API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 26th, 2015
64
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 32.45 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 15-11-23.01 - Scott 11/26/2015 17:23:15.1.8 - x64
  2. Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8173.5808 [GMT -5:00]
  3. Running from: c:\users\Scott\Desktop\ComboFix.exe
  4. AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
  5. AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
  6. SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
  7. SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
  8. SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  9. .
  10. .
  11. ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
  12. .
  13. .
  14. C:\END
  15. c:\program files (x86)\SingAlong
  16. c:\programdata\Roaming
  17. c:\users\Scott\Documents\~WRL0358.tmp
  18. c:\users\Scott\Documents\~WRL1507.tmp
  19. c:\windows\SysWow64\DEBUG.log
  20. c:\windows\wininit.ini
  21. .
  22. .
  23. ((((((((((((((((((((((((( Files Created from 2015-10-26 to 2015-11-26 )))))))))))))))))))))))))))))))
  24. .
  25. .
  26. 2015-11-26 22:33 . 2015-11-26 22:33 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
  27. 2015-11-26 22:33 . 2015-11-26 22:33 -------- d-----w- c:\users\Default\AppData\Local\temp
  28. 2015-11-26 21:21 . 2015-11-26 22:45 -------- dc----w- C:\Recovery
  29. 2015-11-26 21:02 . 2015-10-30 23:46 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
  30. 2015-11-26 21:01 . 2015-08-06 18:04 14176768 ----a-w- c:\windows\system32\shell32.dll
  31. 2015-11-26 21:01 . 2015-08-06 18:03 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
  32. 2015-11-26 21:01 . 2015-08-06 17:44 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
  33. 2015-11-26 21:01 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
  34. 2015-11-26 21:01 . 2015-10-01 18:04 616360 ----a-w- c:\windows\system32\winresume.efi
  35. 2015-11-26 21:01 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
  36. 2015-11-26 21:01 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
  37. 2015-11-26 21:01 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
  38. 2015-11-26 21:01 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
  39. 2015-11-26 21:01 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
  40. 2015-11-26 21:01 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
  41. 2015-11-26 21:01 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
  42. 2015-11-26 21:00 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
  43. 2015-11-26 21:00 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
  44. 2015-11-26 21:00 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
  45. 2015-11-26 21:00 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
  46. 2015-11-26 21:00 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
  47. 2015-11-26 21:00 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
  48. 2015-11-26 21:00 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
  49. 2015-11-26 20:59 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
  50. 2015-11-26 20:59 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll
  51. 2015-11-26 20:59 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll
  52. 2015-11-26 20:59 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe
  53. 2015-11-26 20:59 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
  54. 2015-11-26 20:59 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
  55. 2015-11-26 20:59 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
  56. 2015-11-26 20:58 . 2015-10-08 23:22 69120 ----a-w- c:\windows\system32\nlsbres.dll
  57. 2015-11-26 20:58 . 2015-10-08 23:18 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
  58. 2015-11-26 20:58 . 2015-10-08 23:18 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
  59. 2015-11-26 20:58 . 2015-10-08 23:18 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
  60. 2015-11-26 20:58 . 2015-10-08 23:18 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
  61. 2015-11-26 20:58 . 2015-10-08 23:18 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
  62. 2015-11-26 20:58 . 2015-10-08 23:17 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
  63. 2015-11-26 20:57 . 2015-11-14 06:06 6358832 ----a-w- c:\windows\system32\nvcpl.dll
  64. 2015-11-26 20:57 . 2015-11-14 06:06 2983032 ----a-w- c:\windows\system32\nvsvc64.dll
  65. 2015-11-26 20:57 . 2015-11-14 06:06 938800 ----a-w- c:\windows\system32\nvvsvc.exe
  66. 2015-11-26 20:57 . 2015-11-14 06:06 62768 ----a-w- c:\windows\system32\nvshext.dll
  67. 2015-11-26 20:57 . 2015-11-14 06:06 385144 ----a-w- c:\windows\system32\nvmctray.dll
  68. 2015-11-26 20:57 . 2015-11-14 06:06 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
  69. 2015-11-26 20:57 . 2015-10-28 08:17 6027430 ----a-w- c:\windows\system32\nvcoproc.bin
  70. 2015-11-26 20:57 . 2015-11-16 03:35 112760 ----a-w- c:\windows\system32\OpenCL.dll
  71. 2015-11-26 20:57 . 2015-11-16 03:35 105080 ----a-w- c:\windows\SysWow64\OpenCL.dll
  72. 2015-11-26 20:55 . 2015-09-01 18:14 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
  73. 2015-11-26 20:55 . 2015-09-01 18:14 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
  74. 2015-11-26 20:55 . 2015-09-01 18:14 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
  75. 2015-11-26 20:55 . 2015-09-01 18:13 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
  76. 2015-11-26 20:55 . 2015-09-01 18:12 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
  77. 2015-11-26 20:55 . 2015-09-01 17:52 348672 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
  78. 2015-11-26 20:55 . 2015-09-01 17:52 10240 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
  79. 2015-11-26 20:55 . 2015-10-13 16:41 497664 ----a-w- c:\windows\system32\drivers\afd.sys
  80. 2015-11-26 20:55 . 2015-10-13 16:40 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
  81. 2015-11-26 20:40 . 2015-10-13 04:57 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
  82. 2015-11-26 20:40 . 2015-11-03 17:55 3211264 ----a-w- c:\windows\system32\win32k.sys
  83. 2015-11-26 20:40 . 2015-11-12 18:37 112712 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
  84. 2015-11-26 20:32 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A6ED7A5F-7843-4F19-B482-E1D036FD0B47}\mpengine.dll
  85. 2015-11-26 20:26 . 2015-11-26 20:26 -------- dc----w- C:\$WINDOWS.~BT
  86. 2015-11-26 19:02 . 2015-11-26 19:02 -------- d-----w- C:\found.000
  87. 2015-11-26 07:20 . 2015-11-26 07:20 5286088 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
  88. 2015-11-26 06:07 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
  89. .
  90. .
  91. .
  92. (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
  93. .
  94. 2015-11-26 22:36 . 2015-09-14 16:56 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
  95. 2015-11-26 22:21 . 2014-10-18 07:10 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
  96. 2015-11-26 07:20 . 2014-11-14 04:59 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
  97. 2015-11-26 07:20 . 2014-11-14 04:59 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  98. 2015-11-12 18:37 . 2014-06-07 00:09 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
  99. 2015-11-12 18:37 . 2014-03-24 23:09 1509824 ----a-w- c:\windows\SysWow64\nvspcap.dll
  100. 2015-11-12 18:37 . 2014-06-07 00:09 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
  101. 2015-11-12 18:37 . 2014-03-24 23:09 1828160 ----a-w- c:\windows\system32\nvspcap64.dll
  102. 2015-10-29 17:50 . 2015-11-26 20:59 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
  103. 2015-10-29 17:50 . 2015-11-26 20:59 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
  104. 2015-10-29 17:50 . 2015-11-26 20:59 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
  105. 2015-10-29 17:50 . 2015-11-26 20:59 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
  106. 2015-10-29 17:49 . 2015-11-26 20:59 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
  107. 2015-10-29 17:49 . 2015-11-26 20:59 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
  108. 2015-10-29 17:49 . 2015-11-26 20:59 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
  109. 2015-10-29 17:49 . 2015-11-26 20:59 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
  110. 2015-10-29 17:39 . 2015-11-26 20:59 2560 ----a-w- c:\windows\apppatch\AcRes.dll
  111. 2015-10-27 23:43 . 2011-06-18 18:38 145617392 ----a-w- c:\windows\system32\MRT.exe
  112. 2015-10-20 00:45 . 2015-11-26 21:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
  113. 2015-10-13 06:29 . 2015-10-13 06:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
  114. 2015-10-13 06:22 . 2015-10-13 06:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
  115. 2015-10-07 21:36 . 2015-10-07 21:39 29352 ----a-w- c:\windows\system32\drivers\semav6msr64.sys
  116. 2015-09-02 03:04 . 2015-09-14 02:28 41984 ----a-w- c:\windows\system32\lpk.dll
  117. 2015-09-02 03:04 . 2015-09-14 02:28 100864 ----a-w- c:\windows\system32\fontsub.dll
  118. 2015-09-02 03:04 . 2015-09-14 02:28 14336 ----a-w- c:\windows\system32\dciman32.dll
  119. 2015-09-02 03:04 . 2015-09-14 02:28 46080 ----a-w- c:\windows\system32\atmlib.dll
  120. 2015-09-02 02:48 . 2015-09-14 02:28 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
  121. 2015-09-02 02:48 . 2015-09-14 02:28 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
  122. 2015-09-02 02:48 . 2015-09-14 02:28 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
  123. 2015-09-02 02:47 . 2015-09-14 02:28 25600 ----a-w- c:\windows\SysWow64\lpk.dll
  124. 2015-09-02 01:47 . 2015-09-14 02:28 372736 ----a-w- c:\windows\system32\atmfd.dll
  125. 2015-09-02 01:33 . 2015-09-14 02:28 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
  126. .
  127. .
  128. ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
  129. .
  130. .
  131. *Note* empty entries & legit default entries are not shown
  132. REGEDIT4
  133. .
  134. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  135. "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-03 39408]
  136. "Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-11-05 3011152]
  137. "CCleaner"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
  138. "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
  139. .
  140. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  141. "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
  142. "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
  143. "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 648032]
  144. .
  145. c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  146. CurseClientStartup.ccip [2011-6-18 0]
  147. .
  148. c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
  149. Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-3-24 1219360]
  150. .
  151. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  152. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  153. "ConsentPromptBehaviorUser"= 3 (0x3)
  154. "EnableLUA"= 0 (0x0)
  155. "EnableUIADesktopToggle"= 0 (0x0)
  156. "PromptOnSecureDesktop"= 0 (0x0)
  157. .
  158. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
  159. "LoadAppInit_DLLs"=1 (0x1)
  160. .
  161. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
  162. BootExecute REG_MULTI_SZ autocheck autochk *\0\0 /sync /restart\0 /sync /restart\0 /sync /restart\0 /sync /restart\0 /sync /restart\0 /sync /restart\0 /sync /restart\0 /sync /restart\0 /sync /restart
  163. .
  164. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
  165. @="Service"
  166. .
  167. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
  168. R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
  169. R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
  170. R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
  171. R3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
  172. R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
  173. R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
  174. R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
  175. R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
  176. R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
  177. R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
  178. R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
  179. R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
  180. R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
  181. R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
  182. R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
  183. R3 PlantronicsGC;PLTGC Interface;c:\windows\system32\drivers\PLTGC.sys;c:\windows\SYSNATIVE\drivers\PLTGC.sys [x]
  184. R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
  185. R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
  186. R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
  187. R3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
  188. R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
  189. R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
  190. R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
  191. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
  192. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
  193. R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
  194. R3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
  195. R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
  196. R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
  197. R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
  198. R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
  199. R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
  200. R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
  201. S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
  202. S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
  203. S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
  204. S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
  205. S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
  206. S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
  207. S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
  208. S2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
  209. S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
  210. S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
  211. S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
  212. S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
  213. S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
  214. S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
  215. S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
  216. S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsnxc64.sys;c:\windows\SYSNATIVE\drivers\risdsnxc64.sys [x]
  217. S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
  218. S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
  219. S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
  220. S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
  221. S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
  222. S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
  223. S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
  224. S3 bpmp;Intel(R) Centrino(R) WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys;c:\windows\SYSNATIVE\DRIVERS\bpmp.sys [x]
  225. S3 bpusb;Intel(R) Centrino(R) WiMAX 6050 Series Function Driver;c:\windows\system32\Drivers\bpusb.sys;c:\windows\SYSNATIVE\Drivers\bpusb.sys [x]
  226. S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
  227. S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
  228. S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
  229. S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
  230. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
  231. S3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
  232. S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
  233. S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
  234. S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
  235. S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
  236. S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
  237. S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
  238. S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
  239. S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
  240. .
  241. .
  242. --- Other Services/Drivers In Memory ---
  243. .
  244. *NewlyCreated* - WS2IFSL
  245. .
  246. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
  247. 2015-11-26 05:49 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
  248. .
  249. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
  250. 2015-09-30 20:47 285880 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
  251. .
  252. Contents of the 'Scheduled Tasks' folder
  253. .
  254. 2015-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
  255. - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14 07:20]
  256. .
  257. 2015-11-26 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-1408378333-440657295-2540018975-1000.job
  258. - c:\program files (x86)\Citrix\GoToMeeting\3880\g2mupdate.exe [2015-11-06 17:48]
  259. .
  260. 2015-11-26 c:\windows\Tasks\G2MUploadTask-S-1-5-21-1408378333-440657295-2540018975-1000.job
  261. - c:\program files (x86)\Citrix\GoToMeeting\3880\g2mupload.exe [2015-11-06 17:48]
  262. .
  263. 2015-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  264. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03 19:40]
  265. .
  266. 2015-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  267. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03 19:40]
  268. .
  269. 2015-11-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408378333-440657295-2540018975-1000Core.job
  270. - c:\users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-28 00:40]
  271. .
  272. 2015-11-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408378333-440657295-2540018975-1000UA.job
  273. - c:\users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-28 00:40]
  274. .
  275. 2015-11-26 c:\windows\Tasks\SlimDrivers Startup.job
  276. - c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 17:49]
  277. .
  278. .
  279. --------- X64 Entries -----------
  280. .
  281. .
  282. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  283. "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2000-01-01 1392496]
  284. "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
  285. "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-30 1337000]
  286. "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2000-01-01 1392496]
  287. "GamecomSound"="c:\program files\Plantronics\GameCom780\GameCom780.exe" [2013-03-22 776480]
  288. "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-12 2757424]
  289. "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-11-12 1828160]
  290. "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 13874392]
  291. .
  292. ------- Supplementary Scan -------
  293. .
  294. uLocal Page = c:\windows\system32\blank.htm
  295. uStart Page = hxxp://www.google.com/
  296. mLocal Page = c:\windows\SysWOW64\blank.htm
  297. uInternet Settings,ProxyOverride = *.local
  298. IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
  299. IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
  300. TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
  301. Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
  302. .
  303. - - - - ORPHANS REMOVED - - - -
  304. .
  305. BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
  306. HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
  307. HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
  308. AddRemove-{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF} - c:\programdata\{AA28280A-C4CA-4B4F-9DF1-593032D2F3EC}\VAIO Messenger Setup 2.0.550.0.exe
  309. .
  310. .
  311. .
  312. --------------------- LOCKED REGISTRY KEYS ---------------------
  313. .
  314. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
  315. @Denied: (A 2) (Everyone)
  316. @="FlashBroker"
  317. "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe,-101"
  318. .
  319. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
  320. "Enabled"=dword:00000001
  321. .
  322. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
  323. @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe"
  324. .
  325. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
  326. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  327. .
  328. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
  329. @Denied: (A 2) (Everyone)
  330. @="IFlashBroker6"
  331. .
  332. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
  333. @="{00020424-0000-0000-C000-000000000046}"
  334. .
  335. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
  336. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  337. "Version"="1.0"
  338. .
  339. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
  340. @Denied: (A 2) (Everyone)
  341. @="FlashBroker"
  342. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe,-101"
  343. .
  344. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
  345. "Enabled"=dword:00000001
  346. .
  347. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
  348. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe"
  349. .
  350. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
  351. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  352. .
  353. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  354. @Denied: (A 2) (Everyone)
  355. @="Shockwave Flash Object"
  356. .
  357. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  358. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx"
  359. "ThreadingModel"="Apartment"
  360. .
  361. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  362. @="0"
  363. .
  364. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  365. @="ShockwaveFlash.ShockwaveFlash.19"
  366. .
  367. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  368. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1"
  369. .
  370. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  371. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  372. .
  373. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  374. @="1.0"
  375. .
  376. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  377. @="ShockwaveFlash.ShockwaveFlash"
  378. .
  379. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  380. @Denied: (A 2) (Everyone)
  381. @="Macromedia Flash Factory Object"
  382. .
  383. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  384. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx"
  385. "ThreadingModel"="Apartment"
  386. .
  387. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  388. @="FlashFactory.FlashFactory.1"
  389. .
  390. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  391. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1"
  392. .
  393. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  394. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  395. .
  396. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  397. @="1.0"
  398. .
  399. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  400. @="FlashFactory.FlashFactory"
  401. .
  402. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
  403. @Denied: (A 2) (Everyone)
  404. @="IFlashBroker6"
  405. .
  406. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
  407. @="{00020424-0000-0000-C000-000000000046}"
  408. .
  409. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
  410. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  411. "Version"="1.0"
  412. .
  413. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  414. @Denied: (A) (Everyone)
  415. "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
  416. .
  417. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  418. @Denied: (A) (Everyone)
  419. .
  420. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  421. "Key"="ActionsPane3"
  422. "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
  423. .
  424. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  425. @Denied: (A) (Users)
  426. @Denied: (A) (Everyone)
  427. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  428. "BlindDial"=dword:00000000
  429. .
  430. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  431. @Denied: (Full) (Everyone)
  432. .
  433. ------------------------ Other Running Processes ------------------------
  434. .
  435. c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  436. c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
  437. c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
  438. c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
  439. c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
  440. c:\windows\SysWOW64\DllHost.exe
  441. c:\windows\SysWOW64\DllHost.exe
  442. c:\program files (x86)\Steam\bin\steamwebhelper.exe
  443. c:\windows\SysWOW64\RunDll32.exe
  444. c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
  445. c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  446. .
  447. **************************************************************************
  448. .
  449. Completion time: 2015-11-26 17:52:05 - machine was rebooted
  450. ComboFix-quarantined-files.txt 2015-11-26 22:51
  451. .
  452. Pre-Run: 181,293,572,096 bytes free
  453. Post-Run: 182,566,563,840 bytes free
  454. .
  455. - - End Of File - - 55A7E06FE3A3FE0D8A77F55C5278ED19
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!