Otl

OTL logfile created on: 10/29/2013 1:10:59 PM - Run 1
OTL by OldTimer - Version 3.2.69.0

Folder = C:\programs\AntiVirus\ReDirectVi
rusRemoval\OTL
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstati
on
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyy
y
11.96 Gb Total Physical Memory | 9.42 Gb Available Physical Memory | 78.74% Memo
ry free
23.92 Gb Paging File | 18.56 Gb Available in Paging File | 77.60% Paging File fr
ee
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Fil
es (x86)
Drive C: | 1386.34 Gb Total Space | 844.63 Gb Free Space | 60.92% Space Free | P
artition Type: NTFS
Computer Name: DELL-2800 | User Name: Denis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitel
ist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\programs\AntiVirus\ReDirectVirusRemoval\OTL\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe System
s Incorporated)
PRC - C:\Program Files (x86)\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe System
s Incorporated)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communicatio
ns, Inc.)
PRC - C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR)
PRC - C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GbR)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateS
ervice.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataM
grSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.
exe (Intel Corporation)
PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera Software LLC.)
PRC - C:\ProgramData\FLEXnet\Connect\11\agent.exe (Flexera Software LLC.)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateServ
ice.exe (Intuit Inc.)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.
exe (Protexis Inc.)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe (I
nterVideo Inc.)
PRC - C:\Windows\SysWOW64\hphmon05.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuSchd2.exe (H
ewlett-Packard)
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a53
4be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d
6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae
8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f
7e1c154937a2788b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c1
9e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\283efd3aec91b2e6
457d924d3d941804\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933
e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df
01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b
81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d794cf7944e4a4
8738ca8501c86bd722\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91
dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFF
ICE.ODF ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
()
MOD - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll ()
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.
exe (SurfRight B.V.)
SRV:[b]64bit:[/b] - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore
\\mfefire.exe ()
SRV:[b]64bit:[/b] - (McAPExe) -- C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee
, Inc.)
SRV:[b]64bit:[/b] - (mfecore) -- C:\Program Files\Common Files\McAfee\AMCore\mcs
hield.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (McComponentHostService) -- C:\Program Files\McAfee Security
Scan\3.8.130\McCHSvc.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAf
ee, Inc.)
SRV:[b]64bit:[/b] - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platf
orm\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (McProxy) -- C:\Program Files\Common Files\McAfee\Platform\M
cSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (mcpltsvc) -- C:\Program Files\Common Files\McAfee\Platform\
McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\Platform\
SRV:[b]64bit:[/b] - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\
SRV:[b]64bit:[/b] - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platfor
m\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (
Microsoft Corporation)
SRV:[b]64bit:[/b] - (McAfee SiteAdvisor Service) -- C:\Program Files\Common File
s\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:[b]64bit:[/b] - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.ex
e (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesr
xx.exe (AMD)
SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Co
rporation)
SRV:[b]64bit:[/b] - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLog
in.exe (Stardock Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPla
yerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service
\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\arm
svc.exe (Adobe Systems Incorporated)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealN
etworks\RealDownloader\rndlresolversvc.exe ()
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (Riverbed Technology
, Inc.)
SRV - (DragonSvc) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuan
ce Communications, Inc.)
SRV - (PDF Architect Helper Service) -- C:\Program Files (x86)\PDF Architect\Hel
perService.exe (pdfforge GbR)
SRV - (PDF Architect Service) -- C:\Program Files (x86)\PDF Architect\Conversion
Service.exe (pdfforge GbR)
SRV - (IntuitUpdateServiceV4) -- C:\Program Files (x86)\Common Files\Intuit\Upda
te Service v4\IntuitUpdateService.exe (Intuit Inc.)
SRV - (HPSLPSVC) -- C:\Users\Denis\AppData\Local\Temp\7zS02F8\HPSLPSVC64.DLL (He
wlett-Packard Co.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage
Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftServi
ce.exe (SoftThinks SAS)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovi
sion Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update
Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\
Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (MOBKbackup) -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.
0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Servic
e\PsiService_2.exe (Protexis Inc.)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files (x86)\Adobe\Elements Organ
izer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (RoxMediaDB10) -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\Sh
aredCom\RoxMediaDB10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.
0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Capture Device Service) -- C:\Program Files (x86)\Common Files\InterVideo
\DeviceService\DevSvc.exe (InterVideo Inc.)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee,
Inc.)
DRV:[b]64bit:[/b] - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfe
e, Inc.)
DRV:[b]64bit:[/b] - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfe
e, Inc.)
DRV:[b]64bit:[/b] - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McA
fee, Inc.)
DRV:[b]64bit:[/b] - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfe
e, Inc.)
DRV:[b]64bit:[/b] - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfe
e, Inc.)
DRV:[b]64bit:[/b] - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys
(McAfee, Inc.)
DRV:[b]64bit:[/b] - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfe
e, Inc.)
DRV:[b]64bit:[/b] - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McA
fee, Inc.)
DRV:[b]64bit:[/b] - (HWiNFO32) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS (RE
ALiX(tm))
DRV:[b]64bit:[/b] - (McPvDrv) -- C:\Windows\SysNative\drivers\McPvDrv.sys (McAfe
e, Inc.)
DRV:[b]64bit:[/b] - (PCDSRVC{D3412D80-CF3B4A27-06020200}_0) -- c:\Program Files\
My Dell\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV:[b]64bit:[/b] - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (Riverbed Tech
nology, Inc.)
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (A
pple, Inc.)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sy
s (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microso
ft Corporation)
DRV:[b]64bit:[/b] - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Bro
adcom Corporation)
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel C
orporation)
DRV:[b]64bit:[/b] - (RsFx0105) -- C:\Windows\SysNative\drivers\RsFx0105.sys (Mic
rosoft Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advan
ced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advan
ced Micro Devices)
DRV:[b]64bit:[/b] - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO
Software)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett
-Packard Company)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Mic
rosoft Corporation)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideom
iniport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Micro
soft Corporation)
DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI
Technologies Inc.)
DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Adv
anced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (MOBKFilter) -- C:\Windows\SysNative\drivers\MOBK.sys (Mozy,
Inc.)
DRV:[b]64bit:[/b] - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Cor
poration)
DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Int
el(R) Corporation)
DRV:[b]64bit:[/b] - (PTQHVSP) -- C:\Windows\SysNative\drivers\PTQHVSP.sys (DEVGU
RU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (PTQHMDM) -- C:\Windows\SysNative\drivers\PTQHMDM.sys (DEVGU
RU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (PTQHBUS) -- C:\Windows\SysNative\drivers\PTQHBUS.sys (DEVGU
RU Co., LTD.)
DRV:[b]64bit:[/b] - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel
Corporation)
DRV:[b]64bit:[/b] - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
(ATI Technologies, Inc.)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Tec
hnologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI
Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Pro
mise Technology)
DRV:[b]64bit:[/b] - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft
Corporation)
DRV:[b]64bit:[/b] - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Cor
poration)
DRV:[b]64bit:[/b] - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft C
orporation)
DRV:[b]64bit:[/b] - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Son
ic Solutions)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom
Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadc
om Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Bro
adcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hau
ppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (OxPPort) -- C:\Windows\SysNative\drivers\OxPPort.sys (OEM)
DRV:[b]64bit:[/b] - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Micro
soft Corporation)
DRV - (cleanhlp) -- C:\EEK\Run\cleanhlp64.sys (Emsisoft GmbH)
DRV - (A2DDA) -- C:\EEK\Run\a2ddax64.sys (Emsisoft GmbH)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporat
ion)
DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_U
RL = http://g.msn.com/USCON/1
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Second
ary_Page_URL = Reg Error: Value error.
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Star
t Pages = Reg Error: Value error.
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h
ttp://g.msn.com/USCON/1
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {47236348-9AE5-4CD9-88D0CCFB36397B84}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{47236348-9AE5-4CD9-88D0-CCFB36397B84}:
"URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-Se
archBox
IE - HKLM\..\SearchScopes,DefaultScope = {47236348-9AE5-4CD9-88D0-CCFB36397B84}
IE - HKLM\..\SearchScopes\{47236348-9AE5-4CD9-88D0-CCFB36397B84}: "URL" = http:/

/www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.
msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.co
m/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache Ac
ceptLangs = en-US
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEna
ble" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOve
rride" = <local>;*.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd
%7D:24.0
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windo
ws\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25
.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.
25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\P
ROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windo
ws\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.
0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Cor
poration)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,versi
on=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Ma
cromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program File
s (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program
Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Progr
am Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\
McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee
\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee
\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)
\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wa
t\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program
Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation
)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PR
OGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PRO
GRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:
\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporatio
n)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:
\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporatio
n)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\progr
am files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\progr
am files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version
=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins
\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1:
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlh
tml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1
.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\n
prndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=1
5.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprp
chromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14
: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5vid
eoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\pro
gram files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Pro
gramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownload
er)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\
Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\
Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Rea
der 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\PROGRA~2\Nuance
\NATURA~1\Program\npDgnRia.dll (Nuance Communications Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\
Denis\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931
-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/10/13 11:11
:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConve
rter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2
012/11/23 13:04:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jid0-lmZNVK7a82O8cu
fhdfB9dUDfA2w@jetpack: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program
\ffShim.xpi [2013/02/11 19:44:08 | 000,136,309 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b
-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\F
irefox\Ext [2013/03/26 06:30:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd
-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\F
irefox\Ext\ [2013/03/26 06:30:05 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Compon
ents: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/18 21:44:17 | 0
00,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugin
s: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee
.com: C:\Program Files\McAfee\MSK [2013/08/29 02:52:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Compone
nts: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/18 21:44:17 | 00
0,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins
: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/07/28 07:59:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis
\AppData\Roaming\Mozilla\Extensions
[2013/10/29 08:37:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis
\AppData\Roaming\Mozilla\Firefox\Profiles\jzakxl3g.default-1382973774018\extensi
ons
[2013/09/18 21:44:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Fil
es (x86)\Mozilla Firefox\browser\extensions
[2013/09/18 21:44:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x8
6)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/05 06:05:01 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozi
lla firefox\searchplugins\McSiteAdvisor.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\Sys
Native\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9
E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB
-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF105
77473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Go
ogle Inc.)
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0
E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, I
nc.)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC
74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation
)
O2:[b]64bit:[/b] - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Progra
m Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {304
9C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\
BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\P
rogram Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Prog
ram Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Dragon NaturallySpeaking Rich Internet Application Support - Extensio
n) - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\Natu
rallySpeaking12\Program\ieShim.dll (Nuance Communications, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
- C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:
\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A
9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD
4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPl
g.dll (McAfee, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dl
l (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526
-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoS
oft)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-51
6ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc
.)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D
6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Freecorder 6) - {6B34ACCF-1B63-4E1A-8633-461917C75544} C:\Program Files (x86)\Freecorder 6\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D32290
68} - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965
-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleTo
olbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder 6) - {6B34ACCF-1B63-4E1A-8633-46191
7C75544} - C:\Program Files (x86)\Freecorder 6\tbcore3.dll ()
O4:[b]64bit:[/b] - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic She
ll\ClassicStartMenu.exe (IvoSoft)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAV
Cpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon6
4.DLL (Creative Technology Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg6
4.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking1
2\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP
Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHmon05] C:\Windows\SysWOW64\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] C:\Program Files (x86)\Hewlett-Packard\\{5372B9A6-6E
51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storag
e Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera
Software LLC.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (Mc
Afee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfe
e, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core
-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX T
ruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera

Software LLC.)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Compone
nts\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Co
mponents\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio
Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Progra
ms\Startup\Dell Dock.lnk = File not found
ms\Startup\Desktop Lightning.lnk = C:\Program Files (x86)\Desktop Lightning\Desk
top Lightning.exe ()
ms\Startup\GoZone iSync.lnk = C:\Program Files (x86)\GoZone\GoZone_iSync.exe (Vi
rgin HealthMiles Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveD
esktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControl
Panel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentProm
ptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentProm
ptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LocalAccoun
tTokenFilterPolicy = 1
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Pr
ogram Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86
)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/syste
mprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/tr
oubleshooting/Content/Ode/pcd86.cab (Launcher Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7
.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/system
profiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6
.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6
.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequireme
ntslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab (SysInfo Clas
s)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NO
S/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://my.verizon.com/micro/speedoptimizer/fios/vzTCPConf
ig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{760E7385-DDBD-4D3C-B
6A5-D6387B7B5EF0}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E
91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.
)
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC

5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Pr
ogram Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Progra
m Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8
} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (S
kype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A0
54-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D7569
2} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\Jaksta\AC\x64\jaudcap.dll) - C:\Wi
ndows\Jaksta\AC\x64\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20 - AppInit_DLLs: (C:\Windows\Jaksta\AC\x86\jaudcap.dll) - C:\Windows\Jaksta\A
C\x86\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.
exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe)
- C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (
Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.ex
e (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - N
o CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value
found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{931d086d-f814-11df-8016-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{931d086d-f814-11df-8016-806e6f6e6963}\Shell\AutoRun\command
- "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/col
or]
[2013/10/28 11:24:46 | 000,000,000
[2013/10/28 10:25:42 | 000,000,000
antine
[2013/10/28 10:19:21 | 000,000,000
ws\Start Menu\Programs\HitmanPro
[2013/10/27 18:19:36 | 000,000,000
& Destroy
[2013/10/27 18:19:36 | 000,000,000
| ---D | C] -- C:\Program Files (x86)\ESET

| ---D | C] -- C:\Users\Denis\Desktop\RK_Quar
| ---D | C] -- C:\ProgramData\Microsoft\Windo
| ---D | C] -- C:\ProgramData\Spybot - Search
| ---D | C] -- C:\Program Files (x86)\Spybot
- Search & Destroy

[2013/10/27 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
[2013/10/27 09:03:24 | 000,000,000 | ---D | C] -- C:\EEK
[2013/10/27 01:24:05 | 000,000,000 | ---D | C] -- C:\Users\Denis\Desktop\Redirec
tor Virus
[2013/10/26 16:25:39 | 000,000,000 | ---D | C] -- C:\Users\Denis\Desktop\Old Fir
efox Data
[2013/10/26 16:04:14 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/26 15:54:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/26 15:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/10/26 15:26:37 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/10/24 22:19:10 | 000,000,000 | ---D | C] -- C:\Windows\Replay Converter 4
[2013/10/24 22:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay
Converter 4
[2013/10/22 22:05:51 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C
:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/22 22:05:51 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C
:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/22 21:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/22 21:11:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common
Files\Java
[2013/10/22 21:11:06 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Window
s\SysWow64\javaws.exe
s\SysWow64\javaw.exe
s\SysWow64\java.exe
s\SysWow64\WindowsAccessBridge-32.dll
[2013/10/22 21:10:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\Java
[2013/10/20 08:23:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\McAfee Security Scan Plus
[2013/10/20 08:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Securi
ty Scan
[2013/10/20 07:10:10 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming
\Replay Video Capture 7
[2013/10/20 07:09:53 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming
\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[2013/10/20 07:09:47 | 000,000,000 | ---D | C] -- C:\Windows\Replay Video Captur
e 7
[2013/10/20 07:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay
Video Capture 7
[2013/10/19 11:50:48 | 000,000,000 | ---D | C] -- C:\Windows\Applian Director
[2013/10/19 11:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Applian
Director
[2013/10/16 22:19:35 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysN
ative\drivers\HipShieldK.sys
[2013/10/13 08:37:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Win
dows\SysWow64\ieui.dll
dows\SysNative\ieui.dll
dows\SysNative\iesysprep.dll
dows\SysWow64\iesysprep.dll
dows\SysNative\RegisterIEPKEYs.exe
dows\SysWow64\RegisterIEPKEYs.exe
[2013/10/13 08:37:56 | 000,067,072 |

dows\SysNative\iesetup.dll
[2013/10/13 08:37:56 | 000,061,440 |
dows\SysWow64\iesetup.dll
[2013/10/13 08:37:56 | 000,051,712 |
dows\SysNative\ie4uinit.exe
[2013/10/13 08:37:56 | 000,039,936 |
dows\SysNative\iernonce.dll
[2013/10/13 08:37:56 | 000,033,280 |
dows\SysWow64\iernonce.dll
[2013/10/13 08:37:54 | 003,959,296 |
dows\SysNative\jscript9.dll
[2013/10/13 08:37:54 | 000,855,552 |
dows\SysNative\jscript.dll
[2013/10/13 08:37:54 | 000,690,688 |
dows\SysWow64\jscript.dll
[2013/10/13 08:37:54 | 000,603,136 |
dows\SysNative\msfeeds.dll
[2013/10/09 04:40:02 | 000,633,856 |
dows\SysNative\comctl32.dll
[2013/10/09 04:40:00 | 000,368,128 |
:\Windows\SysNative\atmfd.dll
[2013/10/09 04:39:59 | 000,295,424 |
:\Windows\SysWow64\atmfd.dll
[2013/10/09 04:39:59 | 000,100,864 |
dows\SysNative\fontsub.dll
[2013/10/09 04:39:59 | 000,070,656 |
dows\SysWow64\fontsub.dll
[2013/10/09 04:39:59 | 000,041,472 |
dows\SysNative\lpk.dll
[2013/10/09 04:39:59 | 000,014,336 |
dows\SysNative\dciman32.dll
[2013/10/09 04:39:58 | 000,046,080 |
Native\atmlib.dll
[2013/10/09 04:39:58 | 000,034,304 |
Wow64\atmlib.dll
[2013/10/09 04:39:55 | 000,076,800 |
dows\SysNative\drivers\hidclass.sys
[2013/10/09 04:39:55 | 000,032,896 |
dows\SysNative\drivers\hidparse.sys
[2013/10/09 04:39:54 | 000,102,400 |
dows\SysNative\davclnt.dll
[2013/10/09 04:39:48 | 005,549,504 |
dows\SysNative\ntoskrnl.exe
[2013/10/09 04:39:48 | 000,878,080 |
dows\SysNative\advapi32.dll
[2013/10/09 04:39:47 | 003,969,472 |
dows\SysWow64\ntkrnlpa.exe
[2013/10/09 04:39:47 | 003,914,176 |
dows\SysWow64\ntoskrnl.exe
[2013/10/09 04:39:47 | 000,859,648 |
dows\SysNative\tdh.dll
[2013/10/09 04:39:46 | 000,619,520 |
dows\SysWow64\tdh.dll
[2013/10/09 04:39:45 | 001,732,032 |
dows\SysNative\ntdll.dll
[2013/10/09 04:39:43 | 000,243,712 |
dows\SysNative\wow64.dll
[2013/10/09 04:39:39 | 000,014,336 |
dows\SysWow64\ntvdm64.dll
---- | C] (Microsoft Corporation) -- C:\Win

---- | C] (Adobe Systems Incorporated) -- C
---- | C] (Adobe Systems Incorporated) -- C
---- | C] (Adobe Systems) -- C:\Windows\Sys
---- | C] (Adobe Systems) -- C:\Windows\Sys

dows\SysWow64\wow32.dll
dows\SysWow64\setup16.exe
dows\SysWow64\instnm.exe
dows\SysWow64\user.exe
dows\SysNative\PresentationCFFRasterizerNative_v0300.dll
dows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
dows\SysNative\scavengeui.dll
dows\SysNative\drivers\usbport.sys
dows\SysNative\drivers\usbd.sys
[2013/10/01 05:21:12 | 000,074,560 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysN
ative\drivers\McPvDrv.sys
[2013/09/30 22:43:15 | 000,000,000 | ---D | C] -- C:\Windows\Jaksta
[2011/01/23 08:38:01 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Denis\
AppData\Roaming\pcouffin.sys
[364 C:\Users\Denis\Documents\*.tmp files -> C:\Users\Denis\Documents\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013/10/29 12:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flas
h Player Updater.job
[2013/10/29 12:26:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpda
teTaskMachineUA.job
[2013/10/29 11:21:20 | 000,000,589 | ---- | M] () -- C:\Users\Denis\Desktop\Emsi
soft Emergency Kit.lnk
[2013/10/29 07:12:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/28 18:26:02 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpda
teTaskMachineCore.job
[2013/10/28 11:24:26 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296F
B0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/28 11:24:26 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296F
B0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/28 11:18:00 | 000,001,112 | ---- | M] () -- C:\Users\Denis\AppData\Roam
ing\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Lightning.lnk
[2013/10/28 11:16:40 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\PC Optimiz
er Pro64 startups.job
[2013/10/28 11:16:26 | 1041,559,550 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/28 10:19:21 | 000,001,936 | ---- | M] () -- C:\Users\Public\Desktop\Hit
manPro.lnk
[2013/10/28 10:13:04 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\Mal
warebytes Anti-Malware.lnk
[2013/10/26 23:51:35 | 000,001,190 | ---- | M] () -- C:\Windows\pfe32.key
[2013/10/24 12:23:50 | 002,501,684 | ---- | M] () -- C:\Windows\SysNative\PerfSt
ringBackup.INI
[2013/10/24 12:23:50 | 000,812,346 | ---- | M] () -- C:\Windows\SysNative\perfh0
0A.dat
09.dat
12.dat
[2013/10/24 12:23:50 | 000,183,482 | ---- | M] () -- C:\Windows\SysNative\perfc0

0A.dat
09.dat
12.dat
[2013/10/24 00:43:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C
:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/24 00:43:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C
:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/20 08:23:12 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\McA
fee Security Scan Plus.lnk
[2013/10/20 08:23:12 | 000,001,974 | ---- | M] () -- C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/10/19 11:50:49 | 000,002,096 | ---- | M] () -- C:\Users\Denis\Application
Data\Microsoft\Internet Explorer\Quick Launch\Applian Director.lnk
[2013/10/17 12:30:53 | 000,007,520 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2013/10/13 11:12:23 | 000,536,624 | ---- | M] () -- C:\Windows\SysNative\FNTCAC
HE.DAT
[2013/10/13 08:35:28 | 002,485,688 | ---- | M] () -- C:\Windows\SysWow64\PerfStr
ingBackup.INI
[2013/10/09 19:10:51 | 001,348,984 | ---- | M] (Indigo Rose Corporation) -- C:\W
indows\Replay Video Capture
[2013/10/08 07:50:37 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Window
s\SysWow64\WindowsAccessBridge-32.dll
s\SysWow64\javaws.exe
s\SysWow64\javaw.exe
s\SysWow64\java.exe
[2013/09/30 22:43:29 | 000,000,690 | ---- | M] () -- C:\Windows\wininit.ini
[364 C:\Users\Denis\Documents\*.tmp files -> C:\Users\Denis\Documents\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013/10/28 23:16:11 | 000,000,589 | ---- | C] () -- C:\Users\Denis\Desktop\Emsi
soft Emergency Kit.lnk
[2013/10/28 10:19:21 | 000,001,936 | ---- | C] () -- C:\Users\Public\Desktop\Hit
manPro.lnk
[2013/10/28 01:06:44 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\Mal
warebytes Anti-Malware.lnk
[2013/10/26 23:41:44 | 000,001,190 | ---- | C] () -- C:\Windows\pfe32.key
[2013/10/22 22:05:52 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flas
h Player Updater.job
[2013/10/19 11:50:49 | 000,002,096 | ---- | C] () -- C:\Users\Denis\Application
Data\Microsoft\Internet Explorer\Quick Launch\Applian Director.lnk
[2013/05/15 22:47:54 | 000,000,000 | ---- | C] () -- C:\Users\Denis\tkcon.hst
[2013/05/04 01:04:58 | 000,004,510 | ---- | C] () -- C:\Users\Denis\AppData\Roam
ing\CamStudio.cfg
ing\CamShapes.ini
ing\CamLayout.ini
ing\Camdata.ini
[2013/02/28 21:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthread
VC.dll
[2012/12/29 10:38:30 | 000,057,344 | ---- |

dll
[2012/12/13 13:51:00 | 001,942,528 | ---- |
tory.db
[2012/12/13 04:27:20 | 000,000,309 | ---- |
re.xml
[2012/10/30 09:46:51 | 000,000,690 | ---- |
[2012/10/25 17:07:28 | 003,973,120 | ---- |
.exe
[2012/09/16 14:35:29 | 000,053,248 | ---- |
L.dll
[2012/09/16 14:35:29 | 000,002,413 | ---- |
fig.ini
[2012/09/14 09:32:16 | 000,045,056 | ---- |
N.DLL
[2012/09/14 09:32:16 | 000,000,114 | ---- |
A.INI
[2012/09/08 03:07:55 | 000,042,108 | ---- |
til.dll
[2012/09/08 03:07:54 | 003,566,434 | ---- |
odec.dll
[2012/09/08 03:07:54 | 000,827,392 | ---- |
stem.dll
[2012/09/08 03:07:54 | 000,167,936 | ---- |
ols.dll
[2012/09/08 03:07:54 | 000,122,880 | ---- |
F.dll
[2012/09/08 03:07:52 | 000,241,664 | ---- |
[2012/09/08 03:07:52 | 000,057,344 | ---- |
Dll.dll
[2012/09/08 03:07:52 | 000,057,344 | ---- |
dll
[2012/07/31 19:00:04 | 000,060,304 | ---- |
e
[2012/05/19 03:28:41 | 000,074,703 | ---- |
ll
[2012/04/05 21:29:34 | 000,204,952 | ---- |
l.dat
[2012/04/05 21:29:34 | 000,157,144 | ---- |
a.dat
[2012/03/24 03:47:29 | 000,000,629 | ---- |
lServer.Compact.400.32.bc
[2012/03/09 14:06:14 | 000,024,576 | ---- |
2.dll
[2011/12/27 04:53:01 | 000,002,995 | ---- |
ing\SAS7_000.DAT
[2011/12/26 07:19:48 | 000,005,632 | ---- |
l\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/11 15:13:34 | 000,103,832 | ---- |
wnloadHelper.exe
[2011/08/05 02:12:29 | 001,519,130 | ---- |
PN_DEF_migration_072911_Final_.pdf
[2011/07/11 00:21:33 | 000,008,704 | -HS- |
[2011/05/31 00:07:28 | 000,007,597 | ---- |
l\Resmon.ResmonCfg
[2011/02/11 02:29:28 | 000,000,008 | RHS- |
ys
[2011/02/11 02:29:27 | 000,007,520 | -HS- |
[2011/01/23 11:19:01 | 000,000,327 | ---- |
ing\default.rss
C] () -- C:\Windows\SysWow64\ff_vfw.
C] () -- C:\ProgramData\WinEventsHis
C] () -- C:\ProgramData\SchedulerSto
C] () -- C:\Windows\wininit.ini
C] () -- C:\Windows\SysWow64\ffmpeg2
C] () -- C:\Windows\SysWow64\CommonD
C] () -- C:\Windows\SysWow64\lgAxcon
C] () -- C:\Windows\SysWow64\BRTCPCO
C] () -- C:\Windows\SysWow64\BRLMW03
C] () -- C:\Windows\SysWow64\fun_avu
C] () -- C:\Windows\SysWow64\fun_avc
C] () -- C:\Windows\SysWow64\Mpeg4Sy
C] () -- C:\Windows\SysWow64\Mpeg4To
C] () -- C:\Windows\SysWow64\Mpeg4DS
C] () -- C:\Windows\SysWow64\AMR.dll
C] () -- C:\Windows\SysWow64\EvrcDec
C] () -- C:\Windows\SysWow64\AMRDSF.
C] () -- C:\Users\Denis\g2mdlhlpx.ex
C] () -- C:\Windows\SysWow64\mfc45.d
C] () -- C:\Windows\SysWow64\ativvsv
C] () -- C:\Windows\SysWow64\ativvsv
C] () -- C:\ProgramData\Microsoft.Sq
C] () -- C:\Windows\SysWow64\kdbsdk3
C] () -- C:\Users\Denis\AppData\Roam
C] () -- C:\Users\Denis\AppData\Loca
C] () -- C:\Users\Denis\GoToAssistDo
C] () -- C:\Users\Denis\User_Guide_V
C] () -- C:\ProgramData\nt838cc.com
C] () -- C:\Users\Denis\AppData\Loca
C] () -- C:\ProgramData\9AC51C3A6A.s
C] () -- C:\ProgramData\KGyGaAvL.sys
C] () -- C:\Users\Denis\AppData\Roam

ing\inst.exe
ing\pcouffin.cat
ing\pcouffin.inf
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop
.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}
\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0
c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}
\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-4
09d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1
}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | --- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a30c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | --- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,31
2 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDAD6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,2
08 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856
| ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB3285FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2013/10/22 10:23:49 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming
\Applian FLV and Media Player

\APP_NAME_NON_STRING
\AutoTrafficAccelerator
\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
\com.adobe.downloadassistant.AdobeDownloadAssistant
\com.desktoplightning.airapp
\com.desktoplightning.airapp.E46A8636380668D0309964F39136B84A726B34C4.1
\EasyDuplicateFinder
\Eltima Software
\FileZilla
\Freecorder 6 Video
\Garmin
\GAS Softwares
\Hoyle Blackjack
\Hoyle Card Games
\Hoyle FaceCreator
\No Company Name
\Notepad++
\Nuance
\Oracle
\Pantech
\PCDr
\PDF Architect
\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
\Radialpoint
\Replay Media Catcher 4
\Replay Media Catcher 5
\Replay Video Capture 7
\TechCheck
\Ulead Systems
\Vso
\WinBatch
\Windows Live Writer
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 245 bytes -> C:\ProgramData\TEMP:0FF263E8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

Otl

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Otl

Hochgeladen von

Copyright:

Verfügbare Formate

OTL logfile created on: 10/29/2013 1:10:59 PM - Run 1

OTL by OldTimer - Version 3.2.69.0

s\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

IE - HKLM\..\SearchScopes\{47236348-9AE5-4CD9-88D0-CCFB36397B84}: "URL" = http:/

irefox\Ext\ [2013/03/26 06:30:05 | 000,000,000 | ---D | M]

- C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera

O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC

| ---D | C] -- C:\Program Files (x86)\ESET

- Search & Destroy

[2013/10/13 08:37:56 | 000,067,072 |

---- | C] (Microsoft Corporation) -- C:\Win

[2013/10/09 04:39:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Win

[2013/10/24 12:23:50 | 000,183,482 | ---- | M] () -- C:\Windows\SysNative\perfc0

[2012/12/29 10:38:30 | 000,057,344 | ---- |

[2011/01/23 08:38:01 | 000,099,384 | ---- | C] () -- C:\Users\Denis\AppData\Roam

\Applian FLV and Media Player

[color=#E56717]========== Alternate Data Streams ==========[/color]

Das könnte Ihnen auch gefallen