Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bad Image Error Virus Blocking Everything


  • This topic is locked This topic is locked
5 replies to this topic

#1 terrims

terrims

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 09 July 2014 - 02:56 PM

Hi,

I have a windows 7 desktop that is infected with a virus of some type. Windows keep popping up with bad image error and it will not close. i have tried running Malware Bytes in both regular and safemode and it blocks it giving me an error that the program is corrupt. I also tried running AVG and it is being blocked. I am also not able to browse anything online get error that says cant find page no matter what I try to search.

 

Have no idea what to do next...

 

Thanks!

 

 



BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 09 July 2014 - 04:25 PM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 terrims

terrims
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 09 July 2014 - 05:57 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by Jesusismysavior! (administrator) on JESUSISMYSAVIOR on 09-07-2014 15:43:56
Running from C:\Users\Jesusismysavior!\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Two Pilots) C:\WINDOWS\VPDAgent_x64.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\WINDOWS\Installer\MSI2783.tmp
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Alcatel-Lucent) C:\Program Files\Comcast\pcTrayApp.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
(Akamai Technologies, Inc.) C:\Users\Jesusismysavior!\AppData\Local\Akamai\netsession_win.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Akamai Technologies, Inc.) C:\Users\Jesusismysavior!\AppData\Local\Akamai\netsession_win.exe
(Dell) C:\Users\Jesusismysavior!\AppData\Local\Apps\2.0\2BNKE26D.PXZ\KL3WD439.NO9\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe
(Dropbox, Inc.) C:\Users\Jesusismysavior!\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [Comcast_McciTrayApp] => C:\Program Files\Comcast\pcTrayApp.exe [2792448 2012-12-10] (Alcatel-Lucent)
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79864 2014-05-25] ()
HKLM\...\Run: [BoxSync] => c:\Program Files\Box\Box Sync\BoxSync.exe [13510744 2014-07-02] (Box, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-16] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2567192 2014-06-25] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79864 2014-05-25] ()
HKLM-x32\...\Run: [Windefender] => C:\Users\Jesusismysavior!\AppData\Roaming\2012.exe [16384 2014-05-27] ()
HKLM\...\Policies\Explorer\Run: [Windefender] => C:\Users\Jesusismysavior!\AppData\Roaming\2012.exe [16384 2014-05-27] ( ())
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jesusismysavior!\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79864 2014-05-25] ()
HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\...\Run: [Windefender] => C:\Users\Jesusismysavior!\AppData\Roaming\2012.exe [16384 2014-05-27] ()
HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\...\Run: [DellSystemDetect] => C:\Users\Jesusismysavior!\AppData\Local\Apps\2.0\2BNKE26D.PXZ\KL3WD439.NO9\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-06-14] (Dell)
HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\...\MountPoints2: {214b9416-ad91-11e2-8a49-e006e67f3ab6} - K:\LaunchU3.exe
HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\...\MountPoints2: {9a1bb1f2-7fcf-11e2-948e-e006e67f3ab6} - I:\LaunchU3.exe -a
HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\...\MountPoints2: {ed605372-d2ab-11e3-8a50-e006e67f3ab6} - J:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [220480 2014-06-23] (Client Connect LTD)
AppInit_DLLs:  acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-12] (Adobe Systems, Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [181568 2014-06-23] (Client Connect LTD)
Startup: C:\Users\Jesusismysavior!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jesusismysavior!\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jesusismysavior!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUNDLI32.dll ()
Startup: C:\Users\Jesusismysavior!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VRayForSketchUp-1.48.93-windows-installer.exe ()
Startup: C:\Users\Jesusismysavior!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XfdEd.exe ()
ShellIconOverlayIdentifiers: 0000BoxSyncFileLocked -> {b973655f-b823-3729-abea-e88cb316ddd4} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncNotSynced -> {a316141f-fa66-334c-8d40-a8f4e6d21080} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncProblem -> {a74ad9e8-37eb-31db-9026-8eda10d85860} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncSynced -> {c3de22fc-b307-320f-ba41-27d95101bbf3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll (Autodesk)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {D543BC93-5FC9-4C38-BF6C-0892984E6016} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M93B93073-8116-4EAB-8C1B-C8E8F924AF82&SearchSource=58&CUI=&UM=5&UP=SPD5587969-F94F-4B38-A0AB-DF03F8ECFBB5&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=DC2AE006E67F3AB6&affID=119351&tsp=4996
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={D9E2636A-C3F8-4AD8-941F-3CAED07E9839}&mid=9749e9acbb0f47d386c9314fa09bd345-8267710475d1453d2ad1219c04c77c0ec0cef15e&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-11-08 09:39:44&v=17.1.2.1&pid=safeguard&sg=99&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D543BC93-5FC9-4C38-BF6C-0892984E6016} URL =
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: 2rs3 - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SupraSavings\2rs3.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.600\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.600\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9 02 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9 03 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9 04 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9 16 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 16 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jesusismysavior!\AppData\Roaming\Mozilla\Firefox\Profiles\08bzim2f.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M93B93073-8116-4EAB-8C1B-C8E8F924AF82&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPD5587969-F94F-4B38-A0AB-DF03F8ECFBB5
FF SelectedSearchEngine: Google
FF Homepage: https://us-mg6.mail.yahoo.com/neo/launch?.rand=1k7bs1u7bohku
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Jesusismysavior!\AppData\Roaming\Mozilla\Firefox\Profiles\08bzim2f.default\user.js
FF SearchPlugin: C:\Users\Jesusismysavior!\AppData\Roaming\Mozilla\Firefox\Profiles\08bzim2f.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Motive Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\mcciwbch@motive.com.xpi [2014-06-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.600
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.600 [2014-06-25]
FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-20]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Motive Extension) - C:\Users\Jesusismysavior!\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2013-09-05]
CHR Extension: (Skype Click to Call) - C:\Users\Jesusismysavior!\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-14]
CHR Extension: (Google Wallet) - C:\Users\Jesusismysavior!\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-14]
CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2013-03-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2013-06-25] (Two Pilots) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [File not signed]
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2013-02-25] (Autodesk)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [27672 2014-06-20] (Box, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2832704 2014-06-23] (Client Connect LTD)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 EnergySoft: EnergyPro 6 update permissions manager. 32164.; C:\Windows\Installer\MSI2783.tmp [671744 2014-03-13] () [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-01-21] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-27] (Microsoft Corporation)
R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [5632 2013-06-26] (The Neat Company) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-27] (Microsoft Corporation)
S2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2012-12-10] (Alcatel-Lucent) [File not signed]
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2012-12-10] (Alcatel-Lucent) [File not signed]
S2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [249024 2014-05-25] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1808408 2014-06-25] (AVG Secure Search)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [76960 2011-12-26] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-25] (AVG Technologies)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-07-09] (Malwarebytes Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA))
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S1 MpKsle7d6369a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F0E75BC1-4301-4B9C-B0A3-0D925BD73E53}\MpKsle7d6369a.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-09 15:43 - 2014-07-09 15:44 - 00027450 _____ () C:\Users\Jesusismysavior!\Desktop\FRST.txt
2014-07-09 15:43 - 2014-07-09 15:44 - 00000000 ____D () C:\FRST
2014-07-09 15:43 - 2014-07-09 15:41 - 02084352 _____ (Farbar) C:\Users\Jesusismysavior!\Desktop\FRST64.exe
2014-07-09 15:32 - 2014-07-09 15:32 - 00031898 _____ () C:\Users\Jesusismysavior!\Desktop\dds.txt
2014-07-09 15:32 - 2014-07-09 15:32 - 00028707 _____ () C:\Users\Jesusismysavior!\Desktop\attach.txt
2014-07-09 10:48 - 2014-06-29 19:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 10:48 - 2014-06-29 19:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 10:48 - 2014-06-20 13:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 10:48 - 2014-06-20 12:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:48 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 10:48 - 2014-06-18 18:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 10:48 - 2014-06-18 18:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 10:48 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 10:48 - 2014-06-18 17:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:48 - 2014-06-18 17:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 10:48 - 2014-06-18 17:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 10:48 - 2014-06-18 17:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 10:48 - 2014-06-18 17:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 10:48 - 2014-06-18 17:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 10:48 - 2014-06-18 17:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 10:48 - 2014-06-18 17:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 10:48 - 2014-06-18 17:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:48 - 2014-06-18 17:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 10:48 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 10:48 - 2014-06-18 17:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 10:48 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 10:48 - 2014-06-18 16:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:48 - 2014-06-18 16:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 10:48 - 2014-06-18 16:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 10:48 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:48 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 10:48 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:48 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 10:48 - 2014-06-18 16:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:48 - 2014-06-18 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 10:48 - 2014-06-18 16:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 10:48 - 2014-06-18 16:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:48 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 10:48 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 10:48 - 2014-06-18 16:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 10:48 - 2014-06-18 16:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 10:48 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:48 - 2014-06-18 16:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:48 - 2014-06-18 16:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 10:48 - 2014-06-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 10:48 - 2014-06-18 16:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 10:48 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:48 - 2014-06-18 16:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 10:48 - 2014-06-18 16:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 10:48 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 10:48 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 10:48 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 10:48 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 10:48 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 10:48 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 10:48 - 2014-06-18 15:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 10:48 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 10:48 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 10:48 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 10:48 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 10:48 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 10:48 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 10:48 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 10:48 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 10:48 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 10:48 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 03:32 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 03:32 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 03:32 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 03:31 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 03:31 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 03:31 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 03:31 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 03:31 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 03:31 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 03:31 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 03:31 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 03:31 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 03:31 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 03:31 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 03:31 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 03:31 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 03:31 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 03:31 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 03:31 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 03:31 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 02:56 - 2014-07-09 02:56 - 00111080 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-07-09 02:55 - 2014-07-09 02:55 - 00000000 ____D () C:\ProgramData\WRData
2014-07-09 02:46 - 2014-07-09 02:46 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Local\SearchProtect
2014-07-07 13:25 - 2014-07-07 13:32 - 00335592 _____ () C:\Users\Jesusismysavior!\Documents\RAB-HAY-789-PLA-SITE ROOF PLAN.DWG
2014-07-07 13:24 - 2014-07-07 13:24 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\WinRAR
2014-07-07 13:22 - 2014-07-07 13:22 - 01012982 _____ () C:\acadminidump.dmp
2014-07-07 13:20 - 2014-07-09 02:41 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-07 13:20 - 2014-07-09 02:16 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-07-07 13:20 - 2014-07-09 00:13 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-07 13:20 - 2014-07-07 13:20 - 00000000 ____D () C:\Users\Jesusismysavior!\Documents\Optimizer Pro
2014-07-07 13:20 - 2014-07-07 13:20 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\Optimizer Pro
2014-07-07 00:18 - 2014-07-09 02:17 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-07-07 00:18 - 2014-07-09 02:17 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-07-07 00:18 - 2014-07-07 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-07 00:12 - 2014-07-07 00:12 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\InstallShield
2014-06-29 02:14 - 2014-06-29 02:14 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\icquvagu.sys
2014-06-28 19:35 - 2014-06-28 19:35 - 00000000 ___HD () C:\Users\Jesusismysavior!\.boxsync
2014-06-28 19:34 - 2014-07-09 15:31 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Local\Box Sync
2014-06-28 19:34 - 2014-07-09 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2014-06-28 19:34 - 2014-06-28 19:34 - 00001565 _____ () C:\Users\Jesusismysavior!\Desktop\Box Sync.lnk
2014-06-28 19:34 - 2014-06-28 19:34 - 00000000 ___SD () C:\Users\Jesusismysavior!\Box Sync
2014-06-28 19:33 - 2014-06-28 19:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-28 19:33 - 2014-06-28 19:33 - 32757008 _____ (Box Inc.) C:\Users\Jesusismysavior!\Downloads\BoxSyncSetup.exe
2014-06-28 19:33 - 2014-06-28 19:33 - 00000000 ____D () C:\Program Files\Box
2014-06-27 09:31 - 2014-06-27 09:31 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uqcaahcq.sys
2014-06-25 22:44 - 2014-07-09 03:25 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-06-25 12:08 - 2014-06-25 12:09 - 32754848 _____ (Box Inc.) C:\Users\Jesusismysavior!\Desktop\BoxSyncSetup.exe
2014-06-20 21:41 - 2014-06-27 09:31 - 00000003 _____ () C:\Users\Jesusismysavior!\AppData\Local\proxy.log
2014-06-20 10:27 - 2014-06-20 10:32 - 00000000 ____D () C:\Users\Jesusismysavior!\Downloads\Diana Krall - The Very Best Of Diana Krall .Deluxe Edition
2014-06-14 23:32 - 2014-06-14 23:33 - 00000000 ____D () C:\Users\Jesusismysavior!\Desktop\ANTHONYS
2014-06-14 11:52 - 2014-06-14 11:52 - 00417824 _____ () C:\Users\Jesusismysavior!\Desktop\DellSystemDetect.exe
2014-06-11 01:02 - 2014-06-11 01:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 22:20 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-10 22:20 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-10 22:20 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-10 22:20 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-10 22:20 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-10 22:20 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-10 22:20 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-10 22:20 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-10 22:20 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-10 22:20 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-10 22:20 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-10 22:20 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

==================== One Month Modified Files and Folders =======

2014-07-09 15:44 - 2014-07-09 15:43 - 00027450 _____ () C:\Users\Jesusismysavior!\Desktop\FRST.txt
2014-07-09 15:44 - 2014-07-09 15:43 - 00000000 ____D () C:\FRST
2014-07-09 15:43 - 2012-06-14 20:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-09 15:41 - 2014-07-09 15:43 - 02084352 _____ (Farbar) C:\Users\Jesusismysavior!\Desktop\FRST64.exe
2014-07-09 15:35 - 2013-05-03 02:06 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-09 15:32 - 2014-07-09 15:32 - 00031898 _____ () C:\Users\Jesusismysavior!\Desktop\dds.txt
2014-07-09 15:32 - 2014-07-09 15:32 - 00028707 _____ () C:\Users\Jesusismysavior!\Desktop\attach.txt
2014-07-09 15:32 - 2013-03-04 10:52 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-09 15:32 - 2009-07-13 22:13 - 00789994 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 15:31 - 2014-06-28 19:34 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Local\Box Sync
2014-07-09 15:31 - 2014-05-26 10:01 - 00016384 _____ () C:\Users\Jesusismysavior!\AppData\Roaming\explorer.exe
2014-07-09 15:31 - 2012-06-14 20:55 - 01629381 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 15:30 - 2012-06-14 21:19 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-07-09 15:30 - 2012-06-14 21:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-07-09 15:30 - 2012-06-14 21:15 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-07-09 15:30 - 2012-06-14 21:10 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-07-09 15:28 - 2013-05-03 02:06 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-09 15:27 - 2012-09-29 04:03 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-07-09 15:27 - 2012-06-14 21:10 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-07-09 15:27 - 2009-07-13 21:51 - 00145595 _____ () C:\Windows\setupact.log
2014-07-09 13:40 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-07-09 13:18 - 2009-07-13 21:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 13:18 - 2009-07-13 21:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 13:10 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 12:35 - 2014-05-19 09:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-09 10:59 - 2014-06-28 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2014-07-09 10:56 - 2009-07-13 21:45 - 00513432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 10:54 - 2014-05-06 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 10:54 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 10:54 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 10:54 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 10:52 - 2013-02-26 11:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 03:29 - 2011-02-10 09:10 - 00803000 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-09 03:27 - 2013-02-25 21:54 - 00000000 ____D () C:\Users\Jesusismysavior!
2014-07-09 03:27 - 2010-11-21 00:16 - 00000000 ____D () C:\Windows\ShellNew
2014-07-09 03:25 - 2014-06-25 22:44 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-07-09 03:25 - 2014-05-26 19:01 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-07-09 03:25 - 2014-05-25 09:08 - 00000000 ____D () C:\Program Files\pcmax
2014-07-09 03:25 - 2013-06-06 22:35 - 00000000 ____D () C:\ProgramData\Brother
2014-07-09 03:25 - 2013-03-18 19:45 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Local\Akamai
2014-07-09 03:25 - 2013-02-27 05:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-07-09 03:25 - 2013-02-26 08:01 - 00000000 ____D () C:\ProgramData\ASGVIS
2014-07-09 03:25 - 2013-02-26 00:51 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-09 03:25 - 2013-02-25 23:10 - 00000000 ____D () C:\Users\Jesusismysavior!\Desktop\Softwares 2013
2014-07-09 03:25 - 2012-06-14 20:58 - 00000000 ____D () C:\Windows\system32\Macromed
2014-07-09 03:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2014-07-09 03:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-09 03:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-09 03:24 - 2013-11-20 11:17 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-07-09 03:24 - 2013-02-25 23:41 - 00000000 ___RD () C:\Users\Jesusismysavior!\Dropbox
2014-07-09 02:56 - 2014-07-09 02:56 - 00111080 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-07-09 02:55 - 2014-07-09 02:55 - 00000000 ____D () C:\ProgramData\WRData
2014-07-09 02:46 - 2014-07-09 02:46 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Local\SearchProtect
2014-07-09 02:41 - 2014-07-07 13:20 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-09 02:17 - 2014-07-07 00:18 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-07-09 02:17 - 2014-07-07 00:18 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-07-09 02:16 - 2014-07-07 13:20 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-07-09 01:39 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system
2014-07-09 01:28 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-09 00:13 - 2014-07-07 13:20 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-08 03:55 - 2013-02-26 08:30 - 00032157 _____ () C:\Users\Jesusismysavior!\Documents\plot.log
2014-07-08 03:51 - 2013-03-01 15:16 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Local\cache
2014-07-07 13:32 - 2014-07-07 13:25 - 00335592 _____ () C:\Users\Jesusismysavior!\Documents\RAB-HAY-789-PLA-SITE ROOF PLAN.DWG
2014-07-07 13:32 - 2014-05-21 20:58 - 00000571 _____ () C:\Users\Jesusismysavior!\Documents\Conversion.txt
2014-07-07 13:32 - 2012-06-14 21:15 - 00000000 ___HD () C:\Temp
2014-07-07 13:24 - 2014-07-07 13:24 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\WinRAR
2014-07-07 13:22 - 2014-07-07 13:22 - 01012982 _____ () C:\acadminidump.dmp
2014-07-07 13:22 - 2013-02-26 00:36 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Local\CrashDumps
2014-07-07 13:20 - 2014-07-07 13:20 - 00000000 ____D () C:\Users\Jesusismysavior!\Documents\Optimizer Pro
2014-07-07 13:20 - 2014-07-07 13:20 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\Optimizer Pro
2014-07-07 12:43 - 2014-05-06 14:27 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\DropboxMaster
2014-07-07 00:18 - 2014-07-07 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-07 00:12 - 2014-07-07 00:12 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\InstallShield
2014-07-06 21:36 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-01 08:44 - 2013-02-25 23:38 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\Dropbox
2014-06-30 18:11 - 2014-02-12 18:02 - 00000033 _____ () C:\Windows\render.ini
2014-06-29 19:09 - 2014-07-09 10:48 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 19:04 - 2014-07-09 10:48 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 02:14 - 2014-06-29 02:14 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\icquvagu.sys
2014-06-28 19:35 - 2014-06-28 19:35 - 00000000 ___HD () C:\Users\Jesusismysavior!\.boxsync
2014-06-28 19:34 - 2014-06-28 19:34 - 00001565 _____ () C:\Users\Jesusismysavior!\Desktop\Box Sync.lnk
2014-06-28 19:34 - 2014-06-28 19:34 - 00000000 ___SD () C:\Users\Jesusismysavior!\Box Sync
2014-06-28 19:34 - 2014-06-28 19:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-28 19:33 - 2014-06-28 19:33 - 32757008 _____ (Box Inc.) C:\Users\Jesusismysavior!\Downloads\BoxSyncSetup.exe
2014-06-28 19:33 - 2014-06-28 19:33 - 00000000 ____D () C:\Program Files\Box
2014-06-27 09:31 - 2014-06-27 09:31 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uqcaahcq.sys
2014-06-27 09:31 - 2014-06-20 21:41 - 00000003 _____ () C:\Users\Jesusismysavior!\AppData\Local\proxy.log
2014-06-25 22:44 - 2013-06-26 16:16 - 00003746 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-25 22:44 - 2013-03-04 10:57 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-06-25 22:44 - 2013-03-04 10:57 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-06-25 12:09 - 2014-06-25 12:08 - 32754848 _____ (Box Inc.) C:\Users\Jesusismysavior!\Desktop\BoxSyncSetup.exe
2014-06-22 00:00 - 2012-09-29 04:03 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-20 14:53 - 2013-02-26 08:09 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Roaming\BitTorrent
2014-06-20 13:50 - 2013-05-03 02:06 - 00003914 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 13:50 - 2013-05-03 02:06 - 00003662 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 13:14 - 2014-07-09 10:48 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 12:39 - 2014-07-09 10:48 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 10:32 - 2014-06-20 10:27 - 00000000 ____D () C:\Users\Jesusismysavior!\Downloads\Diana Krall - The Very Best Of Diana Krall .Deluxe Edition
2014-06-18 18:39 - 2014-07-09 10:48 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-18 18:06 - 2014-07-09 10:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-18 18:06 - 2014-07-09 10:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-18 17:48 - 2014-07-09 10:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-18 17:42 - 2014-07-09 10:48 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-18 17:42 - 2014-07-09 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-18 17:41 - 2014-07-09 10:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-18 17:41 - 2014-07-09 10:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-18 17:32 - 2014-07-09 10:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-18 17:31 - 2014-07-09 10:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-18 17:26 - 2014-07-09 10:48 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-18 17:24 - 2014-07-09 10:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-18 17:24 - 2014-07-09 10:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-18 17:23 - 2014-07-09 10:48 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-18 17:16 - 2014-07-09 10:48 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-18 17:14 - 2014-07-09 10:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-18 17:09 - 2014-07-09 10:48 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-18 16:59 - 2014-07-09 10:48 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 16:56 - 2014-07-09 10:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-18 16:53 - 2014-07-09 10:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-18 16:51 - 2014-07-09 10:48 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-18 16:50 - 2014-07-09 10:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-18 16:48 - 2014-07-09 10:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-18 16:39 - 2014-07-09 10:48 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-18 16:38 - 2014-07-09 10:48 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-18 16:37 - 2014-07-09 10:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-18 16:36 - 2014-07-09 10:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-18 16:35 - 2014-07-09 10:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-18 16:33 - 2014-07-09 10:48 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-18 16:32 - 2014-07-09 10:48 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-18 16:28 - 2014-07-09 10:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-18 16:28 - 2014-07-09 10:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-18 16:27 - 2014-07-09 10:48 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-18 16:27 - 2014-07-09 10:48 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-18 16:25 - 2014-07-09 10:48 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-18 16:23 - 2014-07-09 10:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-18 16:22 - 2014-07-09 10:48 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-18 16:12 - 2014-07-09 10:48 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-18 16:06 - 2014-07-09 10:48 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-18 16:01 - 2014-07-09 10:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-18 15:59 - 2014-07-09 10:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-18 15:58 - 2014-07-09 10:48 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-18 15:58 - 2014-07-09 10:48 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-18 15:52 - 2014-07-09 10:48 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-18 15:51 - 2014-07-09 10:48 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-18 15:49 - 2014-07-09 10:48 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-18 15:46 - 2014-07-09 10:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-18 15:45 - 2014-07-09 10:48 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-18 15:35 - 2014-07-09 10:48 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-18 15:34 - 2014-07-09 10:48 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-18 15:15 - 2014-07-09 10:48 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-18 15:13 - 2014-07-09 10:48 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-18 15:09 - 2014-07-09 10:48 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-18 15:07 - 2014-07-09 10:48 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-17 19:18 - 2014-07-09 03:31 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-17 18:51 - 2014-07-09 03:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-17 18:10 - 2014-07-09 03:31 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 08:35 - 2013-09-05 05:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-14 23:33 - 2014-06-14 23:32 - 00000000 ____D () C:\Users\Jesusismysavior!\Desktop\ANTHONYS
2014-06-14 11:57 - 2013-02-25 23:23 - 00000000 ____D () C:\Users\Jesusismysavior!\AppData\Local\Deployment
2014-06-14 11:52 - 2014-06-14 11:52 - 00417824 _____ () C:\Users\Jesusismysavior!\Desktop\DellSystemDetect.exe
2014-06-11 01:02 - 2014-06-11 01:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\Jesusismysavior!\AppData\Local\Temp\20140525090538.522.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\5.2.2.3_Full.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\AEV1956.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\dlLogic.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\dltr.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpes_j4x.dll
C:\Users\Jesusismysavior!\AppData\Local\Temp\f.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Jesusismysavior!\AppData\Local\Temp\GCVerifier.dll
C:\Users\Jesusismysavior!\AppData\Local\Temp\h264dec.dll
C:\Users\Jesusismysavior!\AppData\Local\Temp\h264dec_1.dll
C:\Users\Jesusismysavior!\AppData\Local\Temp\ICReinstall_20140525090538.522.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\ICReinstall_Firefox_Setup.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\log4net.dll
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsc3696.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsf472D.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsf5F92.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsh3B49.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsk42B8.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsk5D40.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsn38F8.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsn8C7B.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsp44FA.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nss8806.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsu61C4.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\nsx8A48.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\oi_{DDE044C7-85FA-4A86-BD60-C47B0A56139B}.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\optprosetup.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\SetACL.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\speedmax_21351.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\SpOrder.dll
C:\Users\Jesusismysavior!\AppData\Local\Temp\SPSetup.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\SyncRestarter.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\sync_upgrader.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Jesusismysavior!\AppData\Local\Temp\uninst1.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\updater_152465.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\uttB0C5.tmp.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\vcredist_vs2005_x86.exe
C:\Users\Jesusismysavior!\AppData\Local\Temp\verifier.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 23:50

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by Jesusismysavior! at 2014-07-09 15:44:42
Running from C:\Users\Jesusismysavior!\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2013 (Disabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Disabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (x32 Version: 9.0.0 - Adobe Systems) Hidden
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.115 - Atheros)
AutoCAD 2006 - English (HKLM-x32\...\{5783F2D7-4001-0409-0002-0060B0CE6BBA}) (Version: 16.2.54.10 - Autodesk)
AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.2904 - AVG Technologies)
AVG 2013 (Version: 13.0.2899 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.2904 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.7.600 - AVG Technologies)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29112 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (HKLM\...\{86E0470C-6250-4FCD-8903-AC3D49EB98D7}) (Version: 4.0.5078.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.5047.0 - Box Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Convert AVI to MP4 1.3 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp3.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
EasySolve (HKLM-x32\...\Comcast) (Version:  - )
EnergyPro 6 (HKLM-x32\...\{9EA0A5DC-4D66-4388-B586-B4A86ED5E2DF}) (Version: 6.1.0 - EnergySoft Software)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Forte (HKLM-x32\...\{4E8B6C33-1869-4416-A3A8-72DE77785CDE}) (Version: 4.1.2013 - Weyerhaeuser)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp Pro 8 (HKLM-x32\...\{3AB65E95-37D6-4DD7-8862-29AED3AFD54B}) (Version: 3.0.3117 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{A3E89C5B-BB3A-433A-A878-D1310BB13EAD}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
ICC A117.1-2009 (HKLM-x32\...\{9E16A10C-D65B-4E2B-906D-91BD44BD0429}) (Version: 1.00.0000 - International Code Council®)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Antimalware Service Multi-Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Digital Image Suite Anniversary Edition (HKLM-x32\...\PictureItSuite_v12) (Version: 11.0.2018 - Microsoft Corporation)
Microsoft Digital Image Suite Anniversary Edition Editor (x32 Version: 11.0.2018 - Microsoft Corporation) Hidden
Microsoft Digital Image Suite Anniversary Edition Library (x32 Version: 11.0.2018 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft ReportViewer 2010 Redistributable (HKLM-x32\...\{C19B3EB6-B54C-3204-A4DF-88432E0C79F7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Client MUI Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden
Neat (HKLM-x32\...\Neat) (Version: 5.2.2.3 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.5 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (x32 Version: 5.2.2.3 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.5 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.4 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
NVIDIA Control Panel 296.33 (Version: 296.33 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 296.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.7.12 (Version: 1.7.12 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.)
Reason 5.0.1 (HKLM-x32\...\Reason5_is1) (Version: 5.0.1 - Propellerhead Software AB)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.15.10.118 - Client Connect LTD) <==== ATTENTION
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.0.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase SE (HKLM-x32\...\Steinberg Cubase SE) (Version:  - )
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Tracker (HKLM-x32\...\com.elance.tracker) (Version: 2.3.3 - Elance Inc)
Tracker (x32 Version: 2.3.3 - Elance Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
V-Ray for SketchUp (HKLM-x32\...\V-Ray for SketchUp 1.49.01) (Version: 1.49.01 - ASGVIS)
Weyerhaeuser Common Registration Licensing (HKLM-x32\...\{EE30CF90-92F7-47AC-9996-417E0FDAB334}) (Version: 3.5.0 - Weyerhaeuser)
Weyerhaeuser Design Engine 5.7.0 (HKLM-x32\...\{55DA5278-0782-454A-BD59-C796CBE5FA4E}) (Version: 5.7.0 - Weyerhaeuser)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune (HKLM\...\Zune) (Version: 04.07.1404.01 - Microsoft Corporation)
Zune (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

09-07-2014 00:55:48 Windows Update
09-07-2014 08:46:05 Restore Operation
09-07-2014 09:01:29 Windows Update
09-07-2014 09:13:31 Restore Operation
09-07-2014 09:22:54 Windows Update
09-07-2014 09:37:02 Restore Operation
09-07-2014 09:47:06 Windows Update
09-07-2014 10:00:10 Windows Update
09-07-2014 10:21:06 Restore Operation
09-07-2014 17:50:55 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1E5DDC71-E46E-4699-829F-57C70B03CAAF} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2011-12-13] (PC-Doctor, Inc.)
Task: {2196BA3F-B196-407A-8775-E3D3720A3097} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-03] (Google Inc.)
Task: {23BC071D-EBB8-4CF9-9179-BB3DAB578283} - System32\Tasks\{2C042996-B5DE-40CB-A990-F5CC0D69B6C8} => C:\Users\Jesusismysavior!\Desktop\00-Autocad 2006\Bin\acadFeui\Program Files\Root\Locked\acad.exe
Task: {2FBE2DD9-D88B-4E65-912A-630EA33CA56F} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION
Task: {3F378354-356A-49DB-B126-8DB1B4F25EFC} - System32\Tasks\{2E4D06C2-39FB-4955-8E5B-5C4ACFA70409} => C:\Users\Jesusismysavior!\Desktop\00-Autocad 2006\Bin\acadFeui\Program Files\Root\Locked\acad.exe
Task: {5E6FC17A-640C-449E-AD6C-F3724CA36B6A} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {72C874FB-0E58-48CA-90B8-EFA786A6C14B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-12-13] (PC-Doctor, Inc.)
Task: {74844B96-EC78-45E1-9CB6-CED627EA711F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-03] (Google Inc.)
Task: {8594612A-C18F-4EB2-9C20-008D80E890CE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => c:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {8C5EE136-FCC7-44F3-A18A-B2960CE94F17} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {B325B3EC-65D0-474A-A387-800359C325A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {C85F6D4F-1D65-4EB0-82DC-BEF53C169120} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {CA44B314-2909-4D39-8F18-26E14C56F46F} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-25] () <==== ATTENTION
Task: {FB32F291-FC27-4ACC-A96A-003F9E9E01A0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => c:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => c:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => c:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2013-08-16 09:42 - 2013-06-25 09:08 - 00054784 _____ () C:\Windows\System32\sdtnpm.dll
2014-03-13 20:59 - 2014-03-13 20:59 - 00671744 _____ () C:\Windows\Installer\MSI2783.tmp
2012-06-14 21:10 - 2012-01-21 09:35 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2012-06-14 21:15 - 2012-01-26 19:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2013-03-04 10:57 - 2014-06-25 22:44 - 02567192 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-07-09 15:30 - 2014-07-09 15:30 - 00471552 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_hashlib.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00128512 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32api.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00137728 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\pywintypes27.dll
2014-07-09 15:30 - 2014-07-09 15:30 - 00503808 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\pythoncom27.dll
2014-07-09 15:30 - 2014-07-09 15:30 - 00111616 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_ctypes.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00689664 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\unicodedata.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00046080 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_socket.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 01167360 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_ssl.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00003584 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\clr.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00103424 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\Python.Runtime.dll
2014-07-09 15:30 - 2014-07-09 15:30 - 00030720 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32cred.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00030208 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\Crypto.Cipher._AES.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00008192 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\Crypto.Util.strxor.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00010752 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\Crypto.Random.OSRNG.winrandom.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00011264 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\Crypto.Util._counter.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00010752 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\select.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00027136 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\ujson.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00438784 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32com.shell.shell.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00023040 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32event.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00149504 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32file.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00136192 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32security.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00058368 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_sqlite3.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00535040 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\sqlite3.dll
2014-07-09 15:30 - 2014-07-09 15:30 - 00041984 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_psutil_mswindows.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00044032 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32process.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00166912 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_elementtree.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00164352 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\pyexpat.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00031744 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_multiprocessing.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00053760 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32service.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00020992 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\_yappi.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00021504 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32clipboard.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00223232 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\win32gui.pyd
2014-07-09 15:30 - 2014-07-09 15:30 - 00068096 _____ () C:\Users\Jesusismysavior!\AppData\Local\Temp\_MEI55682\SystemWrapper.dll
2014-07-02 16:06 - 2014-07-02 16:06 - 00030232 _____ () c:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
2014-02-13 04:31 - 2014-02-13 04:31 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-06-14 21:07 - 2011-11-29 18:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-06-14 21:09 - 2012-01-21 04:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2011-08-15 18:12 - 2011-08-15 18:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll
2011-08-15 18:15 - 2011-08-15 18:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 14:41 - 2011-08-17 14:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 14:48 - 2011-08-17 14:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll
2011-11-25 11:29 - 2011-11-25 11:29 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll
2011-08-15 18:12 - 2011-08-15 18:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 14:48 - 2011-08-17 14:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 17:23 - 2011-08-15 17:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll
2014-07-09 15:31 - 2014-07-09 15:31 - 00043008 _____ () c:\Users\Jesusismysavior!\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpes_j4x.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Jesusismysavior!\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-25 22:44 - 2014-06-25 22:44 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\system32\Drivers\icquvagu.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\uqcaahcq.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Jesusismysavior!\Desktop\my worship (1).jpg:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-2714389890-4143033447-1572086006-1001\Software\Classes\.exe:  =>  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk => C:\Windows\pss\AutoCAD Startup Accelerator.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jesusismysavior!^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tracker.lnk => C:\Windows\pss\Tracker.lnk.Startup
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Faulty Device Manager Devices =============

Name: MpKsle7d6369a
Description: MpKsle7d6369a
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsle7d6369a
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2014 03:35:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6c
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000223e0
Faulting process id: 0x1110
Faulting application start time: 0xGoogleUpdate.exe0
Faulting application path: GoogleUpdate.exe1
Faulting module path: GoogleUpdate.exe2
Report Id: GoogleUpdate.exe3

Error: (07/09/2014 01:11:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2014 01:11:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: loggingserver.exe, version: 17.2.0.0, time stamp: 0x51d41c91
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000332b0
Faulting process id: 0xf20
Faulting application start time: 0xloggingserver.exe0
Faulting application path: loggingserver.exe1
Faulting module path: loggingserver.exe2
Report Id: loggingserver.exe3

Error: (07/09/2014 01:11:06 PM) (Source: Autodesk Content Service) (EventID: 0) (User: )
Description: Service cannot be started. System.Net.Sockets.SocketException (0x80004005): The requested service provider could not be loaded or initialized
   at System.Net.IPAddress.ToString()
   at Connect.IVault.ExecutionModeServiceAuthorizationManager.GetLocalNetworkAddresses()
   at Connect.IVault.IVault.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/09/2014 01:02:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2014 01:01:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: loggingserver.exe, version: 17.2.0.0, time stamp: 0x51d41c91
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000332b0
Faulting process id: 0xef0
Faulting application start time: 0xloggingserver.exe0
Faulting application path: loggingserver.exe1
Faulting module path: loggingserver.exe2
Report Id: loggingserver.exe3

Error: (07/09/2014 01:01:46 PM) (Source: Autodesk Content Service) (EventID: 0) (User: )
Description: Service cannot be started. System.Net.Sockets.SocketException (0x80004005): The requested service provider could not be loaded or initialized
   at System.Net.IPAddress.ToString()
   at Connect.IVault.ExecutionModeServiceAuthorizationManager.GetLocalNetworkAddresses()
   at Connect.IVault.IVault.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/09/2014 00:54:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2014 00:53:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: loggingserver.exe, version: 17.2.0.0, time stamp: 0x51d41c91
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000343e0
Faulting process id: 0xf60
Faulting application start time: 0xloggingserver.exe0
Faulting application path: loggingserver.exe1
Faulting module path: loggingserver.exe2
Report Id: loggingserver.exe3

Error: (07/09/2014 00:53:08 PM) (Source: Autodesk Content Service) (EventID: 0) (User: )
Description: Service cannot be started. System.Net.Sockets.SocketException (0x80004005): The requested service provider could not be loaded or initialized
   at System.Net.IPAddress.ToString()
   at Connect.IVault.ExecutionModeServiceAuthorizationManager.GetLocalNetworkAddresses()
   at Connect.IVault.IVault.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (07/09/2014 03:43:06 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR6.

Error: (07/09/2014 03:31:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (07/09/2014 03:31:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147467259

Error: (07/09/2014 03:31:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147467259

Error: (07/09/2014 01:13:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/09/2014 01:13:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (07/09/2014 01:13:14 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (07/09/2014 01:11:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The PasswordBox service terminated with the following error:
%%2

Error: (07/09/2014 01:10:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The pcmaxservice Service service failed to start due to the following error:
%%216

Error: (07/09/2014 01:10:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147467259


Microsoft Office Sessions:
=========================
Error: (03/17/2014 10:59:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 12251.27 MB
Available physical RAM: 10093.01 MB
Total Pagefile: 24500.72 MB
Available Pagefile: 21954.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1847.98 GB) (Free:1423.13 GB) NTFS
Drive j: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive l: () (Removable) (Total:14.92 GB) (Free:14.24 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 3B573600)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-214773530624) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================



#4 terrims

terrims
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:27 PM

Posted 09 July 2014 - 05:58 PM

I am not able to run the aswMBR because the compute will not download anything, so I am putting the downloads on a flash drive to install on desktop. This program wants to connect and it cant.



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 11 July 2014 - 09:00 AM

Sorry, please skip it.

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 15 July 2014 - 07:42 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users