09-29 00:11 - 00204816 _____ (Trend Micro Inc.) C:\Windows\TmNSCIns.dll
2014-05-09 16:51 - 2014-05-09 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-09 16:51 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-09 16:51 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-09 16:51 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-09 16:51 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-09 16:50 - 2014-05-09 16:51 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

==================== One Month Modified Files and Folders =======

2014-06-01 09:35 - 2009-02-14 16:22 - 00000000 ____D () C:\Users\Dell\AppData\Local\Temp
2014-06-01 09:34 - 2014-06-01 09:34 - 00000000 ____D () C:\FRST
2014-06-01 09:33 - 2014-06-01 09:33 - 00016742 _____ () C:\Windows\RegBootClean.CFG
2014-06-01 09:33 - 2012-08-14 12:59 - 00209432 _____ () C:\Windows\RegBootClean.exe
2014-06-01 09:33 - 2010-04-20 07:39 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-06-01 09:14 - 2012-07-15 14:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-01 08:54 - 2010-01-29 06:51 - 00000000 ____D () C:\Users\Dell\AppData\Local\Deployment
2014-06-01 08:44 - 2010-01-29 06:45 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 07:48 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-01 07:48 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-01 07:44 - 2010-01-29 06:45 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-01 02:39 - 2010-08-14 02:39 - 00000376 _____ () C:\Windows\Tasks\Free File Viewer Update Checker.job
2014-05-31 16:11 - 2014-01-31 04:15 - 00000000 ____D () C:\Users\Dell\AppData\Local\Battle.net
2014-05-31 14:03 - 2014-05-31 12:45 - 00000000 ___HD () C:\TMRescueDisk
2014-05-31 14:00 - 2014-05-31 14:00 - 00001181 _____ () C:\Users\Dell\Desktop\Trend Micro Titanium Internet Security.lnk
2014-05-31 14:00 - 2014-05-31 12:40 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-05-31 13:55 - 2014-05-31 13:55 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-05-31 13:55 - 2006-11-02 05:33 - 00774776 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-31 13:54 - 2014-05-31 13:54 - 00000000 ____D () C:\Program Files\Trend Micro
2014-05-31 13:52 - 2008-04-26 09:48 - 01818032 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 13:49 - 2013-04-01 16:17 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-31 13:49 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-31 13:48 - 2014-05-31 13:48 - 00000950 _____ () C:\Windows\PFRO.log
2014-05-31 13:48 - 2008-04-26 09:48 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-05-31 13:48 - 2006-11-02 08:01 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-31 12:59 - 2010-02-05 12:53 - 00002032 _____ () C:\Users\Dell\AppData\Local\d3d9caps.dat
2014-05-31 12:43 - 2014-05-31 12:43 - 00001150 _____ () C:\Users\Public\Desktop\Trend Micro Titanium Internet Security Installer.lnk
2014-05-31 12:31 - 2014-05-31 12:31 - 00000036 _____ () C:\Users\Dell\AppData\Local\housecall.guid.cache
2014-05-31 09:49 - 2010-04-20 07:38 - 00000000 ____D () C:\Users\Dell\AppData\Local\Trend Micro
2014-05-31 00:50 - 2014-04-11 01:19 - 00000000 ____D () C:\Program Files\Hearthstone
2014-05-31 00:50 - 2014-04-11 01:18 - 00000000 ____D () C:\Program Files\Battle.net
2014-05-31 00:38 - 2013-10-04 21:06 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Temp
2014-05-16 03:38 - 2012-04-11 18:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-16 03:38 - 2011-05-25 18:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-09 16:51 - 2014-05-09 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-09 16:51 - 2014-05-09 16:50 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-09 16:51 - 2014-03-07 07:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-09 16:51 - 2008-04-26 14:55 - 00000000 ____D () C:\Program Files\Java
2014-05-05 00:27 - 2006-11-02 07:37 - 00000000 ___RD () C:\Users\Public\Recorded TV

ZeroAccess:
C:\Windows\Installer\{7cef24fc-f1ad-78b4-8cb1-5356e79f959c}

Some content of TEMP:
====================
C:\Users\Dell\AppData\Local\Temp\47d81009-e64c-4aba-8f18-5b0fc8893cd9.exe
C:\Users\Dell\AppData\Local\Temp\6_Offer_20.exe
C:\Users\Dell\AppData\Local\Temp\c4c63560-0c38-45ef-8db6-2cef383324ad.exe
C:\Users\Dell\AppData\Local\Temp\DownloadManager.exe
C:\Users\Dell\AppData\Local\Temp\GetCC.dll
C:\Users\Dell\AppData\Local\Temp\ICReinstall_Firefox_Setup.exe
C:\Users\Dell\AppData\Local\Temp\jre-7u51-windows-i586-iftw_fb865168.exe
C:\Users\Dell\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Dell\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Dell\AppData\Local\Temp\nsiE1AC.exe
C:\Users\Dell\AppData\Local\Temp\nsk8FA1.exe
C:\Users\Dell\AppData\Local\Temp\nsp584B.exe
C:\Users\Dell\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Dell\AppData\Local\Temp\SendMsg.dll
C:\Users\Dell\AppData\Local\Temp\SetupToparcadehits.exe
C:\Users\Dell\AppData\Local\Temp\utt4240.tmp.exe
C:\Users\Dell\AppData\Local\Temp\vbmz17.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-06-01 02:01

==================== End Of Log ============================


  • 0

#4
tuchek76

tuchek76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-06-2014 01
Ran by Dell at 2014-06-01 09:35:48
Running from C:\Users\Dell\Desktop\Stuff\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Trend Micro Titanium Internet Security 2012 (Enabled - Up to date) {7193B549-236F-55EE-9AEC-F65279E59A92}
AS: Trend Micro Titanium Internet Security 2012 (Enabled - Up to date) {CAF254AD-0555-5A60-A05C-CD200262D02F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Ad-Aware Antivirus (HKLM\...\{17E73768-9F21-4334-ABE6-CD131031564C}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
Ad-Aware Browsing Protection (HKLM\...\Ad-Aware Browsing Protection) (Version: 1.0.1.106 - Lavasoft)
Ad-Aware Security Add-on (HKLM\...\adawaretb) (Version: 2.5.0.6 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Amazon MP3 Downloader 1.0.10 (HKLM\...\Amazon MP3 Downloader) (Version:  - )
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd)
AVS Document Converter 2.2.3 (HKLM\...\AVS Document Converter_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.30889 - BitTorrent Inc.)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
CaddieSync Express 1.5.14 (HKLM\...\CaddieSync Express) (Version: 1.5.14 - SkyHawke Technologies)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Core Implementation (Version: 2007.0731.2234.38497 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0113.2222.40119 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2007.0731.2234.38497 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0113.2222.40119 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2007.0731.2234.38497 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0113.2222.40119 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2007.0731.2234.38497 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0113.2222.40119 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2007.0731.2234.38497 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0113.2222.40119 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2007.0731.2234.38497 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0113.2222.40119 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2009.0113.2222.40119 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2007.0731.2233.38497 - ATI) Hidden
CCC Help English (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help English (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2007.0731.2234.38497 - ATI) Hidden
ccc-utility (Version: 2009.0113.2222.40119 - ATI) Hidden
ccc-utility (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Civilization III (HKLM\...\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version:  - )
Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
Counter-Strike Steamworks Beta (HKLM\...\Steam App 150) (Version:  - Valve)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Day of Defeat (HKLM\...\Steam App 30) (Version:  - Valve)
Deathmatch Classic (HKLM\...\Steam App 40) (Version:  - Valve)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.3.2.10 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Dungeons & Dragons Online ®:  Eberron Unlimited ™ v01.09.03.800 (HKLM\...\15b35190-c6f9-11d9-9669-0800200c9a66_is1) (Version: 01.09.03.8005 - Atari, Inc.)
Fraps (HKLM\...\Fraps) (Version:  - )
Free File Viewer 2010 (HKLM\...\FreeFileViewer_is1) (Version:  - Bitberry Software)
Free Resume Builder version 1.0 (HKLM\...\{94EC5C8C-6159-427D-9D1C-EF48B267ACF1}_is1) (Version: 1.0 - www.builldmyresumefree.com)
Garmin Communicator Plugin (HKLM\...\{C7DD94A8-F775-426C-B56C-8E555A59F9E2}) (Version: 2.9.2 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Geeks3D FurMark 1.11.0 (HKLM\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Half-Life (HKLM\...\Half-Life) (Version:  - )
Half-Life (HKLM\...\Steam App 70) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version:  - Valve)
Half-Life Deathmatch: Source (HKLM\...\Steam App 360) (Version:  - Valve)
Half-Life: Blue Shift (HKLM\...\Steam App 130) (Version:  - Gearbox)
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.008 - HTC Corporation)
HTC Sync (HKLM\...\{4982D16F-7D12-4038-B38D-662623AC3C83}) (Version: 3.0.5557 - HTC Corporation)
HydraVision (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
InfraRecorder (HKLM\...\InfraRecorder) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel® PRO Network Connections 12.1.12.4 (HKLM\...\PROSetDX) (Version:  - Dell)
Intel® PRO Network Connections 12.1.12.4 (Version:  - Dell) Hidden
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kindle Auto eBook Converter 0.4.50 (HKLM\...\Kindle Auto eBook Converter) (Version: 0.4.50 - The Messenger)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2656370) (HKLM\...\M2656370) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (HKLM\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Flight Simulator X (Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (HKLM\...\SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.70.1104.04 - Microsoft Corporation) Hidden
mIRC (HKLM\...\mIRC) (Version: 6.21 - mIRC Co. Ltd.)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.17.8 - Dell)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Music, Photos & Videos Launcher (HKLM\...\{D7769185-9A7C-48D4-8874-5388743A1DE2}) (Version: 1.00.0000 - Dell Inc.)
NVIDIA 3D Vision Controller Driver (Version: 270.61 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation)
NVIDIA Control Panel 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update 8.3.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 8.3.14 - NVIDIA Corporation)
NVIDIA Update Components (Version: 8.3.14 - NVIDIA Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Opposing Force (HKLM\...\Steam App 50) (Version:  - Gearbox)
Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Rand McNally Dock (HKLM\...\{13E0CD71-8363-4C8D-AD06-0D9FD0CAE4E2}) (Version: 1.00.5046 - Rand McNally)
Ricochet (HKLM\...\Steam App 60) (Version:  - Valve)
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - )
Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Sierra Utilities (HKLM\...\Sierra Utilities) (Version:  - )
Skins (Version: 2007.0731.2234.38497 - ATI) Hidden
SkyCaddie Desktop (HKLM\...\SkyCaddieDesktop) (Version:  - SkyHawke Technologies)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Fortress Classic (HKLM\...\Steam App 20) (Version:  - Valve)
Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version:  - )
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.4 - Flagship Industries, Inc.)
Video Mover (HKLM\...\Video Mover_is1) (Version:  - )
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
VoiceOver Kit (HKLM\...\{7C5B4583-7CBF-4289-B195-03B553959DEA}) (Version: 1.40.128.0 - Apple Inc.)
Warcraft III (HKLM\...\Warcraft III) (Version:  - Blizzard Entertainment)
WIDCOMM Bluetooth Software 6.0.1.4300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.4300 - Dell)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Wow Web Stats Client v3.0 (HKCU\...\Wow Web Stats Client v3.0) (Version:  - Lossendil)
XPS MiniView Gadget (HKLM\...\{A73BDB2A-E4A7-4FE8-960E-6A5C8BF76FCB}) (Version: 1.00.0000 - CompanionLink Software, Inc.)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Restore Points  =========================

29-04-2014 06:46:07 Scheduled Checkpoint
30-04-2014 05:00:05 Scheduled Checkpoint
01-05-2014 05:00:06 Scheduled Checkpoint
02-05-2014 05:00:02 Scheduled Checkpoint
03-05-2014 05:00:05 Scheduled Checkpoint
04-05-2014 05:00:04 Scheduled Checkpoint
09-05-2014 21:49:27 Installed Java 7 Update 55
11-05-2014 12:39:26 Scheduled Checkpoint
16-05-2014 08:37:38 Scheduled Checkpoint
17-05-2014 05:00:02 Scheduled Checkpoint
18-05-2014 05:00:02 Scheduled Checkpoint
21-05-2014 05:30:45 Scheduled Checkpoint
22-05-2014 06:12:05 Scheduled Checkpoint
23-05-2014 05:00:01 Scheduled Checkpoint
24-05-2014 05:00:01 Scheduled Checkpoint
25-05-2014 05:00:02 Scheduled Checkpoint
29-05-2014 22:47:38 Scheduled Checkpoint
31-05-2014 07:54:59 Scheduled Checkpoint
31-05-2014 17:38:29 Device Driver Package Install: Trend Micro Inc.
31-05-2014 17:39:10 Device Driver Package Install: Trend Micro Inc.
31-05-2014 17:39:42 Device Driver Package Install: Trend Micro Inc.

==================== Hosts content: ==========================

2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {018047D0-1B41-4AB2-997A-DFB22E79D05E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-29] (Google Inc.)
Task: {0300167A-9CDD-4E5F-ACB6-A25F82113BB4} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {0864D900-61D4-42EF-9909-6DF43A4D8A50} - System32\Tasks\Free File Viewer Update Checker => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe [2010-07-07] (Bitberry Software)
Task: {0A79AFD6-A7C2-4F9D-8D5D-4B805AF7FB05} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {49482002-7FAD-4886-B61E-E7024E16BBDD} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-05-12] ()
Task: {82DA01EA-1B78-46E8-9BF9-C2F1126FB8E0} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2013-08-27] (Trend Micro Inc.)
Task: {95DE0387-A8B9-48CB-B691-D92581040E9C} - System32\Tasks\iolo System Checkup => C:\ProgramData\iolo\scustask.lnk [2014-02-09] ()
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {A9968731-1AC0-464C-8CFD-3961B9BF5948} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AF209227-93B0-4F56-8317-50B7951452DA} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: {C1529A68-1EEA-4BF7-BF40-A2C189969C09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-29] (Google Inc.)
Task: {E07F5BE1-32D3-4721-BD75-11710753C120} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Free File Viewer Update Checker.job => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-29 09:07 - 2013-03-29 09:07 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2013-05-22 23:21 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-22 23:21 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
2013-05-22 23:21 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
2013-05-22 23:21 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
2013-05-22 23:21 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
2013-05-22 23:21 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2013-05-22 23:23 - 2011-04-19 16:29 - 00152576 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2013-05-22 23:23 - 2010-02-09 15:55 - 00049152 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2007-08-23 15:58 - 2007-08-23 15:58 - 02070000 _____ () C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
2014-01-23 17:26 - 2014-01-23 17:26 - 00651232 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 17:33 - 2014-01-23 17:33 - 00087928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 17:33 - 2014-01-23 17:33 - 00022392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00030072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00048512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00107904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 03053416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00541008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 17:33 - 2014-01-23 17:33 - 00131920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 01928008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 17:33 - 2014-01-23 17:33 - 00638328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00477544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00244088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00119656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00087384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00105304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00228728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00170376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00342376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00210280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00244592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00174960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00367472 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00502112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 17:33 - 2014-01-23 17:33 - 00030584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00268656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00274808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00190824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00181600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00105320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00472944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 01858408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00223088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00513392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00422752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 17:33 - 2014-01-23 17:33 - 00148808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 17:33 - 2014-01-23 17:33 - 00122704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00298840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00241504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 18:10 - 2013-07-17 18:10 - 00565640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2011-05-04 14:14 - 2011-05-04 14:14 - 00081408 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-05-22 23:23 - 2011-04-19 16:29 - 00132608 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2013-05-22 23:21 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 03643224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 17:33 - 2014-01-23 17:33 - 00405880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00308064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00056664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00789360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 17:32 - 2014-01-23 17:32 - 00118104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2013-05-08 11:13 - 2013-05-08 11:13 - 00109568 _____ () C:\Program Files\SkyGolf\CaddieSync Express\qextserialport1.dll
2009-01-10 13:32 - 2009-01-10 13:32 - 00011362 _____ () C:\Program Files\SkyGolf\CaddieSync Express\mingwm10.dll
2009-06-22 21:42 - 2009-06-22 21:42 - 00043008 _____ () C:\Program Files\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll
2013-05-08 11:13 - 2013-05-08 11:13 - 00590848 _____ () C:\Program Files\SkyGolf\CaddieSync Express\qjson0.dll
2013-05-08 11:17 - 2013-05-08 11:17 - 00167232 _____ () C:\Program Files\SkyGolf\CaddieSync Express\conduitscripting0.dll
2013-05-23 00:43 - 2013-05-23 00:43 - 00035840 _____ () C:\Users\Dell\AppData\Local\Apps\2.0\21VCLZH0.840\2P9TW1PY.0KB\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2013-05-23 00:43 - 2013-05-23 00:43 - 00014848 _____ () C:\Users\Dell\AppData\Local\Apps\2.0\21VCLZH0.840\2P9TW1PY.0KB\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2013-05-23 00:43 - 2013-05-23 00:43 - 00099840 _____ () C:\Users\Dell\AppData\Local\Apps\2.0\21VCLZH0.840\2P9TW1PY.0KB\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2007-01-13 03:01 - 2007-01-13 03:01 - 00397312 ____R () C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll
2007-01-13 03:01 - 2007-01-13 03:01 - 00475136 ____R () C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll
2014-05-31 13:54 - 2013-01-15 20:50 - 00039424 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/31/2014 02:16:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1120
Start Time: 01cf7d04bd621016
Termination Time: 162

Error: (05/31/2014 01:51:33 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (05/31/2014 01:51:32 PM) (Source: Perflib) (EventID: 1018) (User: )
Description: PolicyAgent

Error: (05/31/2014 01:51:32 PM) (Source: Perflib) (EventID: 1005) (User: )
Description: OpenIPSecPerformanceDataC:\Windows\System32\ipsecsvc.dllPolicyAgent4

Error: (05/31/2014 01:51:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (05/31/2014 01:51:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4

Error: (05/31/2014 01:51:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\system32\Secur32.dll4

Error: (05/31/2014 01:51:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4

Error: (05/31/2014 01:51:29 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (05/31/2014 01:50:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (05/31/2014 01:50:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: hlnfd
Lbd
qknfd

Error: (05/31/2014 01:50:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Security Center%%1079

Error: (05/31/2014 01:50:39 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Firewall5 (0x5)

Error: (05/31/2014 01:00:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Font Cache Service%%1053

Error: (05/31/2014 01:00:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Font Cache Service

Error: (05/31/2014 00:59:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Presentation Foundation Font Cache 4.0.0.0%%1053

Error: (05/31/2014 00:59:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Presentation Foundation Font Cache 4.0.0.0

Error: (05/31/2014 00:58:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: hlnfd
Lbd
qknfd

Error: (05/31/2014 00:58:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Security Center%%1079

Error: (05/31/2014 00:58:40 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: IPsec Policy AgentBFE

Microsoft Office Sessions:
=========================
Error: (05/31/2014 02:16:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.16450112001cf7d04bd621016162

Error: (05/31/2014 01:51:33 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (05/31/2014 01:51:32 PM) (Source: Perflib) (EventID: 1018) (User: )
Description: PolicyAgent

Error: (05/31/2014 01:51:32 PM) (Source: Perflib) (EventID: 1005) (User: )
Description: OpenIPSecPerformanceDataC:\Windows\System32\ipsecsvc.dllPolicyAgent4

Error: (05/31/2014 01:51:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (05/31/2014 01:51:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4

Error: (05/31/2014 01:51:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\system32\Secur32.dll4

Error: (05/31/2014 01:51:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4

Error: (05/31/2014 01:51:29 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (05/31/2014 01:50:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
  Date: 2014-05-31 10:02:16.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Dell\Desktop\Stuff\Trendmicro crap\00606_Digital_River_TrendMicro_TIS_17_10\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 10:02:16.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Dell\Desktop\Stuff\Trendmicro crap\00606_Digital_River_TrendMicro_TIS_17_10\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 10:02:16.037
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Dell\Desktop\Stuff\Trendmicro crap\00606_Digital_River_TrendMicro_TIS_17_10\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 10:02:15.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Dell\Desktop\Stuff\Trendmicro crap\00606_Digital_River_TrendMicro_TIS_17_10\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 09:58:28.293
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Dell\Desktop\Stuff\Trendmicro crap\00606_Digital_River_TrendMicro_TIS_17_10\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 09:58:28.137
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Dell\Desktop\Stuff\Trendmicro crap\00606_Digital_River_TrendMicro_TIS_17_10\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 09:58:27.965
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Dell\Desktop\Stuff\Trendmicro crap\00606_Digital_River_TrendMicro_TIS_17_10\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 09:58:27.793
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Dell\Desktop\Stuff\Trendmicro crap\00606_Digital_River_TrendMicro_TIS_17_10\Setup\Engine\32bit\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 00:19:56.334
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-31 00:19:56.149
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 3069.22 MB
Available physical RAM: 1584.63 MB
Total Pagefile: 6363.46 MB
Available Pagefile: 4360.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.56 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.04 GB) (Free:38.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:10.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 08000000)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#5
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello tuchek76,

Quite a lot to do in this post. :)

 

Might be worth making a copy of these instructions so that you have a reference point while you go through all the actions.

Now

Please download Junkware Removal Tool to your desktop.
 

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

After that

Please download Malwarebytes Anti-Malware Free from here .


  • Double click to install the progamme
  • When the popup "Completing the Malwarebytes Anti-Malware Setup Wizard" appears, uncheck the box enable free trial of Malwarebytes Anti-Malware Premium

MBAMcompletinginstall.jpg



  • The MBAM console/dashboard will appear together with an alert to update - click the green button Update Now
  • When update is complete select Settings > Detection and Protection and make sure the box Scan for rootkits its checked (ticked)

MBAMSettings-1.jpg

Go back to the Dashboard and click on the green Scan Now button.

MBAM1.jpg



  • If threats are detected, click the Apply Actions button, MBAM may ask for a reboot. Let it do so.

MBAMReboot.JPG



  • On completion of the scan (or after the reboot) select View Detailed Log (to the right on the light green strip)
  • Click on the Export button and select Text file and save to the desktop

MBAMLog.JPG

Copy and paste the log back here.

Finally



  • Please run Farbars Recovery Scan Tool again
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

So when you return please post

  • JRT.txt
  • AdwCleaner log
  • MBAM log
  • FRST.txt

 


  • 0

#6
tuchek76

tuchek76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Sorry it has taken me so long to get back. Work has been a bear. Anyways, Here are the texts you instructed me to do.  And again, thank you for your time and help

 

 

JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista ™ Home Premium x86
Ran by Dell on Fri 06/20/2014 at 17:52:57.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

Successfully stopped: [Service] qknfd
Successfully deleted: [Service] qknfd

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\f
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoodsapp.appcore
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoodsapp.appcore.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\visualbee
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyrixeeker
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\visualbee
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3201318
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{812DA0E2-0242-4697-8D33-DFBB1FF47629}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

 

~~~ Files

Successfully deleted: [File] "C:\Users\Dell\appdata\local\funmoods.crx"

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\search protection"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\ProgramData\visualbee"
Successfully deleted: [Folder] "C:\Users\Dell\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\Dell\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Dell\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Dell\Local Settings\Application Data\adawarebp"
Successfully deleted: [Folder] "C:\Users\Dell\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Program Files\adawaretb"
Successfully deleted: [Folder] "C:\Program Files\conduit"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 06/20/2014 at 17:59:05.53
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

ADWCLEANER.TXT

# AdwCleaner v3.212 - Report created 20/06/2014 at 18:26:44
# Updated 05/06/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Dell - DELL-1
# Running from : C:\Users\Dell\Desktop\Stuff\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : hlnfd

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Toolbar Cleaner
Folder Deleted : C:\Users\Dell\AppData\Local\emaze

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : HKCU\Software\SearchProtectINT
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16450

*************************

AdwCleaner[R0].txt - [2980 octets] - [20/06/2014 18:19:56]
AdwCleaner[S0].txt - [2965 octets] - [20/06/2014 18:26:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3025 octets] ##########

 

 

 

 

 

malwarebytes.txt

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/21/2014
Scan Time: 8:38:56 AM
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.21.06
Rootkit Database: v2014.06.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Dell

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 292464
Time Elapsed: 10 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

 

frst.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-06-2014 01
Ran by Dell (administrator) on DELL-1 on 21-06-2014 08:55:01
Running from C:\Users\Dell\Desktop\Stuff\Downloads
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(SigmaTel, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(SkyHawke) C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_14_0_0_125_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ECenter] => C:\Dell\E-Center\EULALauncher.exe [17920 2008-02-28] ( )
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-12] (SigmaTel, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [CaddieSyncConduit] => C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2544960 2013-05-08] (SkyHawke)
HKLM\...\Run: [Bluetooth HCI Monitor] => C:\Windows\system32\HCIMNTR.DLL [9728 2006-12-07] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554408 2013-05-15] (Lavasoft)
HKLM\...\Run: [InstaLAN] => C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [143792 2013-10-09] (Trend Micro Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [6699864 2014-06-03] ()
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [54072 2014-05-12] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Run: [OE] => C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [OE] => C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-03-28] (AMD)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [DellSystemDetect] => C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-01-31] (Google Inc.)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [CaddieSync Express] => C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2544960 2013-05-08] (SkyHawke)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2778953675-1249857672-2168224105-1006\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rand McNally Dock.lnk
ShortcutTarget: Rand McNally Dock.lnk -> C:\Program Files\Rand McNally\RNDDock\StartupLauncher.bat ()
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.)
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO: No Name - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -  No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...C_2.3.8.110.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
DPF: {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinn...dy/jeopardy.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-05-31]
FF HKLM\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-05-31]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension [2014-05-31]

========================== Services (Whitelisted) =================

R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152576 2011-04-19] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [655352 2014-06-03] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [81408 2011-05-04] () [File not signed]
R2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-09-12] (SigmaTel, Inc.)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75776 2013-01-15] (Advanced Micro Devices)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
U0 jxgljnn; C:\Windows\System32\drivers\bkbh.sys [52440 2014-06-21] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [110296 2014-06-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [9986048 2013-03-29] (Advanced Micro Devices, Inc.)
S3 SaiK0836; C:\Windows\System32\DRIVERS\SaiK0836.sys [139272 2010-07-08] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [20744 2010-07-08] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43656 2010-07-08] (Saitek)
S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [40560 2010-04-15] (Belcarra Technologies)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-09-12] (SigmaTel, Inc.)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [103416 2013-12-03] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [290376 2013-12-03] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC32.sys [40736 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [85280 2013-06-13] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [83864 2013-12-03] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [282272 2013-05-22] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [92304 2012-05-02] (Trend Micro Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-04-22] (BitDefender S.R.L.)
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-21 08:53 - 2014-06-21 08:53 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\bkbh.sys
2014-06-21 08:52 - 2014-06-21 08:52 - 00001066 _____ () C:\Users\Dell\Desktop\malwarebytes.txt
2014-06-21 08:37 - 2014-06-21 08:38 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 08:36 - 2014-06-21 08:54 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-21 08:36 - 2014-06-21 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-21 08:36 - 2014-06-21 08:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 08:36 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-21 08:36 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-21 08:36 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-20 23:04 - 2014-06-20 23:04 - 00000000 ____D () C:\Users\Dell\AppData\Local\Adobe
2014-06-20 22:35 - 2014-06-20 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 22:31 - 2014-06-20 22:32 - 00003105 _____ () C:\Users\Dell\Desktop\adwcleaner.txt
2014-06-20 18:29 - 2014-06-20 18:29 - 00000000 ____D () C:\Users\Dell\AppData\Local\adawarebp
2014-06-20 18:19 - 2014-06-20 18:26 - 00000000 ____D () C:\AdwCleaner
2014-06-20 17:59 - 2014-06-20 17:59 - 00006455 _____ () C:\Users\Dell\Desktop\JRT.txt
2014-06-20 17:47 - 2014-06-20 17:47 - 00000000 ____D () C:\Windows\ERUNT
2014-06-12 12:11 - 2014-06-12 12:11 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-11 09:04 - 2014-06-12 12:11 - 00000318 _____ () C:\Users\Dell\Desktop\Curse Client.appref-ms
2014-06-05 21:45 - 2014-06-05 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-05 21:40 - 2014-06-05 21:40 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-01 09:34 - 2014-06-21 08:55 - 00000000 ____D () C:\FRST
2014-05-31 13:58 - 2013-12-03 03:56 - 00290376 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-05-31 13:58 - 2013-12-03 03:56 - 00103416 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2014-05-31 13:58 - 2013-12-03 03:56 - 00083864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2014-05-31 13:58 - 2013-07-01 08:08 - 00040736 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC32.sys
2014-05-31 13:58 - 2013-06-13 01:35 - 00085280 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2014-05-31 13:58 - 2013-05-22 10:37 - 00282272 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2014-05-31 13:58 - 2012-05-02 14:27 - 00092304 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmtdi.sys
2014-05-31 13:55 - 2014-05-31 13:55 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-05-31 13:54 - 2014-05-31 13:54 - 00000000 ____D () C:\Program Files\Trend Micro
2014-05-31 13:48 - 2014-06-20 18:27 - 00001552 _____ () C:\Windows\PFRO.log
2014-05-31 12:45 - 2014-05-31 14:03 - 00000000 ___HD () C:\TMRescueDisk
2014-05-31 12:40 - 2014-05-31 14:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-05-31 12:31 - 2014-05-31 12:31 - 00000036 _____ () C:\Users\Dell\AppData\Local\housecall.guid.cache
2014-05-31 09:49 - 2011-09-29 00:11 - 00204816 _____ (Trend Micro Inc.) C:\Windows\TmNSCIns.dll

==================== One Month Modified Files and Folders =======

2014-06-21 08:55 - 2014-06-01 09:34 - 00000000 ____D () C:\FRST
2014-06-21 08:54 - 2014-06-21 08:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-21 08:53 - 2014-06-21 08:53 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\bkbh.sys
2014-06-21 08:52 - 2014-06-21 08:52 - 00001066 _____ () C:\Users\Dell\Desktop\malwarebytes.txt
2014-06-21 08:52 - 2009-02-14 18:03 - 00000000 ____D () C:\Users\Dell\Desktop\Stuff
2014-06-21 08:50 - 2010-01-29 06:45 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-21 08:38 - 2014-06-21 08:37 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 08:36 - 2014-06-21 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-21 08:36 - 2014-06-21 08:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 08:34 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-21 08:34 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-21 08:14 - 2012-07-15 14:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-21 04:50 - 2010-01-29 06:45 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 02:39 - 2010-08-14 02:39 - 00000376 _____ () C:\Windows\Tasks\Free File Viewer Update Checker.job
2014-06-20 23:04 - 2014-06-20 23:04 - 00000000 ____D () C:\Users\Dell\AppData\Local\Adobe
2014-06-20 22:35 - 2014-06-20 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 22:35 - 2008-04-26 15:05 - 00000000 ____D () C:\Program Files\Google
2014-06-20 22:32 - 2014-06-20 22:31 - 00003105 _____ () C:\Users\Dell\Desktop\adwcleaner.txt
2014-06-20 22:32 - 2012-04-11 18:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-20 22:32 - 2011-05-25 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-20 18:52 - 2008-04-26 09:48 - 01829721 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 18:35 - 2006-11-02 05:33 - 00774776 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-20 18:29 - 2014-06-20 18:29 - 00000000 ____D () C:\Users\Dell\AppData\Local\adawarebp
2014-06-20 18:29 - 2013-04-01 16:17 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-06-20 18:28 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-20 18:27 - 2014-05-31 13:48 - 00001552 _____ () C:\Windows\PFRO.log
2014-06-20 18:27 - 2008-04-26 09:48 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-06-20 18:27 - 2006-11-02 08:01 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-20 18:26 - 2014-06-20 18:19 - 00000000 ____D () C:\AdwCleaner
2014-06-20 18:17 - 2010-04-20 07:39 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-06-20 17:59 - 2014-06-20 17:59 - 00006455 _____ () C:\Users\Dell\Desktop\JRT.txt
2014-06-20 17:47 - 2014-06-20 17:47 - 00000000 ____D () C:\Windows\ERUNT
2014-06-20 17:06 - 2014-01-31 04:15 - 00000000 ____D () C:\Users\Dell\AppData\Local\Battle.net
2014-06-20 16:48 - 2009-02-14 16:21 - 00000000 ____D () C:\Users\Dell
2014-06-20 01:18 - 2009-11-28 02:11 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\vlc
2014-06-14 22:15 - 2010-01-29 06:51 - 00000000 ____D () C:\Users\Dell\AppData\Local\Deployment
2014-06-12 12:41 - 2014-04-11 01:18 - 00000000 ____D () C:\Program Files\Battle.net
2014-06-12 12:11 - 2014-06-12 12:11 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-12 12:11 - 2014-06-11 09:04 - 00000318 _____ () C:\Users\Dell\Desktop\Curse Client.appref-ms
2014-06-09 22:18 - 2009-02-14 16:45 - 00104448 _____ () C:\Users\Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-09 01:00 - 2011-10-12 19:58 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\BitTorrent
2014-06-08 10:40 - 2014-04-26 07:40 - 00000000 ____D () C:\Users\Dell\Desktop\t.v. shows
2014-06-07 14:02 - 2009-12-11 15:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-06 16:47 - 2010-06-04 03:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-05 21:45 - 2014-06-05 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-05 21:40 - 2014-06-05 21:40 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-02 01:42 - 2014-02-22 17:25 - 00000987 _____ () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-06-01 09:33 - 2012-08-14 12:59 - 00209432 _____ () C:\Windows\RegBootClean.exe
2014-05-31 14:03 - 2014-05-31 12:45 - 00000000 ___HD () C:\TMRescueDisk
2014-05-31 14:00 - 2014-05-31 12:40 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-05-31 13:55 - 2014-05-31 13:55 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-05-31 13:54 - 2014-05-31 13:54 - 00000000 ____D () C:\Program Files\Trend Micro
2014-05-31 12:59 - 2010-02-05 12:53 - 00002032 _____ () C:\Users\Dell\AppData\Local\d3d9caps.dat
2014-05-31 12:31 - 2014-05-31 12:31 - 00000036 _____ () C:\Users\Dell\AppData\Local\housecall.guid.cache
2014-05-31 09:49 - 2010-04-20 07:38 - 00000000 ____D () C:\Users\Dell\AppData\Local\Trend Micro
2014-05-31 00:50 - 2014-04-11 01:19 - 00000000 ____D () C:\Program Files\Hearthstone

Some content of TEMP:
====================
C:\Users\Dell\AppData\Local\Temp\47d81009-e64c-4aba-8f18-5b0fc8893cd9.exe
C:\Users\Dell\AppData\Local\Temp\6_Offer_20.exe
C:\Users\Dell\AppData\Local\Temp\c4c63560-0c38-45ef-8db6-2cef383324ad.exe
C:\Users\Dell\AppData\Local\Temp\ICReinstall_Firefox_Setup.exe
C:\Users\Dell\AppData\Local\Temp\jre-7u51-windows-i586-iftw_fb865168.exe
C:\Users\Dell\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Dell\AppData\Local\Temp\Quarantine.exe
C:\Users\Dell\AppData\Local\Temp\SendMsg.dll
C:\Users\Dell\AppData\Local\Temp\utt4240.tmp.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-21 06:37

==================== End Of Log ============================


  • 0

#7
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello again tuchek76,

 

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Download TFC.exe from  here (Vista and above users right click and run as Administrator).

If you are asked "Do you want to allow the following program..." click yes.

The "Temp file cleaner by Oldtimer" console will pop up. Click continue and allow it to do it's job.

You may be asked to reboot when it is finished. Please do so.

If you are not asked to reboot you may be confronted with two windows. One will be the Temp File Cleaner console with a report of what has been cleaned. The other will just be a window showing your libraries etc. They can both be closed.

You are finished.

Finally in this post
 

  • Please run Farbars Recovery Scan Tool again
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

When you return please post

  • Fixlog.txt
  • FRST.txt

 


  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP