Tech Support Forum banner
Status
Not open for further replies.

AVG detecting RPCNETP.EXE how do I get rid of this?

2K views 5 replies 2 participants last post by  chemist 
#1 ·
I know the rpc files came from Absoultes LoJack software I shoulden't have bought it to begin with for my DeskTop, but oops I did. I uninstalled it a long time ago and AVG keeps popping up with the allow or deny box every time I boot my computer. Any ideas on how to delete thes files permanatly?

Thx, Dave

P.S.
I'm getting these doubble underline ads on this Tech Support Forum site, I can't move the mouse across the screen without popups everywhere. I know there was an addon in Firefox that did that, but I got rid of that a long time ago and there is no addon in Firefox to justify it. What's up with that? Any way to turn that off?


The copy\paste txt you asked for:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.71.2
Run by Administrator at 15:52:39 on 2015-01-30
.
============== Running Processes ================
.
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Real\realplayer\Update\realsched.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uWindow Title = Internet Explorer, enhanced for Bing and MSN
uDefault_Page_URL = hxxp://www.alienware.com/
mWinlogon: Userinit = userinit.exe,
BHO: AutorunsDisabled - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
mRun: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Real\realplayer\update\realsched.exe" -osboot
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [ospd_us_295] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoThumbnailCache = dword:0
uPolicies-Explorer: NoNetConnectDisconnect = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E72235FA-EBC4-4094-B2B5-7E8281242C39} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll
Notify: WBSrv - C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~2\COMMON~1\Stardock\mcpcore.dll
SSODL: WebCheck - <orphaned>
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: AutorunsDisabled - <orphaned>
x64-BHO: {10921475-03CE-4E04-90CE-E2E7EF20C814} - <orphaned>
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-Run: [Thermal Controller] "C:\Program Files\Alienware\Command Center\ThermalController.exe" /auto
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [AlienFX Controller] "C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe"
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [MacDrive 8 application for Digidesign] "C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: WB - <no file>
x64-SSODL: WebCheck - <orphaned>
x64-STS: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Administrator.ALIENBORN\AppData\Roaming\Mozilla\Firefox\Profiles\346liror.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&CUI=UN19411942022833170&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\Administrator.ALIENBORN\AppData\Roaming\Mozilla\Firefox\Profiles\346liror.default\extensions\capturefoxmovie@advancity.net\components\capturefoxxpi_win32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R? AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8
R? androidusb;ADB Interface Driver
R? AtiHDAudioService;AMD Function Driver for HD Audio Service
R? BPowMon;Broadcom Power monitoring service
R? cfwids;McAfee Inc. cfwids
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? cpudrv64;cpudrv64
R? cpuz134;cpuz134
R? cpuz135;cpuz135
R? cpuz137;cpuz137
R? DrvAgent64;DrvAgent64
R? ElRawDisk;ElRawDisk
R? FLEXnet Licensing Service 64;FLEXnet Licensing Service 64
R? Futuremark SystemInfo Service;Futuremark SystemInfo Service
R? massfilter_hs;HS HandSet Mass Storage Filter Driver
R? McShield;McShield
R? mfeavfk;McAfee Inc. mfeavfk
R? mfefirek;McAfee Inc. mfefirek
R? mfehidk;McAfee Inc. mfehidk
R? mfenlfk;McAfee NDIS Light Filter
R? mferkdet;McAfee Inc. mferkdet
R? mfevtp;McAfee Validation Trust Protection Service
R? mfewfpk;McAfee Inc. mfewfpk
R? mio;Master IO Filter Driver
R? nlsX86cc;Nalpeiron Licensing Service
R? OverwolfUpdater;Overwolf Updater Windows SCM
R? PROCEXP151;PROCEXP151
R? RdpVideoMiniport;Remote Desktop Video Miniport Driver
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? rzudd;Razer Mouse Driver
R? SwitchBoard;Adobe SwitchBoard
R? Synth3dVsc;Synth3dVsc
R? t3;Sound Blaster X-Fi Xtreme Audio
R? TsUsbFlt;TsUsbFlt
R? tsusbhub;tsusbhub
R? VGPU;VGPU
R? WatAdminSvc;Windows Activation Technologies Service
R? WindowFX;Stardock WindowFX
R? WinRing0_1_2_0;WinRing0_1_2_0
S? Avgdiska;AVG Disk Driver
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHA;AVGIDSHA
S? Avgldx64;AVG AVI Loader Driver
S? Avgloga;AVG Logging Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgtp;avgtp
S? avgwd;AVG WatchDog
S? cpuz132;cpuz132
S? DigiNet;Digidesign Ethernet Support
S? GfExperienceService;NVIDIA GeForce Experience Service
S? hidkmdf;KMDF Driver
S? IAStorDataMgrSvc;Intel(R) Rapid Storage Technology
S? IOCBIOS;IOCBIOS
S? ioloSystemService;iolo System Service
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver
S? LGVirHid;Logitech Gamepanel Virtual HID Device Driver
S? MacDrive8ServiceD;MacDrive 8 service for Digidesign
S? MDFSYSNT;MacDrive file system driver
S? MDPMGRNT;MacDrive Partition Driver
S? NvNetworkService;NVIDIA Network Service
S? nvoclk64;NVIDIA Enthusiasts Platform KDM
S? NvStreamKms;NvStreamKms
S? NvStreamSvc;NVIDIA Streamer Service
S? nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
S? PasswordBox;PasswordBox
S? PDFsFilter;PDFsFilter
S? PxHlpa64;PxHlpa64
S? RawDisk3;RawDisk3
S? RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service
S? RealPlayer Cloud Service;RealPlayer Cloud Service
S? RealPlayerUpdateSvc;RealPlayer Update Service
S? rtsuvc;USB2.0 1080p UVC Camera
S? RzDxgk;RzDxgk
S? RzFilter;RzFilter
S? RzOvlMon;Razer Overlay Subsystem Emergency Service
S? RzSynapse;Razer Driver
S? Stereo Service;NVIDIA Stereoscopic 3D Driver Service
S? vToolbarUpdater3.2.0;vToolbarUpdater3.2.0
S? WacHidRouter;Wacom Hid Router
S? wacomrouterfilter;Wacom Router Filter Driver
S? WTabletServicePro;Wacom Professional Service
.
=============== File Associations ===============
.
FileExt: .cmd: cmdfile=NOTEPAD.EXE %1
FileExt: .vbe: VBEFile=NOTEPAD.EXE %1
FileExt: .vbs: VBSFile=NOTEPAD.EXE %1
FileExt: .js: JSFile=NOTEPAD.EXE %1
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2015-01-29 15:59:21 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0C7E058B-7004-4B05-ACC8-9BA502543190}\mpengine.dll
2015-01-24 18:06:18 -------- d-----w- C:\Program Files (x86)\Overwolf
2015-01-24 18:06:18 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2015-01-24 18:06:08 -------- d-----w- C:\ProgramData\Overwolf
2015-01-24 18:05:50 -------- d-----w- C:\Users\Administrator.ALIENBORN\AppData\Local\Overwolf
2015-01-24 18:05:46 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2015-01-24 01:54:26 2155152 ----a-w- C:\Windows\System32\Incinerator64.dll
2015-01-24 01:54:26 2097984 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2015-01-24 01:54:22 82160 ----a-w- C:\Windows\System32\drivers\PDFsFilter.sys
2015-01-24 01:54:22 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2015-01-24 01:54:22 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2015-01-24 01:54:21 -------- d-----w- C:\Users\Administrator.ALIENBORN\AppData\Roaming\ioloGovernor
2015-01-24 01:54:21 -------- d-----w- C:\ProgramData\ioloGovernor
2015-01-24 01:54:20 69000 ----a-w- C:\Windows\System32\offreg.dll
2015-01-24 01:54:20 56200 ----a-w- C:\Windows\SysWow64\offreg.dll
2015-01-24 01:54:18 -------- d-----w- C:\Program Files (x86)\iolo
2015-01-24 01:49:59 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat
2015-01-24 01:47:51 -------- d-----w- C:\Users\Administrator.ALIENBORN\AppData\Roaming\iolo
2015-01-23 21:06:21 806400 ----a-w- C:\MicrosoftFixit50692.msi
2015-01-23 20:35:04 32912 ----a-w- C:\Windows\System32\drivers\rawdsk3.sys
2015-01-23 20:35:02 -------- d-----w- C:\logs
2015-01-21 17:25:15 -------- d-----w- C:\Users\Administrator.ALIENBORN\AppData\Local\NVIDIA
2015-01-21 17:25:13 2824504 ----a-w- C:\Windows\System32\nvspcap64.dll
2015-01-21 17:25:13 2210040 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2015-01-21 17:25:13 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2015-01-21 17:25:13 1291464 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2015-01-21 17:24:23 620176 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2015-01-21 17:24:00 935240 ----a-w- C:\Windows\System32\nvvsvc.exe
2015-01-21 17:24:00 6859408 ----a-w- C:\Windows\System32\nvcpl.dll
2015-01-21 17:24:00 62608 ----a-w- C:\Windows\System32\nvshext.dll
2015-01-21 17:24:00 4151176 ----a-w- C:\Windows\System32\nvcoproc.bin
2015-01-21 17:24:00 386368 ----a-w- C:\Windows\System32\nvmctray.dll
2015-01-21 17:24:00 3513488 ----a-w- C:\Windows\System32\nvsvc64.dll
2015-01-21 17:24:00 2558608 ----a-w- C:\Windows\System32\nvsvcr.dll
2015-01-21 17:23:50 74056 ----a-w- C:\Windows\System32\OpenCL.dll
2015-01-21 17:23:50 60560 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2015-01-17 17:53:22 210432 ----a-w- C:\Windows\System32\profsvc.dll
2015-01-17 17:53:21 303616 ----a-w- C:\Windows\System32\nlasvc.dll
2015-01-17 17:53:20 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2015-01-17 17:53:19 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2015-01-17 17:53:18 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2015-01-17 17:52:56 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2015-01-17 17:52:50 5553592 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-01-17 17:52:49 3971512 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-01-17 17:52:49 3916728 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-01-17 17:52:47 503808 ----a-w- C:\Windows\System32\srcore.dll
2015-01-17 17:52:45 50176 ----a-w- C:\Windows\System32\srclient.dll
2015-01-17 17:52:45 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-01-17 17:52:45 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-01-03 00:33:15 -------- d-----w- C:\Program Files (x86)\MyPhoneExplorer - Copy
.
==================== Find3M ====================
.
2015-01-30 23:00:15 49536 ----a-w- C:\Windows\SysWow64\agremove.exe
2015-01-30 22:59:44 17920 ----a-w- C:\Windows\System32\rpcnetp.exe
2015-01-27 04:34:58 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-27 04:34:58 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-01-08 17:55:52 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-24 21:59:39 448512 ----a-w- C:\Windows\System32\html.iec
2014-11-24 21:53:14 2339840 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-24 21:47:12 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-11-24 21:45:49 1494016 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-24 21:44:58 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-24 21:44:55 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-24 21:43:44 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-24 21:43:33 12800 ----a-w- C:\Windows\System32\mshta.exe
2014-11-24 20:44:32 367104 ----a-w- C:\Windows\SysWow64\html.iec
2014-11-24 20:40:49 1810944 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-24 20:35:25 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-24 20:34:40 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-24 20:33:56 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-24 20:33:47 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-24 20:32:47 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2014-11-24 20:32:36 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 10:46:30 38032 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-11-22 10:46:30 35472 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-11-22 10:46:30 32400 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-11-17 16:21:45 5632 ----a-w- C:\Windows\SysWow64\ctrestrt.exe
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-11-04 18:49:47 1995544 ----a-w- C:\Windows\System32\Wacom_Tablet.dll
2014-11-04 18:49:47 1988888 ----a-w- C:\Windows\System32\Wacom_Touch_Tablet.dll
2014-11-04 18:49:47 1863448 ----a-w- C:\Windows\System32\Wintab32.dll
2014-11-04 18:49:46 2029336 ----a-w- C:\Windows\System32\WacomMT.dll
2014-11-04 18:49:45 1497368 ----a-w- C:\Windows\SysWow64\Wintab32.dll
2014-11-04 18:49:44 1626392 ----a-w- C:\Windows\SysWow64\WacomMT.dll
2014-11-04 18:49:44 1617176 ----a-w- C:\Windows\SysWow64\Wacom_Tablet.dll
2014-11-04 18:49:44 1610008 ----a-w- C:\Windows\SysWow64\Wacom_Touch_Tablet.dll
2012-11-05 04:27:20 318512128 ----a-w- C:\Program Files (x86)\aliens-vs-predator.msi
.
============= FINISH: 15:53:45.10 ===============
 

Attachments

See less See more
#2 ·
Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

If there are any personal files, pics, etc. on your computer you cannot live without, back them up now just as a precaution.

Emergency Backup Procedure - Tech Support Forum

Also, if you haven't done so already, create a system repair disc. It's really easy and quick.

Create a system repair disc

------------------------------------------------------

CCleaner
iolo technologies System Mechanic


We do not recommend the use of registry cleaners, or the registry cleaner feature of CCleaner. Our colleague miekiemoes has an excellent writeup here

We suggest uninstalling iolo technologies System Mechanic via Programs and Features in your Control Panel.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Do NOT click the green 'Download' button(if visible).
  • Click the blue 'Download now @bleepingcomputer' button.
  • Run AdwCleaner and select Scan
  • Once the Scan is done, select Clean
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[S#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download ComboFix and Save it to your Desktop.

**Note: It is important that it is saved directly to your desktop**

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Double-click ComboFix.exe and follow the prompts to run it.

Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.

When finished, it shall produce a log for you. Please post that log, C:\ComboFix.txt, in your next reply.

Please re-enable your antivirus before posting the ComboFix.txt log.

Note: If you get an 'Illegal operation attempted on a Registry key which has been marked for deletion' error message, please open Task Manager and 'End Process' on explorer.exe

Next, go File > New Task(Run...) and type explorer then press 'Enter'.

------------------------------------------------------
 
#3 ·
Here's the info you asked for. AVG came up again during the cpmbofix scan, I closed out of it and rescaned.



AdwCleaner:

# AdwCleaner v4.109 - Report created 02/02/2015 at 15:11:10
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.3 [Local]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Administrator - ALIENBORN
# Running from : C:\Users\Administrator.ALIENBORN\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater3.2.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\DriverCure
Folder Deleted : C:\ProgramData\Media Get LLC
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\eSupport.com
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files (x86)\PANDORA.TV
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Windows\System32\ljkb
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

***** [ Scheduled Tasks ] *****

Task Deleted : Express FilesUpdate
Task Deleted : RegClean Pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{97F6702C-FC09-4C1D-8A21-087BA2857AE8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AAEB64B0-6B60-4602-A858-A801F24B380A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ExpressFiles
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\XTRM Group Ltd.
Key Deleted : HKLM\SOFTWARE\Clara
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16421

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Restore]

-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v40.0.2214.93


*************************

AdwCleaner[R0].txt - [18417 octets] - [02/02/2015 15:09:24]
AdwCleaner[S0].txt - [17412 octets] - [02/02/2015 15:11:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17473 octets] ##########




Combo fix:


ComboFix 15-02-02.01 - Administrator 02/02/2015 16:16:16.2.8 - x64
Running from: c:\users\Administrator.ALIENBORN\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\install.exe
c:\users\Administrator.ALIENBORN\AppData\Roaming\.#
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\(2)(2).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\(2).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\(3).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\(4).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\(5).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\10.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\11.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\12.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\5.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\6.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\7.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\8.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\9.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx(2)(2).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx(2).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx.ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\m.mp4.ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\TDKR_TRL1_480.mov.ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2)
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(3)
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(4)
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(5)
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_592.divx
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\m.mp4
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\TDKR_TRL1_480.mov
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\videoplayback
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\videoplayback(2)(2).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\videoplayback(2).ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Local\Temp\DDM\Settings\videoplayback.ddr
c:\users\Administrator.ALIENBORN\AppData\Roaming\Mozilla\Firefox\Profiles\346liror.default\searchplugins\bing-zugo.xml
c:\users\Administrator.ALIENBORN\GoToAssistDownloadHelper.exe
c:\windows\msdownld.tmp
c:\windows\SysWOW64mfc45.dll
C:\Windows6.1-KB975778-x64.msu
.
.
((((((((((((((((((((((((( Files Created from 2015-01-03 to 2015-02-03 )))))))))))))))))))))))))))))))
.
.
2015-02-03 00:34 . 2015-02-03 00:34 -------- d-----w- c:\users\UpdatusUser.ALIENBORN\AppData\Local\temp
2015-02-03 00:34 . 2015-02-03 00:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-02 23:08 . 2015-02-02 23:11 -------- d-----w- C:\AdwCleaner
2015-02-01 17:12 . 2015-02-01 17:12 -------- d-----w- c:\users\Public\Pixologic
2015-01-31 16:02 . 2015-01-31 16:39 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-31 16:02 . 2015-01-31 16:02 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-31 16:02 . 2014-11-21 14:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-31 16:02 . 2014-11-21 14:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-31 16:02 . 2014-11-21 14:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-24 18:06 . 2015-01-26 00:06 -------- d-----w- c:\program files (x86)\Overwolf
2015-01-24 18:06 . 2015-01-25 18:06 -------- d-----w- c:\program files (x86)\Common Files\Overwolf
2015-01-24 18:06 . 2015-01-24 18:25 -------- d-----w- c:\programdata\Overwolf
2015-01-24 18:05 . 2015-01-24 18:29 -------- d-----w- c:\users\Administrator.ALIENBORN\AppData\Local\Overwolf
2015-01-24 18:05 . 2015-01-24 18:05 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2015-01-24 01:54 . 2014-08-13 07:41 2155152 ----a-w- c:\windows\system32\Incinerator64.dll
2015-01-24 01:54 . 2014-08-13 07:57 57584 ----a-w- c:\windows\system32\iolobtdfg.exe
2015-01-24 01:54 . 2014-08-13 07:57 26184 ----a-w- c:\windows\system32\smrgdf.exe
2015-01-24 01:54 . 2014-08-13 07:35 82160 ----a-w- c:\windows\system32\drivers\PDFsFilter.sys
2015-01-24 01:54 . 2015-01-24 01:54 -------- d-----w- c:\programdata\ioloGovernor
2015-01-24 01:54 . 2014-08-13 07:35 69000 ----a-w- c:\windows\system32\offreg.dll
2015-01-24 01:54 . 2015-01-24 01:54 -------- d-----w- c:\program files (x86)\iolo
2015-01-24 01:47 . 2015-01-24 02:02 -------- d-----w- c:\users\Administrator.ALIENBORN\AppData\Roaming\iolo
2015-01-23 21:06 . 2015-01-23 20:56 806400 ----a-w- C:\MicrosoftFixit50692.msi
2015-01-23 20:35 . 2014-08-13 07:38 32912 ----a-w- c:\windows\system32\drivers\rawdsk3.sys
2015-01-23 20:35 . 2015-01-24 22:43 -------- d-----w- C:\logs
2015-01-21 17:25 . 2015-01-21 17:29 -------- d-----w- c:\users\Administrator.ALIENBORN\AppData\Local\NVIDIA
2015-01-21 17:25 . 2014-12-13 00:11 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2015-01-21 17:25 . 2014-12-13 00:11 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-01-21 17:24 . 2015-01-21 17:24 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2015-01-21 17:24 . 2014-12-13 08:03 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2015-01-21 17:24 . 2014-12-13 08:03 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2015-01-21 17:24 . 2014-12-13 08:03 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2015-01-21 17:24 . 2014-12-13 08:03 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-01-21 17:24 . 2014-12-13 08:03 386368 ----a-w- c:\windows\system32\nvmctray.dll
2015-01-21 17:24 . 2014-12-13 08:03 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-01-21 17:24 . 2014-12-12 23:11 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2015-01-21 17:23 . 2014-12-13 10:08 74056 ----a-w- c:\windows\system32\OpenCL.dll
2015-01-17 17:53 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-01-17 17:53 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-17 17:53 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-17 17:52 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-17 17:52 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-17 17:52 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
2015-01-17 17:52 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
2015-01-17 17:52 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-03 00:37 . 2015-02-03 00:37 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2015-02-03 00:36 . 2015-02-03 00:36 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2015-02-03 00:36 . 2013-07-05 15:08 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2015-02-02 23:15 . 2013-05-27 16:14 49536 ----a-w- c:\windows\SysWow64\agremove.exe
2015-01-27 04:34 . 2012-04-04 02:06 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-27 04:34 . 2011-05-22 06:27 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-24 01:49 . 2015-01-24 01:49 74703 ----a-w- c:\windows\SysWow64\mfc45.dat
2015-01-08 17:55 . 2010-12-06 17:58 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 10:08 . 2015-01-21 17:23 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-12-13 10:08 . 2015-01-21 17:21 928072 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-12-13 10:08 . 2015-01-21 17:21 906560 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-12-13 10:08 . 2015-01-21 17:21 876976 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-12-13 10:08 . 2015-01-21 17:21 399688 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-12-13 10:08 . 2015-01-21 17:21 346944 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-12-13 10:08 . 2015-01-21 17:21 3248968 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-12-13 10:08 . 2015-01-21 17:21 306328 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-12-13 10:08 . 2015-01-21 17:21 2897824 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-12-13 10:08 . 2015-01-21 17:21 24764232 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-12-13 10:08 . 2015-01-21 17:21 20465808 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-12-13 10:08 . 2015-01-21 17:21 165760 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-12-13 10:08 . 2015-01-21 17:21 16040184 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-12-13 10:08 . 2015-01-21 17:21 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-13 10:08 . 2015-01-21 17:21 10770120 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-12-13 10:08 . 2015-01-21 17:21 10710160 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-12-13 00:47 . 2015-01-21 17:24 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-13 00:11 . 2015-01-21 17:25 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:11 . 2015-01-21 17:25 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-12-12 05:11 . 2015-01-17 17:52 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-12-12 05:11 . 2015-01-17 17:52 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-12-12 05:07 . 2015-01-17 17:52 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2014-12-06 03:50 . 2015-01-17 17:53 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-17 17:53 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2014-12-04 02:50 . 2014-12-13 00:35 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-13 00:35 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-13 00:35 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-13 00:35 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-13 00:35 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-13 00:35 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-13 00:35 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-13 00:35 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-24 22:12 . 2014-12-13 00:35 17874432 ----a-w- c:\windows\system32\mshtml.dll
2014-11-24 21:59 . 2014-12-13 00:35 448512 ----a-w- c:\windows\system32\html.iec
2014-11-24 21:54 . 2014-12-13 00:35 10921984 ----a-w- c:\windows\system32\ieframe.dll
2014-11-24 21:53 . 2014-12-13 00:35 2339840 ----a-w- c:\windows\system32\jscript9.dll
2014-11-24 21:47 . 2014-12-13 00:35 1388032 ----a-w- c:\windows\system32\urlmon.dll
2014-11-24 21:47 . 2014-12-13 00:35 1392128 ----a-w- c:\windows\system32\wininet.dll
2014-11-24 21:45 . 2014-12-13 00:35 1494016 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-24 21:45 . 2014-12-13 00:35 237056 ----a-w- c:\windows\system32\url.dll
2014-11-24 21:45 . 2014-12-13 00:35 86016 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-24 21:44 . 2014-12-13 00:35 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-24 21:44 . 2014-12-13 00:35 599040 ----a-w- c:\windows\system32\vbscript.dll
2014-11-24 21:44 . 2014-12-13 00:35 2157056 ----a-w- c:\windows\system32\iertutil.dll
2014-11-24 21:44 . 2014-12-13 00:35 816640 ----a-w- c:\windows\system32\jscript.dll
2014-11-24 21:44 . 2014-12-13 00:35 729088 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-24 21:44 . 2014-12-13 00:35 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-24 21:44 . 2014-12-13 00:35 282112 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-24 21:44 . 2014-12-13 00:35 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-11-24 21:44 . 2014-12-13 00:35 11264 ----a-w- c:\windows\system32\msfeedssync.exe
2014-11-24 21:43 . 2014-12-13 00:35 96768 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-24 21:43 . 2014-12-13 00:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-24 21:43 . 2014-12-13 00:35 12800 ----a-w- c:\windows\system32\mshta.exe
2014-11-24 21:42 . 2014-12-13 00:35 248320 ----a-w- c:\windows\system32\ieui.dll
2014-11-24 20:44 . 2014-12-13 00:35 367104 ----a-w- c:\windows\SysWow64\html.iec
2014-11-24 20:40 . 2014-12-13 00:35 1810944 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-24 20:35 . 2014-12-13 00:35 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-24 20:34 . 2014-12-13 00:35 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-24 20:33 . 2014-12-13 00:35 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-11-24 20:33 . 2014-12-13 00:35 421376 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-24 20:32 . 2014-12-13 00:35 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2014-11-24 20:32 . 2014-12-13 00:35 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 10:46 . 2015-01-21 17:21 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-11-17 16:21 . 2014-02-04 18:59 5632 ----a-w- c:\windows\SysWow64\ctrestrt.exe
2014-11-11 03:09 . 2014-12-13 00:35 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-21 17:19 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-21 17:19 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-13 00:35 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-21 17:19 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-21 17:19 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-13 00:35 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-13 00:35 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-13 00:35 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-05 04:27 . 2012-11-05 00:48 318512128 ----a-w- c:\program files (x86)\aliens-vs-predator.msi
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Razer Naga Driver"="c:\program files (x86)\Razer\Naga\RazerNagaSysTray.exe" [2011-02-17 953744]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"TkBellExe"="c:\program files (x86)\Real\realplayer\update\realsched.exe" [2014-07-11 296520]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-08-25 5188112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 0 (0x0)
"NoNetConnectDisconnect"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2010-06-07 22:10 534832 ----a-w- c:\progra~2\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files (x86)\Real\realplayer\update\realsched.exe" -osboot
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R0 mfewfpk;McAfee Inc. mfewfpk; [x]
R1 ElRawDisk;ElRawDisk; [x]
R1 mfenlfk;McAfee NDIS Light Filter; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 mfevtp;McAfee Validation Trust Protection Service; [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 cfwids;McAfee Inc. cfwids; [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 cpuz134;cpuz134;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 cpuz137;cpuz137;c:\program files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mfefirek;McAfee Inc. mfefirek; [x]
R3 mferkdet;McAfee Inc. mferkdet; [x]
R3 mio;Master IO Filter Driver;c:\windows\system32\DRIVERS\mio.sys;c:\windows\SYSNATIVE\DRIVERS\mio.sys [x]
R3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS;c:\windows\SYSNATIVE\Drivers\PROCEXP151.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
R4 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BPowMon\BPowMon.exe;c:\program files\Broadcom\BPowMon\BPowMon.exe [x]
R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R4 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R4 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NlsSrv32.exe;c:\windows\SYSNATIVE\NlsSrv32.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 MDFSYSNT;MacDrive file system driver; [x]
S0 MDPMGRNT;MacDrive Partition Driver;c:\windows\system32\DRIVERS\MDPMGRNT.SYS;c:\windows\SYSNATIVE\DRIVERS\MDPMGRNT.SYS [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 rpcnetp;rpcnetp;rpcnetp [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 RawDisk3;RawDisk3;c:\windows\system32\drivers\rawdsk3.sys;c:\windows\SYSNATIVE\drivers\rawdsk3.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys;c:\windows\SYSNATIVE\DRIVERS\diginet.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IOCBIOS;IOCBIOS;c:\programdata\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys;c:\programdata\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [x]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [x]
S2 MacDrive8ServiceD;MacDrive 8 service for Digidesign;c:\program files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe;c:\program files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PasswordBox;PasswordBox;c:\program files (x86)\PasswordBox\pbbtnService.exe;c:\program files (x86)\PasswordBox\pbbtnService.exe [x]
S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys;c:\windows\SYSNATIVE\DRIVERS\PDFsFilter.sys [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [x]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys;c:\windows\SYSNATIVE\DRIVERS\nvoclk64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-27 04:06 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 04:34]
.
2015-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf13f0aff7abd2.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-19 17:46]
.
2015-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf13f0b018c8df.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-19 17:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Thermal Controller"="c:\program files\Alienware\Command Center\ThermalController.exe" [2010-11-05 170936]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-04-22 130576]
"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-11-05 69584]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-04-15 10396440]
"MacDrive 8 application for Digidesign"="c:\program files\Mediafour\MacDrive 8\MacDriveD.exe" [2010-06-02 228864]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2011-01-20 464744]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mSearchAssistant =
Trusted Zone: dell.com
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Administrator.ALIENBORN\AppData\Roaming\Mozilla\Firefox\Profiles\346liror.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-MacDrive volume icons - (no file)
AddRemove-DriverAgent_is1 - c:\program files (x86)\eSupport.com\driveragent\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{5570F0A0-580C-4C69-808F-8B2AAA2AA93C}"=hex:51,66,7a,6c,4c,1d,3b,1b,b0,ed,64,
4d,3e,09,07,04,94,86,cc,6a,a3,61,e8,25
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,3b,1b,05,a4,ed,
28,67,e6,48,00,96,02,4f,bb,af,f6,65,84
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,15,cb,
00,9f,b9,ed,0a,b1,9f,bd,17,85,65,fc,da
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,3b,1b,f9,de,5d,
28,53,e5,ab,03,9c,79,0b,49,1d,2a,d3,d3
"{7e8a1050-cf67-4575-92df-dcc60e7d952d}"=hex:51,66,7a,6c,4c,1d,3b,1b,40,0d,9e,
66,55,9e,1b,0d,86,d6,9b,86,07,36,d4,34
"{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,8a,18,
a2,3b,88,d8,01,bb,eb,cc,9e,2d,16,86,ff
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:e7,b7,91,7f,40,ff,ce,01
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b6,91,ef,34,a2,66,05,4a,a6,e1,d8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f1,c3,fa,f0,79,57,a1,49,a8,a3,33,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b6,91,ef,34,a2,66,05,4a,a6,e1,d8,\
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PhotoshopElementsEditor.exe"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Wordview.Document.8"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BoBrowsHTM.5K66P7K44G6FVUL5M4VYBGO52E"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BoBrowsHTM.5K66P7K44G6FVUL5M4VYBGO52E"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PBrush"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\maya.exe"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\msiexec.exe"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BoBrowsHTM.5K66P7K44G6FVUL5M4VYBGO52E"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rar\UserChoice]
@Denied: (2) (Administrator)
"Progid"="rar_auto_file"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (Administrator)
"Progid"="QuickTime.tga"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdseml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\7zFM.exe"
.
[HKEY_USERS\S-1-5-21-3615215825-984579872-2441764285-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35F296D5-F788-E003-B37C-E2451F58FE32}*]
"jajpbdacceifgpcicjda"=hex:62,61,65,6a,00,00
"iajamhiflfohogonhd"=hex:6b,61,63,6a,65,6a,70,6f,6d,70,6e,6e,69,67,69,6c,6c,6b,
69,69,6d,6c,00,00
"happfaongnecebhe"=hex:6b,61,63,6a,62,6a,64,69,63,64,6b,6d,6c,64,63,67,6e,6a,
61,62,6c,6a,00,00
"jajpbdacceifgpcicjpa"=hex:62,61,65,6a,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\321519DC6CD473D47B9CB9A3D015BEA9\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="nppdf32.dll_Apollo"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="10070"
"SharedComponent"="0"
"IsFullFile"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\3441BFA836FB1C34BA6C144E93FBBA96\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="AcroPDF.dll"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="30288"
"PatchAttributes"="0"
"PatchSequence"="10076"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\34865792D36728C42B48B728231F7227\C73EFD71E4604384DAF84A2B4BFD868F]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="adobeupdaterinstallm.F0203B4A_EF61_47AC_8568_383B889FF114"
"ComponentVersion"="6.2.0.1474"
"ProductVersion"="8.0.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\36AF20128E89D6F4A920F2A4636AC354\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="Ace.dll_NON_OPT"
"ComponentVersion"="2.17.5.1"
"ProductVersion"="9.4.0"
"PatchSize"="59591"
"PatchAttributes"="0"
"PatchSequence"="10078"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\438256CEC1FA32847B45768EE56D453C\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="acrotextextractor.exe"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="535"
"PatchAttributes"="0"
"PatchSequence"="10080"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\4BBDDEE59EF5395479E0F98DF8FE7B4E\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="ADMPlugin.apl"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="155642"
"PatchAttributes"="0"
"PatchSequence"="10083"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\6F949E36CB3004C50AF18C3B9B1A1EE8\00002109020090400000000000F01FEC]
@DACL=(02 0000)
"PatchGUID"="{BD7F3C7C-62CB-4942-8D73-52622C0C40A4}"
"MediaCabinet"="PATCH_CAB"
"File"="ul_manifest.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E"
"ComponentVersion"=""
"ProductVersion"="12.0.6514"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="10015"
"SharedComponent"="0"
"IsFullFile"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\6F949E36CB3004C50AF18C3B9B1A1EE8\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_manifest.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E"
"ComponentVersion"=""
"ProductVersion"="9.4.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\6F949E36CB3004C50AF18C3B9B1A1EE8\91785D291CBB3CC40AB8659C8E48CCC2]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_manifest.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E"
"ComponentVersion"=""
"ProductVersion"="8.0.50727"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\7A11E946102B22241B413AE2EEBAB671\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="JP2KLib.dll"
"ComponentVersion"="2.0.0.4674"
"ProductVersion"="9.4.0"
"PatchSize"="41609"
"PatchAttributes"="0"
"PatchSequence"="10081"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\8BA0896E5F9859447919FF72C7BFF616\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="readerupdater.exe"
"ComponentVersion"="1.5.5.0"
"ProductVersion"="9.4.0"
"PatchSize"="36179"
"PatchAttributes"="0"
"PatchSequence"="10075"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\9579C59FFA3114E44AB6BD2D1806D835\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="AcroRd32.exe"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="1984"
"PatchAttributes"="0"
"PatchSequence"="10079"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\99A6DAE1043137645977AA29BBF9CCAF\68AB67CA7DA746454382090000000040]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="AdobeLinguistic.dll"
"ComponentVersion"="3.2.0.7362"
"ProductVersion"="9.0.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\A1BF16734F09DF24787B7AE363E01A86\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="adobearm.exe"
"ComponentVersion"="1.5.5.0"
"ProductVersion"="9.4.0"
"PatchSize"="89432"
"PatchAttributes"="0"
"PatchSequence"="10073"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\B31492ABDE5EA584CA42E924A1EDC230\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="CoolType.dll_NON_OPT"
"ComponentVersion"="5.5.79.1"
"ProductVersion"="9.4.0"
"PatchSize"="200295"
"PatchAttributes"="0"
"PatchSequence"="10067"
"SharedComponent"="0"
"IsFullFile"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\BFBC5C8C7FF632D43BEFE50028D06EFA\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000942}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="AGM.dll"
"ComponentVersion"="4.18.92.1"
"ProductVersion"="9.4.0"
"PatchSize"="487236"
"PatchAttributes"="0"
"PatchSequence"="10015"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\C37BC61A283EBF941A5A3A136A36263F\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="nppdf32.dll"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="10068"
"SharedComponent"="0"
"IsFullFile"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\C3C19C1FA44616F44BB254F47F629665\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="reader_sl.exe"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="1428"
"PatchAttributes"="0"
"PatchSequence"="10082"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\CB02577932EA91E49AAD2062AF1DD2A3\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="acrobatupdater.exe"
"ComponentVersion"="1.5.5.0"
"ProductVersion"="9.4.0"
"PatchSize"="36111"
"PatchAttributes"="0"
"PatchSequence"="10072"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\CC275594575BF0943AAEA81F6079425E\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000942}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="AcroRd32Info.exe"
"ComponentVersion"="9.4.2.220"
"ProductVersion"="9.4.0"
"PatchSize"="1728"
"PatchAttributes"="0"
"PatchSequence"="10013"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\D6D5120B2BE8BE64EB95103A52283D2E\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="a3dutility.exe"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="644"
"PatchAttributes"="0"
"PatchSequence"="10077"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\DA42BC89BF25F5BD0AF18C3B9B1A1EE8\00002109020090400000000000F01FEC]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E"
"ComponentVersion"="8.0.50727.762"
"ProductVersion"="12.0.6514"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\DA42BC89BF25F5BD0AF18C3B9B1A1EE8\47D9F3A608BB1544C81AB4A358F73195]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E"
"ComponentVersion"="8.0.50727.4053"
"ProductVersion"="2.0.1"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\DA42BC89BF25F5BD0AF18C3B9B1A1EE8\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E"
"ComponentVersion"="8.0.50727.762"
"ProductVersion"="9.4.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\DA42BC89BF25F5BD0AF18C3B9B1A1EE8\6B55C98BFD6DB51489DC6EDA04A45D5C]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E"
"ComponentVersion"="8.0.50727.762"
"ProductVersion"="2011.0.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\DA42BC89BF25F5BD0AF18C3B9B1A1EE8\90209AFBFFA76BD4E8B45E375057A17D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E"
"ComponentVersion"="8.0.50727.762"
"ProductVersion"="1.0.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\DA42BC89BF25F5BD0AF18C3B9B1A1EE8\91785D291CBB3CC40AB8659C8E48CCC2]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E"
"ComponentVersion"="8.0.50727.4053"
"ProductVersion"="8.0.50727"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\DA42BC89BF25F5BD0AF18C3B9B1A1EE8\952D7EE5731D8344A9F5244F23CE4012]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E"
"ComponentVersion"="8.0.50727.4053"
"ProductVersion"="1.1.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\DA42BC89BF25F5BD0AF18C3B9B1A1EE8\C73EFD71E4604384DAF84A2B4BFD868F]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E"
"ComponentVersion"="8.0.50727.762"
"ProductVersion"="8.0.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\E3FC65AB64CE51E4A99DF582E4B1CEAB\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="AcroRd32.dll"
"ComponentVersion"="9.4.5.236"
"ProductVersion"="9.4.0"
"PatchSize"="2369493"
"PatchAttributes"="0"
"PatchSequence"="10069"
"SharedComponent"="0"
"IsFullFile"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\E862F874AB149324190BDE000229BE89\68AB67CA7DA73301B7449A0400000010]
@DACL=(02 0000)
"PatchGUID"="{AC76BA86-7AD7-0000-2550-7A8C40000945}"
"MediaCabinet"="PCW_CAB_RDR"
"File"="adobeextractfiles.dll"
"ComponentVersion"="1.5.5.0"
"ProductVersion"="9.4.0"
"PatchSize"="559"
"PatchAttributes"="0"
"PatchSequence"="10074"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\EA2137F8571F70C4CA0806AD4B51D9A7\C73EFD71E4604384DAF84A2B4BFD868F]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="adobe_updater.exe.F0203B4A_EF61_47AC_8568_383B889FF114"
"ComponentVersion"="6.2.0.1474"
"ProductVersion"="8.0.0"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\System32\rpcnetp.exe
c:\program files\Tablet\Wacom\WacomHost.exe
.
**************************************************************************
.
Completion time: 2015-02-02 16:52:26 - machine was rebooted
ComboFix-quarantined-files.txt 2015-02-03 00:52
.
Pre-Run: 68,336,545,792 bytes free
Post-Run: 68,228,567,040 bytes free
.
- - End Of File - - 9EAF9D6E63F92D5D549F0C09F9BB0CFD



Thx,
Dave
 
#6 ·
Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

IMPORTANT - Read This Before Posting For Malware Removal Help

------------------------------------------------------
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top