Combo Fix

ComboFix 13-12-01.01 - Alex 01/12/2013 19:49:36.2.
4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.4030.1931 [GMT 0:0
0]
Running from: c:\users\Alex\Desktop\projects\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB16E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765
193BCB75F}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D2
3E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-11-01 to 2013-12-01 )))))))
))))))))))))))))))))))))
.
.
2013-12-01 19:59 . 2013-12-01 19:59
-------d-----wc:\users
\Default\AppData\Local\temp
2013-12-01 19:52 . 2013-11-08 03:12
10285968
----a-wc:\progr
amdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F008DBA-1DBB-4856-89
AC-044086CFEF12}\mpengine.dll
2013-11-17 16:40 . 2013-11-17 16:39
965000 ------wc:\programdata\M
icrosoft\Microsoft Antimalware\Definition Updates\{62B7C576-4CE1-486A-8A7B-F0748
175C51A}\gapaengine.dll
2013-11-17 16:40 . 2012-07-25 15:22
927800 ------wc:\programdata\M
icrosoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-11-17 16:40 . 2013-10-14 07:12
10280728
----a-wc:\progr
amdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-15 22:08 . 2013-11-15 22:08
-------d-----wc:\users
\Alex\AppData\Local\CrashDumps
2013-11-15 17:37 . 2013-11-15 17:35
39976 ----a-wc:\windows\syste
m32\drivers\btwl2cap.sys
2013-11-15 17:37 . 2013-11-15 17:35
m32\drivers\btwrchid.sys
2013-11-15 17:37 . 2013-11-15 17:35
m32\drivers\btwavdt.sys
2013-11-15 17:37 . 2013-11-15 17:35
m32\drivers\btwaudio.sys
2013-11-13 11:18 . 2013-10-05 20:25
m32\crypt32.dll
2013-11-12 13:56 . 2013-11-12 13:56
-------d-----wc:\progr
amdata\Oracle
2013-11-12 13:55 . 2013-11-12 13:55
96168 ----a-wc:\windows\SysWo
w64\WindowsAccessBridge-32.dll
2013-11-09 13:28 . 2013-11-09 13:29
-------d-----wc:\progr
am files (x86)\Code Laboratories
2013-11-05 17:40 . 2013-11-11 18:08
-------d-----wc:\users
\Alex\AppData\Roaming\codeblocks
2013-11-05 16:58 . 2013-11-05 17:00
-------d-----wc:\users
\Alex\AppData\Roaming\Processing
2013-11-02 10:23 . 2012-07-11 05:26
w64\xvidcore.dll
2013-11-02 10:23 . 2012-07-11 05:26
w64\xvidvfw.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
)))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2010-11-21 03:27
267936 ------wc:\windows\syste
m32\MpSigStub.exe
2013-11-14 13:07 . 2012-07-26 10:46
82896128
----a-wc:\windo
ws\system32\MRT.exe
2013-10-28 18:02 . 2013-10-28 18:02
m32\btwdi.dll
2013-10-28 18:02 . 2013-10-28 18:02
m32\BtwRSupportService.exe
2013-10-28 18:02 . 2013-10-28 18:02
m32\drivers\btwampfl.sys
2013-10-28 18:02 . 2013-10-28 18:02
m32\BcmBtRSupport.dll
2013-10-28 18:02 . 2013-10-28 18:02
m32\drivers\bcbtums.sys
2013-10-11 15:30 . 2013-10-11 15:30
m32\drivers\iaStor.sys
2013-10-11 15:21 . 2013-10-11 15:22
m32\drivers\AtihdW76.sys
2013-10-11 15:21 . 2013-10-11 15:22
m32\DelayAPO.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\OpenVideo64.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\OVDecode64.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\OVDecode.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\OpenVideo.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\coinst_12.104.2.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\clinfo.exe
2013-10-11 15:20 . 2013-10-11 15:22
w64\atiumdag.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\atiumdva.dll
2013-10-11 15:20 . 2013-10-11 15:22
19952640
----a-wc:\windo
ws\SysWow64\atioglxx.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\atitmm64.dll
2013-10-11 15:20 . 2013-10-11 15:22
24316928
----a-wc:\windo
ws\system32\atio6axx.dll
2013-10-11 15:20 . 2012-03-29 17:35
m32\atiumd6a.dll
2013-10-11 15:20 . 2012-03-29 17:20
m32\atiumd64.dll
2013-10-11 15:20 . 2012-03-29 17:07
m32\atiuxp64.dll
2013-10-11 15:20 . 2012-03-29 17:07
w64\atiuxpag.dll
2013-10-11 15:20 . 2012-03-29 17:07
m32\atiu9p64.dll
2013-10-11 15:20 . 2012-03-29 17:06
w64\atiu9pag.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\atimpc64.dll
2013-10-11 15:20 . 2013-10-11 15:22

m32\amdpcom64.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\atimpc32.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\amdpcom32.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\drivers\atikmpag.sys
2013-10-11 15:20 . 2013-10-11 15:22
m32\atimuixx.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\atiedu64.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\atieclxx.exe
2013-10-11 15:20 . 2013-10-11 15:22
m32\atig6txx.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\atigktxx.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\atiesrxx.exe
2013-10-11 15:20 . 2013-10-11 15:22
m32\atig6pxx.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\atiglpxx.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\atiglpxx.dll
2013-10-11 15:20 . 2013-10-11 15:22
ws\system32\drivers\atikmdag.sys
2013-10-11 15:20 . 2013-10-11 15:22
m32\atidemgy.dll
2013-10-11 15:20 . 2012-03-29 18:13
w64\aticfx32.dll
2013-10-11 15:20 . 2012-03-29 18:12
m32\aticfx64.dll
2013-10-11 15:20 . 2012-03-29 18:02
w64\atidxx32.dll
2013-10-11 15:20 . 2012-03-29 17:47
m32\atidxx64.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\aticalrt64.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\aticalrt.dll
2013-10-11 15:20 . 2013-10-11 15:22
ws\system32\aticaldd64.dll
2013-10-11 15:20 . 2013-10-11 15:22
ws\SysWow64\aticaldd.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\aticalcl64.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\aticalcl.dll
2013-10-11 15:20 . 2013-10-11 15:22
w64\atiadlxy.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\atiapfxx.exe
2013-10-11 15:20 . 2013-10-11 15:22
m32\atiadlxx.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\OpenCL.dll
2013-10-11 15:20 . 2013-10-11 15:22
m32\drivers\ati2erec.dll
78432
----a-w-
c:\windows\syste
71704
----a-w-
c:\windows\SysWo
71704
----a-w-
c:\windows\SysWo
581120 ----a-w-
c:\windows\syste
26112
----a-w-
c:\windows\syste
59392
----a-w-
c:\windows\syste
564736 ----a-w-
c:\windows\syste
44032
----a-w-
c:\windows\syste
34816
----a-w-
c:\windows\SysWo
241152 ----a-w-
c:\windows\syste
17920
----a-w-
c:\windows\syste
14848
----a-w-
c:\windows\SysWo
14848
----a-w-
c:\windows\syste
11664896
----a-w-
c:\windo
442368 ----a-w-
c:\windows\syste
970912 ----a-w-
c:\windows\SysWo
1155264 ----a-w-
c:\windows\syste
7233336 ----a-w-
c:\windows\SysWo
8272136 ----a-w-
c:\windows\syste
51200
----a-w-
c:\windows\syste
46080
----a-w-
c:\windows\SysWo
16082944
----a-w-
c:\windo
13703168
----a-w-
c:\windo
44544
----a-w-
c:\windows\syste
44032
----a-w-
c:\windows\SysWo
430080 ----a-w-
c:\windows\SysWo
163840 ----a-w-
c:\windows\syste
638464 ----a-w-
c:\windows\syste
54784
----a-w-
c:\windows\syste
53248
----a-w-
c:\windows\syste
2013-10-11 15:20 . 2013-10-11

w64\OpenCL.dll
2013-10-11 15:20 . 2013-10-11
w64\ati2edxx.dll
2013-10-11 15:20 . 2013-10-11
w64\amdocl_ld32.exe
2013-10-11 15:20 . 2013-10-11
m32\amdocl_as64.exe
2013-10-11 15:20 . 2013-10-11
m32\amdocl_ld64.exe
2013-10-11 15:20 . 2013-10-11
w64\amdocl_as32.exe
2013-10-11 15:20 . 2013-10-11
ws\system32\amdocl64.dll
2013-10-11 15:20 . 2013-10-11
ws\SysWow64\amdocl.dll
2013-10-11 14:56 . 2013-10-11
y64.exe
2013-10-11 14:56 . 2013-10-11
m32\staco64.dll
2013-10-11 14:56 . 2013-10-11
m32\stapi64.dll
2013-10-11 14:56 . 2013-10-11
m32\drivers\stwrt64.sys
2013-10-11 14:56 . 2013-10-11
m32\stlang64.dll
2013-10-11 14:56 . 2013-10-11
m32\stcplx64.dll
2013-10-11 14:56 . 2013-10-11
m32\suhlp64.exe
2013-10-11 14:56 . 2013-10-11
m32\stacsv64.exe
2013-10-11 14:56 . 2013-10-11
m32\stapo64.dll
2013-10-11 14:56 . 2013-10-11
m32\sttray64.exe
2013-10-11 14:56 . 2013-10-11
m32\slprop64.dll
2013-10-11 14:56 . 2013-10-11
m32\sluapo64.dll
2013-10-11 14:56 . 2013-10-11
m32\slmaxv64.dll
2013-10-11 14:56 . 2013-10-11
m32\slInit64.dll
2013-10-11 14:56 . 2013-10-11
m32\slviq64.dll
2013-10-11 14:56 . 2013-10-11
m32\slcshp64.dll
2013-10-11 14:56 . 2013-10-11
m32\slvipp64.dll
2013-10-11 14:56 . 2013-10-11
m32\slhlim64.dll
2013-10-11 14:56 . 2013-10-11
m32\slh36064.dll
2013-10-11 14:56 . 2013-10-11
m32\sltshd64.dll
2013-10-11 14:56 . 2013-10-11
m32\slcsii64.dll
2013-10-11 14:56 . 2013-10-11
m32\slgeq64.dll
15:22
50176
----a-w-
c:\windows\SysWo
15:22
43520
----a-w-
c:\windows\SysWo
15:22
798734 ----a-w-
c:\windows\SysWo
15:22
1187342 ----a-w-
c:\windows\syste
15:22
1061902 ----a-w-
c:\windows\syste
15:22
995342 ----a-w-
c:\windows\SysWo
15:22
29155328
----a-w-
c:\windo
15:22
23814656
----a-w-
c:\windo
14:58
1425408 ----a-w-
c:\windows\sttra
14:57
255488 ----a-w-
c:\windows\syste
14:57
655872 ------w-
c:\windows\syste
14:57
536576 ----a-w-
c:\windows\syste
14:57
4761600 ----a-w-
c:\windows\syste
14:57
450048 ----a-w-
c:\windows\syste
14:57
38400
----a-w-
c:\windows\syste
14:57
318464 ----a-w-
c:\windows\syste
14:57
1986048 ----a-w-
c:\windows\syste
14:57
1425408 ----a-w-
c:\windows\syste
14:57
577352 ----a-w-
c:\windows\syste
14:57
295240 ----a-w-
c:\windows\syste
14:57
245576 ----a-w-
c:\windows\syste
14:57
202056 ----a-w-
c:\windows\syste
14:57
182600 ----a-w-
c:\windows\syste
14:57
177992 ----a-w-
c:\windows\syste
14:57
169800 ----a-w-
c:\windows\syste
14:57
167752 ----a-w-
c:\windows\syste
14:57
155976 ----a-w-
c:\windows\syste
14:57
140104 ----a-w-
c:\windows\syste
14:57
139592 ----a-w-
c:\windows\syste
14:57
131912 ----a-w-
c:\windows\syste
2013-10-11 14:56 . 2013-10-11 14:57

m32\IDTPMA64.exe
2013-10-11 14:56 . 2013-10-11 14:57
m32\slcc3d64.dll
2013-10-11 14:56 . 2013-10-11 14:57
m32\Presets.bin
2013-10-11 14:56 . 2013-10-11 14:57
m32\IDTNHP.dll
2013-10-11 14:56 . 2013-10-11 14:57
m32\IDTNGUI.exe
2013-10-11 14:56 . 2013-10-11 14:57
m32\IDTNJ.exe
2013-10-11 14:56 . 2013-10-11 14:57
m32\IDTNX.dll
2013-10-11 14:56 . 2013-10-11 14:57
m32\HPToneCtrls64.dll
2013-10-11 14:56 . 2013-10-11 14:57
m32\IDTNC64.cpl
2013-10-11 14:56 . 2013-10-11 14:57
m32\AESTSr64.exe
2013-10-11 14:56 . 2013-10-11 14:57
m32\AESTCo64.dll
2013-10-11 14:56 . 2013-10-11 14:57
m32\AESTAR64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
)))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentContro
l2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132
-4a7a-80e4-30ee31099e03}]
2011-05-09 09:49
176936 ----a-wc:\program files (x86)\uTorrentC
ontrol2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentContro
l2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [201204-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAS
torIconLaunch.exe" [2013-10-11 56128]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBCon
troller.exe" [2012-03-14 319360]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\
PIconStartup.exe" [2013-10-11 133440]

"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Control
ler Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShre
dder.exe" [2012-08-07 12313720]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\if
xspmgt.exe" [2012-01-26 1127800]
"M-Audio Taskbar Icon"="c:\windows\system32\MAFWDITray.exe" [2010-03-01 313864]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [20
08-07-22 77824]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2
011-05-06 593920]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart
.exe" [2013-05-30 642816]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-06-05 6836
56]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Mana
ger\HPCMDelayStart.exe" [2013-04-23 185144]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusch
ed.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2013-2-2
7 1395416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify
\DeviceNP]
2012-01-31 21:19
75648 ----a-wc:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ
DPPassFilter scecli c:\program files\WID
COMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\wi
ndows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:
\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program
files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c
:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft
.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:
\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel Centrino Wireless Bluetooth + High Speed Protocol;c:\windows\syste
m32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\wi
ndows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATI
VE\DRIVERS\btwampfl.sys [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.s
ys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\
windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\D
RIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\driver
s\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlo
ck.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packar
d\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Co
nnection Manager\hpCMSrv.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\wind
ows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:
\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\j
mcr.sys [x]
R3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\win
dows\SYSNATIVE\DRIVERS\johci.sys [x]
R3 MAFWPROFIRE;Service for M-Audio ProFire;c:\windows\system32\DRIVERS\MAudioPro
Fire.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioProFire.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program
files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe;c:\program files (x86)\McA
fee Security Scan\3.0.207\McCHSvc.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhc
pDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Sha
red\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\R
oxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATI
VE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD
.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\W
atAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\
Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portra
it Displays\Drivers\pdisrvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATI
VE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows
\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVE
RS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\
windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\D
RIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATI
VE\Drivers\PxHlpa64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\wi
ndows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYS
NATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsof
tbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c
:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\a
tiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMPPALR3;Intel Centrino Wireless Bluetooth + High Speed Service;c:\program files
\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHS
AmpPalService.exe [x]
S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSup
portService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Secur
ity Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program fi
les\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlet
t-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\H
P Power Assistant\HPPA_Service.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x
86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)
\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett
-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\F
ile Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hot
key Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey
Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpser
vice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Int
el\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)
\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing
Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program
files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R)
Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x
86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [
x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\pro
gram files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_serv
ice.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program
files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\H
ewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrv
WFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Int
ernet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Thro
ugh\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsv
c.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 RoxioBurnLauncher;Roxio Burn Launcher;c:\program files (x86)\Roxio\Roxio Burn
\RoxioBurnLauncher.exe;c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher
.exe [x]
S2 thinkupApache;thinkupApache;c:\bitnami\THINKU~1.8-1\apache2\bin\httpd.exe;c:\
bitnami\THINKU~1.8-1\apache2\bin\httpd.exe [x]
S2 thinkupMySQL;thinkupMySQL;c:\bitnami\thinkup-2.0.beta.8-1\mysql\bin\mysqld.ex
e;c:\bitnami\thinkup-2.0.beta.8-1\mysql\bin\mysqld.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\w
indows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:
\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\
program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPServic
e.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\prog
ram files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\Z
eroConfigService.exe [x]
S3 AMPPAL;Intel Centrino Wireless Bluetooth + High Speed Virtual Adapter;c:\windows
\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DR
IVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system3
2\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys
;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system
32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Clien
t\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
.
.
--- Other Services/Drivers In Memory --.
*NewlyCreated* - NISDRV
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed compon
ents\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 14:46
1210320 ----a-wc:\program files (x86)\Google\Ch
rome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 17
:58]
.
2013-12-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527585329-3605364910
-3055288208-1001Core.job
- c:\users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-14 22:
51]
.
2013-12-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527585329-3605364910
-3055288208-1001UA.job
- c:\users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-14 22:
51]
.
2013-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-13 11:09]
.
2013-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-13 11:09]
.
2013-12-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3527585329-3605364910-3
055288208-1001Core.job
- c:\users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-05 11:09]
.
2013-12-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3527585329-3605364910-3
055288208-1001UA.job
- c:\users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-05 11:09]
.
2013-12-01 c:\windows\Tasks\HPCeeScheduleForAlex.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]

.
.
--------- X64 Entries ----------.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedA
ppStarter.exe" [2012-03-14 15232]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 13562
40]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-10-11 1425408]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonito
r.exe" [BU]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\Active
Check\product_line\NCPluginUpdater.exe" [2013-11-05 21720]
.
------- Supplementary Scan ------.
uStart Page = hxxp://search.babylon.com/?affID=115287&tt=280812_2004_3512_7&babs
rc=HP_ss&mntrId=f4bbb3640000000000008c705ab58445
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.254 192.168.1.254
FF - ProfilePath - c:\users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\7o7avz
jy.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/
?babsrc=TB_def&mntrId=f4bbb3640000000000008c705ab58445&q=
FF - user.js: extensions.BabylonToolbar.id - f4bbb3640000000000008c705ab58445
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92D
D98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15580
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1222:15
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=115287&tt=280812_2004
_3512_7
FF - user.js: extensions.BabylonToolbar_i.babExt FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\Instal
lShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.ex
e
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B667
08-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS --------------------.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900
_117_ActiveX.exe,-101"
.
}\Elevation]
"Enabled"=dword:00000001
.
}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
9A66}]
@="IFlashBroker5"
.
9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}]
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900
_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}]
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}]
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B
0C4-0800200C9A66}]
@="IFlashBroker5"
.
0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-01 20:02:44
ComboFix-quarantined-files.txt 2013-12-01 20:02
ComboFix2.txt 2013-11-17 17:53
.
Pre-Run: 86,806,659,072 bytes free
Post-Run: 86,335,340,544 bytes free
.
- - End Of File - - ECD4A4FB856434A282FE7293D4AF55B3

Combo Fix

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Combo Fix

Încărcat de

Drepturi de autor:

Formate disponibile

ComboFix 13-12-01.01 - Alex 01/12/2013 19:49:36.2.

2013-10-11 15:20 . 2013-10-11 15:22

2013-10-11 15:20 . 2013-10-11

2013-10-11 14:56 . 2013-10-11 14:57

PIconStartup.exe" [2013-10-11 133440]

program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]

S-ar putea să vă placă și