Hello,
I am in doubt, I think someone is spying on my online activity while browsing through Mozilla Firefox. I noticed a "weird sign" always attached to my current tab in Mozilla Firefox. Please have look on this screenshot:-
I don't know, what is that but it's looking something dangerous and making me worry a lot. However I scanned my PC through McAfee antivirus and It didn't found anything serious. I also uninstalled my previous Mozilla Firefox and installed new version but this problem is still there.
Extra Information
Mozilla Firefox Version: 34.0.5
Extensions: HTML Validator 0.9.5.8, McAfee SiteAdvisor 3.7.1, RoboForm Toolbar, SEO Status PageRank/ Alexa Toolbar
Please help me..
Thank you so much for your kind support.
OTL created two text files, OTL.txt and Extras. txt. Both are posted bellow respectively.
OTL.txt
OTL logfile created on: 12-12-2014 15:46:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\window\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.89 Gb Total Physical Memory | 1.09 Gb Available Physical Memory | 27.90% Memory free
7.78 Gb Paging File | 4.49 Gb Available in Paging File | 57.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.56 Gb Total Space | 61.27 Gb Free Space | 62.80% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 96.10 Gb Free Space | 98.41% Space Free | Partition Type: NTFS
Drive E: | 270.45 Gb Total Space | 261.57 Gb Free Space | 96.72% Space Free | Partition Type: NTFS
Drive G: | 70.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WINDOW-PC | User Name: window | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-12-12 15:44:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\window\Desktop\OTL.exe
PRC - [2014-12-09 15:51:29 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\mozilla firefox\firefox.exe
PRC - [2014-12-06 07:20:53 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-12-03 12:01:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014-11-25 00:08:23 | 002,039,192 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2014-11-25 00:08:23 | 000,166,296 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2014-11-13 11:23:04 | 000,741,920 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2014-11-03 11:05:36 | 000,821,600 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
PRC - [2014-10-30 14:36:24 | 000,387,088 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
PRC - [2014-10-17 19:35:46 | 000,451,072 | ---- | M] () -- C:\Program Files (x86)\MBlaze\MBlaze.exe
PRC - [2014-09-12 23:44:55 | 013,559,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014-09-12 23:44:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014-09-12 23:30:53 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2014-08-04 10:21:14 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
PRC - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014-04-04 11:29:28 | 002,000,896 | ---- | M] (iSkySoft) -- C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
PRC - [2013-12-11 10:57:58 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013-12-11 10:57:54 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013-10-17 15:27:02 | 000,166,912 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2013-06-21 03:53:16 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2013-05-21 12:58:30 | 000,656,976 | ---- | M] () -- C:\ProgramData\MBlaze\OnlineUpdate\ouc.exe
PRC - [2011-03-14 20:57:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2009-07-14 06:44:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2009-02-23 18:35:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2014-12-09 15:51:28 | 003,758,192 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\mozjs.dll
MOD - [2014-12-06 07:20:50 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
MOD - [2014-12-06 07:20:46 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
MOD - [2014-12-06 07:20:45 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
MOD - [2014-12-06 07:20:44 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
MOD - [2014-11-03 11:05:36 | 000,821,600 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
MOD - [2014-10-17 19:35:46 | 000,451,072 | ---- | M] () -- C:\Program Files (x86)\MBlaze\MBlaze.exe
MOD - [2014-04-04 11:29:10 | 000,371,712 | ---- | M] () -- C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
MOD - [2013-11-08 16:25:39 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\MBlaze\plugins\imageformats\qjpeg4.dll
MOD - [2013-11-08 16:25:38 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\MBlaze\plugins\imageformats\qmng4.dll
MOD - [2013-11-08 16:25:38 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\MBlaze\plugins\imageformats\qico4.dll
MOD - [2013-11-08 16:25:37 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\MBlaze\plugins\imageformats\qgif4.dll
MOD - [2013-11-08 16:25:35 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\MBlaze\plugins\imageformats\qtiff4.dll
MOD - [2013-11-08 16:25:34 | 001,124,352 | ---- | M] () -- C:\Program Files (x86)\MBlaze\AddrBookPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,858,624 | ---- | M] () -- C:\Program Files (x86)\MBlaze\SMSUIPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,819,712 | ---- | M] () -- C:\Program Files (x86)\MBlaze\AddrBookUIPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,731,136 | ---- | M] () -- C:\Program Files (x86)\MBlaze\DeviceAppPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,730,112 | ---- | M] () -- C:\Program Files (x86)\MBlaze\DeviceSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,704,000 | ---- | M] () -- C:\Program Files (x86)\MBlaze\SmsAppPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,702,464 | ---- | M] () -- C:\Program Files (x86)\MBlaze\NetInfoSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,672,768 | ---- | M] () -- C:\Program Files (x86)\MBlaze\AddrBookSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,646,144 | ---- | M] () -- C:\Program Files (x86)\MBlaze\AtCodec.dll
MOD - [2013-11-08 16:25:34 | 000,628,224 | ---- | M] () -- C:\Program Files (x86)\MBlaze\Common.dll
MOD - [2013-11-08 16:25:34 | 000,599,552 | ---- | M] () -- C:\Program Files (x86)\MBlaze\DeviceMgrUIPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,594,432 | ---- | M] () -- C:\Program Files (x86)\MBlaze\DialupUIPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,583,168 | ---- | M] () -- C:\Program Files (x86)\MBlaze\PluginContainer.dll
MOD - [2013-11-08 16:25:34 | 000,569,344 | ---- | M] () -- C:\Program Files (x86)\MBlaze\CallLogSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,536,064 | ---- | M] () -- C:\Program Files (x86)\MBlaze\core.dll
MOD - [2013-11-08 16:25:34 | 000,494,080 | ---- | M] () -- C:\Program Files (x86)\MBlaze\NetInfoUIExPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,407,552 | ---- | M] () -- C:\Program Files (x86)\MBlaze\Proxy.dll
MOD - [2013-11-08 16:25:34 | 000,391,168 | ---- | M] () -- C:\Program Files (x86)\MBlaze\NetConnectPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,377,856 | ---- | M] () -- C:\Program Files (x86)\MBlaze\MenuMgrPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\MBlaze\StatusBarMgrPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,303,104 | ---- | M] () -- C:\Program Files (x86)\MBlaze\DiagnosisPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,288,768 | ---- | M] () -- C:\Program Files (x86)\MBlaze\sdk.dll
MOD - [2013-11-08 16:25:34 | 000,254,976 | ---- | M] () -- C:\Program Files (x86)\MBlaze\XFramePlugin.dll
MOD - [2013-11-08 16:25:34 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\MBlaze\NetSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,236,032 | ---- | M] () -- C:\Program Files (x86)\MBlaze\DialUpPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,220,160 | ---- | M] () -- C:\Program Files (x86)\MBlaze\ToolBarMgrPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,220,160 | ---- | M] () -- C:\Program Files (x86)\MBlaze\SmsSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,201,216 | ---- | M] () -- C:\Program Files (x86)\MBlaze\NDISPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\MBlaze\XCodec.dll
MOD - [2013-11-08 16:25:34 | 000,187,392 | ---- | M] () -- C:\Program Files (x86)\MBlaze\CallAppPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,177,152 | ---- | M] () -- C:\Program Files (x86)\MBlaze\CallSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,168,960 | ---- | M] () -- C:\Program Files (x86)\MBlaze\ATR2SMgr.dll
MOD - [2013-11-08 16:25:34 | 000,166,912 | ---- | M] () -- C:\Program Files (x86)\MBlaze\OSDialup.dll
MOD - [2013-11-08 16:25:34 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\MBlaze\NetConnectSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\MBlaze\Trace.dll
MOD - [2013-11-08 16:25:34 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\MBlaze\STKSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,155,136 | ---- | M] () -- C:\Program Files (x86)\MBlaze\DataServicePlugin.dll
MOD - [2013-11-08 16:25:34 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\MBlaze\USSDSrvPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,131,584 | ---- | M] () -- C:\Program Files (x86)\MBlaze\OSNDIS.dll
MOD - [2013-11-08 16:25:34 | 000,119,296 | ---- | M] () -- C:\Program Files (x86)\MBlaze\ConnectMgrUIPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,117,760 | ---- | M] () -- C:\Program Files (x86)\MBlaze\LayoutPlugin.dll
MOD - [2013-11-08 16:25:34 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\MBlaze\OSAdapt.dll
MOD - [2013-11-08 16:25:34 | 000,097,792 | ---- | M] () -- C:\Program Files (x86)\MBlaze\NotifyServicePlugin.dll
MOD - [2013-11-08 16:25:34 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\MBlaze\OSPowerMgr.dll
MOD - [2013-11-08 16:25:34 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\MBlaze\OSCall.dll
MOD - [2013-07-24 09:24:52 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
MOD - [2013-05-21 14:14:08 | 001,114,112 | ---- | M] () -- C:\Program Files (x86)\MBlaze\NDISAPI.dll
MOD - [2013-05-21 14:14:08 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\MBlaze\Win7Support.dll
MOD - [2013-05-21 14:14:07 | 000,224,256 | ---- | M] () -- C:\Program Files (x86)\MBlaze\tdpcvoice.dll
MOD - [2013-05-21 12:50:30 | 000,691,200 | ---- | M] () -- C:\Program Files (x86)\MBlaze\LiveUpdateInterface.dll
MOD - [2012-10-31 15:03:34 | 009,562,624 | ---- | M] () -- C:\Program Files (x86)\MBlaze\QtGui4.dll
MOD - [2012-10-31 14:44:12 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\MBlaze\QtNetwork4.dll
MOD - [2012-10-31 14:41:48 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\MBlaze\QtXml4.dll
MOD - [2012-10-31 14:41:24 | 002,417,152 | ---- | M] () -- C:\Program Files (x86)\MBlaze\QtCore4.dll
MOD - [2009-06-23 08:12:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\MBlaze\libgcc_s_dw2-1.dll
MOD - [2009-01-11 00:02:40 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\MBlaze\mingwm10.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014-09-04 04:09:02 | 000,603,424 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2014-08-20 08:16:12 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2014-06-20 10:30:38 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014-06-20 10:23:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014-04-25 18:34:42 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013-08-27 14:32:30 | 000,828,376 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013-08-27 14:32:14 | 000,747,520 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2013-07-30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013-07-30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013-07-30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013-07-30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2013-07-30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013-07-18 04:17:38 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-07-14 07:11:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 07:10:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014-12-10 17:42:38 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-12-09 15:51:29 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-12-03 12:01:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-11-25 00:08:23 | 000,166,296 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2014-09-12 23:44:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014-08-04 10:21:14 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)
SRV - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-12-11 10:57:58 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013-12-11 10:57:54 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013-11-16 00:38:00 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013-10-17 15:27:02 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2013-07-02 23:00:14 | 000,312,448 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013-06-21 03:53:16 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2013-05-21 12:58:30 | 000,656,976 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\MBlaze\UpdateDog\ouc.exe -- (MBlaze. RunOuc)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011-03-14 20:57:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2009-06-11 02:53:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014-08-20 08:06:14 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014-08-20 08:05:28 | 000,445,512 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2014-06-20 10:38:22 | 000,072,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014-06-20 10:31:06 | 000,348,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014-06-20 10:26:02 | 000,786,296 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014-06-20 10:23:40 | 000,523,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014-06-20 10:21:48 | 000,313,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014-06-20 10:20:54 | 000,181,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014-01-10 14:02:50 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\My Dell\pcdsrvc_x64.pkms -- (PCDSRVC{D3412D80-CF3B4A27-06020200}_0)
DRV:64bit: - [2013-12-10 23:27:54 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013-11-08 16:25:05 | 000,455,680 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2013-11-08 16:25:05 | 000,109,568 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2013-11-08 16:25:05 | 000,014,976 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2013-11-08 16:25:04 | 000,091,648 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2013-11-08 16:25:03 | 000,226,048 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2013-10-29 17:36:26 | 004,195,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013-10-17 15:27:02 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2013-09-18 15:09:40 | 000,452,088 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013-07-18 05:12:44 | 011,614,208 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013-07-18 03:50:36 | 000,578,048 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013-07-02 22:34:54 | 000,589,000 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013-07-02 22:34:54 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013-07-02 22:34:54 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013-07-02 22:34:54 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013-07-02 22:34:54 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013-07-02 22:34:54 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013-07-02 22:34:54 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013-07-02 22:34:54 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013-06-24 22:56:16 | 003,979,776 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2013-06-19 02:52:36 | 000,872,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013-03-05 11:34:58 | 000,469,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013-03-05 11:34:56 | 000,031,984 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012-12-22 02:12:28 | 000,326,368 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012-09-14 15:42:38 | 000,036,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2010-03-08 20:08:36 | 000,121,800 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HtcVComV64.sys -- (HtcVCom32)
DRV:64bit: - [2009-07-14 07:22:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-14 07:22:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-14 07:22:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 07:18:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 07:17:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 07:17:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 07:15:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 05:39:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-06-11 02:04:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-11 02:04:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-11 02:04:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-11 02:01:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-14 06:49:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-in
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 A2 AF 00 33 9F CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {76037129-B57E-41C2-8FAE-E52992FA54C3}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledAddons: seostatus%40rubyweb:1.5.9
FF - prefs.js..extensions.enabledAddons: %7B3b56bcc7-54e5-44a2-9b44-66c3ef58c13e%7D:0.9.5.8
FF - prefs.js..extensions.enabledAddons: %7B5546F97E-11A5-46b0-9082-32AD74AAA920%7D:0.76
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-07-07 16:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\ProgramData\iSkysoft\Video Converter Ultimate\
[email protected]\ [2014-07-10 11:53:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014-11-20 11:39:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\mozilla firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\mozilla firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-07-07 16:59:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\mozilla firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\mozilla firefox\plugins
[2014-07-07 10:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\window\AppData\Roaming\Mozilla\Extensions
[2014-12-04 22:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\extensions
[2014-07-07 16:23:21 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2014-07-07 16:23:14 | 000,000,000 | ---D | M] (InFormEnter) -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}
[2014-11-05 19:47:53 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014-07-07 10:56:05 | 000,000,000 | ---D | M] (prIcechOpp) -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\extensions\
[email protected]
[2014-07-07 10:56:05 | 000,000,000 | ---D | M] (pariicaecHop) -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\extensions\
[email protected]
[2014-07-07 17:34:42 | 000,207,020 | ---- | M] () (No name found) -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\extensions\
[email protected]
[2014-11-25 11:51:33 | 000,566,021 | ---- | M] () (No name found) -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\extensions\
[email protected]
[2014-11-05 11:18:55 | 000,002,533 | ---- | M] () -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\searchplugins\ask-search.xml
[2014-08-27 18:38:49 | 000,002,831 | ---- | M] () -- C:\Users\window\AppData\Roaming\Mozilla\Firefox\Profiles\x726cs0k.default\searchplugins\Astromenda.xml
[2014-12-09 15:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-12-09 15:51:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-11-20 11:39:16 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgckmkcfahjkplmcjmgahnmlibkcnffe\3.9\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmpimgdaelepllnhijkadfmehdpmijp\3.9\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfipdgenfgpoakdfnndhkgjnnopnlohn\0.2_0\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomnoaehhnmbolpapbjeopogjfefdpnl\5.1.0_0\
CHR - Extension: No name found = C:\Users\window\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
O1 HOSTS File: ([2014-11-12 12:52:03 | 000,000,891 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ppricechop) - {56FE701F-B777-00AC-405C-9B60DBCB066B} - C:\Program Files (x86)\ppricechop\6hljrX.x64.dll File not found
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {2320DB42-0B34-473D-412C-4E7A7C6C600C} - No CLSID value found.
O2 - BHO: (no name) - {56FE701F-B777-00AC-405C-9B60DBCB066B} - No CLSID value found.
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (iSkysoft Video Converter Ultimate 5.1.0) - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll (Wondershare)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe ()
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\window\AppData\Local\Apps\2.0\59EL0GWR.H20\YOPXMTLB.GWO\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe (Dell)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8:64bit: - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8:64bit: - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8 - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8 - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8 - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E92CA12A-0162-42A2-99F5-59DB05E1232F}: NameServer = 10.228.1.114 10.228.1.116
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\WSISVCUchrome - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\WSISVCUchrome - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-11-08 08:26:01 | 000,148,320 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2013-11-08 08:26:01 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{291643c4-05a1-11e4-bfbf-d45a3b744ef4}\Shell - "" = AutoRun
O33 - MountPoints2\{291643c4-05a1-11e4-bfbf-d45a3b744ef4}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{34d58cc8-1ef6-11e4-9388-485ab6b00614}\Shell - "" = AutoRun
O33 - MountPoints2\{34d58cc8-1ef6-11e4-9388-485ab6b00614}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{568f13ed-5605-11e4-8c6d-b7e6b9935059}\Shell - "" = AutoRun
O33 - MountPoints2\{568f13ed-5605-11e4-8c6d-b7e6b9935059}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{568f13f9-5605-11e4-8c6d-b7e6b9935059}\Shell - "" = AutoRun
O33 - MountPoints2\{568f13f9-5605-11e4-8c6d-b7e6b9935059}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{568f140a-5605-11e4-8c6d-b7e6b9935059}\Shell - "" = AutoRun
O33 - MountPoints2\{568f140a-5605-11e4-8c6d-b7e6b9935059}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{5c58742c-05a5-11e4-a66b-fa60b52143b4}\Shell - "" = AutoRun
O33 - MountPoints2\{5c58742c-05a5-11e4-a66b-fa60b52143b4}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{7008a96b-5819-11e4-864b-916732ed5eac}\Shell - "" = AutoRun
O33 - MountPoints2\{7008a96b-5819-11e4-864b-916732ed5eac}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{793c2deb-56d4-11e4-92b7-cf64787965bf}\Shell - "" = AutoRun
O33 - MountPoints2\{793c2deb-56d4-11e4-92b7-cf64787965bf}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{7ad36fe7-0668-11e4-8174-485ab6b00614}\Shell - "" = AutoRun
O33 - MountPoints2\{7ad36fe7-0668-11e4-8174-485ab6b00614}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{c5b9fee9-1f16-11e4-bc0d-485ab6b00613}\Shell - "" = AutoRun
O33 - MountPoints2\{c5b9fee9-1f16-11e4-bc0d-485ab6b00613}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{cedc3874-0532-11e4-9e7f-feb7cfc1cdf4}\Shell - "" = AutoRun
O33 - MountPoints2\{cedc3874-0532-11e4-9e7f-feb7cfc1cdf4}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{da116361-1fd1-11e4-9bb9-485ab6b00614}\Shell - "" = AutoRun
O33 - MountPoints2\{da116361-1fd1-11e4-9bb9-485ab6b00614}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{e962e171-0533-11e4-831b-d3d9ec3f14f7}\Shell - "" = AutoRun
O33 - MountPoints2\{e962e171-0533-11e4-831b-d3d9ec3f14f7}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{f2b04948-1efd-11e4-88e6-485ab6b00613}\Shell - "" = AutoRun
O33 - MountPoints2\{f2b04948-1efd-11e4-88e6-485ab6b00613}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2013-11-08 08:26:01 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014-12-12 15:44:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\window\Desktop\OTL.exe
[2014-12-12 12:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014-12-12 11:27:34 | 000,000,000 | R--D | C] -- C:\Users\window\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014-12-09 15:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mozilla firefox
[2014-11-26 17:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014-11-19 15:48:17 | 000,000,000 | ---D | C] -- C:\Users\window\AppData\Roaming\(2C-8A-72-F4-1E-2A)
[2014-11-16 20:47:12 | 000,000,000 | ---D | C] -- C:\Users\window\Desktop\LOGO
[2014-11-13 20:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader
[2014-11-13 20:49:19 | 000,000,000 | ---D | C] -- C:\Users\window\AppData\Local\UmmyVideoDownloader
========== Files - Modified Within 30 Days ==========
[2014-12-12 15:44:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\window\Desktop\OTL.exe
[2014-12-12 15:42:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-12-12 15:28:43 | 000,072,606 | ---- | M] () -- C:\Users\window\Desktop\what-is-that.png
[2014-12-12 14:57:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-12-12 11:33:25 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-12-12 11:33:25 | 000,665,138 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-12-12 11:33:25 | 000,125,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-12-12 11:32:19 | 000,012,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-12-12 11:32:19 | 000,012,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-12-12 11:27:27 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014-12-12 11:27:08 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-12-12 11:26:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-12-12 11:26:54 | 3133,427,712 | -HS- | M] () -- C:\hiberfil.sys
[2014-12-08 18:08:04 | 000,040,795 | ---- | M] () -- C:\Users\window\Desktop\iOS 8 vs Google Android Lollipop.jpg
[2014-12-07 11:26:11 | 000,092,002 | ---- | M] () -- C:\Users\window\Desktop\Photo0016.jpg
[2014-12-07 11:25:26 | 000,118,585 | ---- | M] () -- C:\Users\window\Desktop\Photo0015.jpg
[2014-12-05 18:47:54 | 000,016,626 | ---- | M] () -- C:\Users\window\Desktop\ndim-logo.jpg
[2014-11-26 17:08:02 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-11-20 17:52:43 | 000,009,311 | ---- | M] () -- C:\Users\window\Desktop\images (1).jpg
========== Files Created - No Company Name ==========
[2014-12-12 15:28:43 | 000,072,606 | ---- | C] () -- C:\Users\window\Desktop\what-is-that.png
[2014-12-08 18:08:04 | 000,040,795 | ---- | C] () -- C:\Users\window\Desktop\iOS 8 vs Google Android Lollipop.jpg
[2014-12-07 20:09:43 | 000,118,585 | ---- | C] () -- C:\Users\window\Desktop\Photo0015.jpg
[2014-12-07 20:09:43 | 000,092,002 | ---- | C] () -- C:\Users\window\Desktop\Photo0016.jpg
[2014-12-05 18:47:54 | 000,016,626 | ---- | C] () -- C:\Users\window\Desktop\ndim-logo.jpg
[2014-11-26 17:08:02 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-11-26 17:08:01 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014-11-20 17:52:43 | 000,009,311 | ---- | C] () -- C:\Users\window\Desktop\images (1).jpg
[2014-07-10 11:53:28 | 000,721,263 | ---- | C] () -- C:\Windows\SysWow64\ISCM64.dll
[2014-07-10 11:53:28 | 000,214,528 | ---- | C] () -- C:\Windows\SysWow64\ISCM32.dll
[2014-07-07 14:58:39 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2014-07-07 14:45:14 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014-07-07 14:45:14 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014-07-07 14:45:13 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014-07-06 23:16:28 | 000,000,542 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014-07-06 23:03:58 | 000,764,126 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-11-25 11:35:34 | 000,317,440 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013-11-25 11:35:34 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013-11-25 11:35:33 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013-08-27 14:00:08 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2009-07-14 10:25:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009-07-14 07:11:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 06:46:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 07:10:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 06:45:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 07:11:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014-11-19 15:48:17 | 000,000,000 | ---D | M] -- C:\Users\window\AppData\Roaming\(2C-8A-72-F4-1E-2A)
[2014-10-11 20:54:22 | 000,000,000 | ---D | M] -- C:\Users\window\AppData\Roaming\deskPDF
[2014-10-22 20:22:44 | 000,000,000 | ---D | M] -- C:\Users\window\AppData\Roaming\deskPDF Editor
[2014-10-17 19:28:35 | 000,000,000 | ---D | M] -- C:\Users\window\AppData\Roaming\DMCache
[2014-10-29 15:40:22 | 000,000,000 | ---D | M] -- C:\Users\window\AppData\Roaming\HTC
[2014-10-29 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\window\AppData\Roaming\PCDr
[2014-09-17 13:27:26 | 000,000,000 | ---D | M] -- C:\Users\window\AppData\Roaming\TeamViewer
[2014-07-10 11:54:14 | 000,000,000 | ---D | M] -- C:\Users\window\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
========== Purity Check ==========
< End of report >
Extras.txt
OTL Extras logfile created on: 12-12-2014 15:46:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\window\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.89 Gb Total Physical Memory | 1.09 Gb Available Physical Memory | 27.90% Memory free
7.78 Gb Paging File | 4.49 Gb Available in Paging File | 57.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.56 Gb Total Space | 61.27 Gb Free Space | 62.80% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 96.10 Gb Free Space | 98.41% Space Free | Partition Type: NTFS
Drive E: | 270.45 Gb Total Space | 261.57 Gb Free Space | 96.72% Space Free | Partition Type: NTFS
Drive G: | 70.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WINDOW-PC | User Name: window | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042210FB-FAE1-467C-B99F-FACFFDED3FB7}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{20964EC3-B7C1-43B0-84A3-D0F379A723E1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{47F827A9-FAF7-43F1-A8BF-E4638DCEBC77}" = rport=2869 | protocol=6 | dir=out | app=system |
"{600F819B-BFBA-4632-8D36-29BF99BC4C3A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{65029AA9-9D57-452F-8795-638D4304BE8C}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{93A1A438-CEE9-4540-B2FE-4B0B2BDA1BC4}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C5F267C2-8780-4583-B609-41D1663C48F3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{CF5E5605-9EAB-47B7-878F-7DDB27407619}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DB404634-CB49-4EFC-B02E-3D41A5C5764D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6811305-0587-491B-88BD-7C135A280EE9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C04E337-4C1A-48FC-9706-838892D88177}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{282024C1-B67C-4A8C-BE0A-8218E36336A7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{28965113-0DE5-4BFB-B04D-A3C5A053F2CF}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{2B17325D-5852-4068-912D-5DEE69E03EB6}" = dir=in | app=c:\program files (x86)\htc\htc sync manager\htcsyncmanager.exe |
"{3CE87381-71E7-436D-84D5-F21703D9563E}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{50B11C03-1D94-4D46-92C2-4484DE8CF324}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{54CDA9B0-465D-45B0-9DFB-39D6AD4E1C93}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{62473A1A-218E-4244-A6E9-7C8C1A83DD94}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{643809DD-299B-4413-A33D-A62585B4CF5A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{80FA85EA-A3FD-496E-AA2E-82C0500E0EF8}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{860289C6-EE7D-4AAA-9171-2F0DD6C71A1F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{91C5CE5E-06F4-4629-94DA-6FEAEDE8E319}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9795E81B-C661-47B0-97A4-1632D6AE6A4F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{A71B0B96-91ED-4D3D-8CEF-360AE1E923E9}" = dir=in | app=c:\program files (x86)\htc\htc sync manager\htcsyncmanager.exe |
"{AB3B3416-5CBA-4E33-A8D1-22F866E149B7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B9E5B42C-F469-4BE6-9059-CEF0DDCC2AAF}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{C72FB78B-239A-46C3-B8A8-E2BB7EBA9FD9}" = protocol=58 | dir=in |
[email protected],-148 |
"{C73B0745-61FA-4D5A-B6DB-BA3D168F589B}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{CD818A35-88B1-4F8F-A913-EE3F57874213}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D9DB2A68-66B2-481B-B580-6B2FD31F5467}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{4855987A-C2CD-4DA7-9746-B3CA12352FC1}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{C4A83AFD-0EA8-4BB8-A8AE-3D26BB151EA4}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89AA9A4A-06E7-DE10-4624-39D805136211}" = AMD Accelerated Video Transcoding
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90B5277A-5B7E-AD24-3FDB-E67BB5C2C5C5}" = AMD Catalyst Install Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0EAC5D0-A304-BEAD-85DF-B9F231233E87}" = ccc-utility64
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"DFFC4013304EDB1027D2BAEBE06DF2A4BD2608D3" = Windows Driver Package - Dell Inc (DellRbtn) HIDClass (07/31/2012 1.4)
"PC-Doctor for Windows" = My Dell
"SynTPDeinstKey" = Dell Touchpad
"VLC media player" = VLC media player 2.1.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{112039C1-5FD5-CC25-4EFA-8AA13462F7A7}" = CCC Help Korean
"{1E496A68-4943-424E-829D-5C3C85B7B8F2}" = Realtek USB Card Reader
"{231D0C79-98A6-4693-A366-36DE7D7346EC}" = HTC Sync Manager
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.21
"{24F46D10-DA43-CFD7-B141-474A954DCA4B}" = CCC Help Spanish
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3CBBA524-C981-0A25-E4FF-84A5CA4A7438}" = CCC Help Dutch
"{3CC8334B-BC92-E7C8-E9F9-95A42073C384}" = CCC Help Danish
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4F524A2D-5350-4500-76A7-A758B70C1500}" = Search App by Ask
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{51FDC2DE-0917-46B7-EAEC-5377504701DE}" = PowerXpressHybrid
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{567AB107-4A81-F89A-11B0-BC2B26B21557}" = CCC Help Finnish
"{5C156DF1-A4AA-8DE6-4254-10AD7ECAF190}" = Catalyst Control Center Localization All
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{667EB94F-B0C8-D39D-B803-097630BA2B88}" = CCC Help Russian
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}" = OEM Application Profile
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{855C5C0A-69E8-A1E3-5A85-8C524DE97577}" = CCC Help French
"{8E910C4A-9BC9-44A2-9EEA-6C5743C854FD}" = CCC Help Swedish
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90BEBF71-5641-898C-8C2B-201965E935F2}" = PX Profile Update
"{9406F075-94E3-3ADE-9247-9125F67F7193}" = CCC Help German
"{9AEF25CF-6F43-41FB-9DDD-9BFA15EE81FD}" = StarToken-NG
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.10)
"{B004EFCE-C56E-0C2A-638F-97518E6CAD51}" = CCC Help Portuguese
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2F75643-ACC3-DF4C-DCB8-D742C1B9C317}" = CCC Help Japanese
"{BCD956D1-8E37-6535-B2D6-A32FBA441F24}" = CCC Help English
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C812F4CE-881C-57E8-3718-5FFDF40F33C6}" = CCC Help Chinese Traditional
"{CF90D406-0EC5-FF92-45FA-E44248105C51}" = CCC Help Chinese Standard
"{D2BA8D2F-4DB8-35E3-5E8C-817A56B01705}" = CCC Help Italian
"{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1" = UmmyVideoDownloader 1.2.0.6
"{E141DC1C-ADC4-D917-50BB-628DA0A74FC5}" = CCC Help Norwegian
"{E6868D93-C782-2F1F-F4CB-607209308BBC}" = Catalyst Control Center Profiles Mobile
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F38DC282-11BE-45D8-8754-D3D40F3D7FBE}" = Google+ Auto Backup
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8F0A13C-8989-7702-937F-29F63E548160}" = Catalyst Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"AI RoboForm" = RoboForm 7-9-8-5 (All Users)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FlashFXP 4" = FlashFXP 4
"Google Chrome" = Google Chrome
"iSkysoft Video Converter Ultimate_is1" = iSkysoft Video Converter Ultimate(Build 5.1.3.0)
"MBlaze" = MBlaze
"Mozilla Firefox 34.0.5 (x86 en-US)" = Mozilla Firefox 34.0.5 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee AntiVirus
"MTS Entertainment_is1" = MTS Entertainment version 1.0
"MTS Games_is1" = MTS Games version 1.0
"MTS PC SAFE" = MTS PC SAFE 1.0
"Picasa 3" = Picasa 3
"Tata Photon+" = Tata Photon+
"TeamViewer 9" = TeamViewer 9
"Xenu's Link Sleuth" = Xenu's Link Sleuth
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"73f463568823ebbe" = Dell System Detect
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14-11-2014 04:08:57 | Computer Name = window-PC | Source = RasClient | ID = 20227
Description =
Error - 17-11-2014 07:38:39 | Computer Name = window-PC | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 34.0.0.5430,
time stamp: 0x546590d4 Faulting module name: mozalloc.dll, version: 34.0.0.5430,
time stamp: 0x546589d4 Exception code: 0x80000003 Fault offset: 0x00001425 Faulting
process id: 0x1944 Faulting application start time: 0x01d002552966246e Faulting application
path: C:\program files (x86)\mozilla firefox\plugin-container.exe Faulting module
path: C:\program files (x86)\mozilla firefox\mozalloc.dll Report Id: 45e6981c-6e4e-11e4-9645-806fc1bcca89
Error - 25-11-2014 10:13:26 | Computer Name = window-PC | Source = Application Error | ID = 1000
Description = Faulting application name: StarToken-NG.exe, version: 0.0.0.0, time
stamp: 0x53731483 Faulting module name: StarToken-NG.exe, version: 0.0.0.0, time
stamp: 0x53731483 Exception code: 0xc0000005 Fault offset: 0x004ae6b7 Faulting process
id: 0xd94 Faulting application start time: 0x01d008b909ddeaf6 Faulting application
path: C:\StarToken-NG\StarToken-NG.exe Faulting module path: C:\StarToken-NG\StarToken-NG.exe
Report
Id: 38c37944-74ad-11e4-9424-fa4a7fb5ab8f
Error - 27-11-2014 01:37:48 | Computer Name = window-PC | Source = RasClient | ID = 20227
Description =
Error - 28-11-2014 06:48:57 | Computer Name = window-PC | Source = Application Error | ID = 1000
Description = Faulting application name: McSvHost.exe, version: 3.8.703.0, time
stamp: 0x51f7deae Faulting module name: saupkeep.dll_unloaded, version: 0.0.0.0,
time stamp: 0x5464da7e Exception code: 0xc0000005 Fault offset: 0x000007fef6032286
Faulting
process id: 0xa24 Faulting application start time: 0x01d00ae6273c11db Faulting application
path: C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe Faulting
module path: saupkeep.dll Report Id: 270d95a0-76ec-11e4-939c-cc264492ba8e
Error - 30-11-2014 14:46:26 | Computer Name = window-PC | Source = RasClient | ID = 20227
Description =
Error - 04-12-2014 06:06:18 | Computer Name = window-PC | Source = Application Error | ID = 1000
Description = Faulting application name: McSvHost.exe, version: 3.8.703.0, time
stamp: 0x51f7deae Faulting module name: ntdll.dll, version: 6.1.7600.16385, time
stamp: 0x4a5be02b Exception code: 0xc0000374 Fault offset: 0x00000000000c6cd2 Faulting
process id: 0x984 Faulting application start time: 0x01d00fa61e923c4e Faulting application
path: C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe Faulting
module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 30341cc6-7b9d-11e4-b2ac-f371661154a9
Error - 07-12-2014 08:58:15 | Computer Name = window-PC | Source = SkypeUpdate | ID = 200
Description = File C:\Windows\TEMP\SKYCB5F.tmp has invalid signature.
Error - 08-12-2014 07:28:35 | Computer Name = window-PC | Source = Application Error | ID = 1000
Description = Faulting application name: StarToken-NG.exe, version: 0.0.0.0, time
stamp: 0x53731483 Faulting module name: StarToken-NG.exe, version: 0.0.0.0, time
stamp: 0x53731483 Exception code: 0xc0000005 Fault offset: 0x004ae6b7 Faulting process
id: 0x364 Faulting application start time: 0x01d012d9b21b38bc Faulting application
path: C:\StarToken-NG\StarToken-NG.exe Faulting module path: C:\StarToken-NG\StarToken-NG.exe
Report
Id: 58b197d8-7ecd-11e4-9307-f9699956678d
Error - 12-12-2014 02:01:34 | Computer Name = window-PC | Source = MsiInstaller | ID = 1024
Description =
< End of report >