API tools faq
paste
Advertisement
Guest User

combolog

a guest
Mar 23rd, 2014
40
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.76 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 14-03-23.01 - Joe Matthews 23/03/2014 16:07:25.1.2 - x64
  2. Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2811.1234 [GMT 0:00]
  3. Running from: c:\users\Joe Matthews\Downloads\ComboFix.exe
  4. AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
  5. SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
  6. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  7. .
  8. .
  9. ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
  10. .
  11. .
  12. C:\install.exe
  13. c:\users\Public\videos\HP MediaSmart Demo.exe
  14. .
  15. .
  16. ((((((((((((((((((((((((( Files Created from 2014-02-23 to 2014-03-23 )))))))))))))))))))))))))))))))
  17. .
  18. .
  19. 2014-03-23 16:19 . 2014-03-23 16:19 -------- d-----w- c:\users\Natalie\AppData\Local\temp
  20. 2014-03-23 16:19 . 2014-03-23 16:19 -------- d-----w- c:\users\Default\AppData\Local\temp
  21. 2014-03-23 13:33 . 2014-03-23 13:33 -------- d-----w- c:\users\Joe Matthews\AppData\Local\Skype
  22. 2014-03-23 13:32 . 2014-03-23 13:32 -------- d-----w- c:\program files (x86)\Common Files\Skype
  23. 2014-03-22 23:54 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
  24. 2014-03-22 23:54 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
  25. 2014-03-22 23:54 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
  26. 2014-03-22 23:54 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
  27. 2014-03-22 23:53 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
  28. 2014-03-22 23:53 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
  29. 2014-03-22 23:18 . 2014-03-22 23:18 -------- d-----w- c:\users\Joe Matthews\AppData\Roaming\Malwarebytes
  30. 2014-03-22 23:18 . 2014-03-22 23:18 -------- d-----w- c:\programdata\Malwarebytes
  31. 2014-03-22 23:18 . 2014-03-22 23:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
  32. 2014-03-22 23:18 . 2013-04-04 14:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
  33. 2014-03-22 15:15 . 2014-03-15 08:41 46704 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
  34. 2014-03-22 15:15 . 2014-03-15 08:40 93808 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
  35. 2014-03-22 15:15 . 2014-03-15 08:40 170960 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
  36. 2014-03-22 15:15 . 2014-03-15 08:40 28272 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-hang-ui.exe
  37. 2014-03-22 15:15 . 2010-03-18 16:15 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
  38. 2014-03-22 15:15 . 2010-03-18 16:15 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
  39. 2014-03-22 15:15 . 2014-03-15 08:40 75376 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
  40. 2014-03-22 00:55 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
  41. 2014-03-22 00:55 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
  42. 2014-03-22 00:55 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
  43. 2014-03-22 00:55 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
  44. 2014-03-22 00:55 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
  45. 2014-03-22 00:46 . 2014-03-22 00:46 -------- d-----w- c:\windows\Migration
  46. 2014-03-22 00:40 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
  47. 2014-03-22 00:40 . 2013-10-02 04:38 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
  48. 2014-03-22 00:40 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
  49. 2014-03-22 00:40 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
  50. 2014-03-22 00:40 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
  51. 2014-03-22 00:39 . 2013-10-02 01:29 62976 ----a-w- c:\windows\system32\tsgqec.dll
  52. 2014-03-22 00:39 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
  53. 2014-03-22 00:39 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
  54. 2014-03-22 00:39 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
  55. 2014-03-22 00:39 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
  56. 2014-03-22 00:39 . 2013-10-02 00:08 83968 ----a-w- c:\windows\system32\TSWbPrxy.exe
  57. 2014-03-22 00:39 . 2013-10-01 23:58 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
  58. 2014-03-22 00:39 . 2013-10-02 00:01 420864 ----a-w- c:\windows\system32\wksprt.exe
  59. 2014-03-22 00:39 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
  60. 2014-03-22 00:39 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
  61. 2014-03-22 00:39 . 2013-10-01 23:08 855552 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
  62. 2014-03-22 00:39 . 2013-10-02 00:15 1057280 ----a-w- c:\windows\system32\rdvidcrl.dll
  63. 2014-03-22 00:25 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
  64. 2014-03-22 00:24 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
  65. 2014-03-22 00:24 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
  66. 2014-03-22 00:24 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
  67. 2014-03-22 00:24 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
  68. 2014-03-22 00:24 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
  69. 2014-03-22 00:24 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
  70. 2014-03-22 00:21 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
  71. 2014-03-22 00:21 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
  72. 2014-03-22 00:21 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
  73. 2014-03-22 00:21 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
  74. 2014-03-22 00:21 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
  75. 2014-03-22 00:21 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
  76. 2014-03-22 00:21 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
  77. 2014-03-22 00:00 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
  78. 2014-03-22 00:00 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
  79. 2014-03-21 23:57 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
  80. 2014-03-21 23:57 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
  81. 2014-03-21 23:57 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
  82. 2014-03-21 23:57 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
  83. 2014-03-21 23:57 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
  84. 2014-03-21 23:57 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
  85. 2014-03-21 23:55 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\SysWow64\tquery.dll
  86. 2014-03-21 23:54 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
  87. 2014-03-21 23:53 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
  88. 2014-03-21 23:52 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
  89. 2014-03-21 23:52 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
  90. 2014-03-21 23:45 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
  91. 2014-03-21 23:43 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
  92. 2014-03-21 23:43 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
  93. 2014-03-21 23:34 . 2014-03-21 23:37 -------- d-----w- c:\windows\system32\MRT
  94. 2014-03-21 23:00 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
  95. 2014-03-21 23:00 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
  96. 2014-03-21 16:15 . 2014-03-21 16:17 -------- d-----w- c:\programdata\Freemake
  97. 2014-03-21 16:14 . 2014-03-21 16:15 -------- d-----w- c:\program files (x86)\Freemake
  98. 2014-03-21 16:11 . 2014-03-21 16:11 -------- d-----w- c:\users\Joe Matthews\AppData\Local\Programs
  99. 2014-03-21 09:43 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
  100. 2014-03-21 09:43 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
  101. 2014-03-21 09:43 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
  102. 2014-03-21 09:43 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
  103. 2014-03-21 09:36 . 2014-03-17 10:16 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68E72168-9255-4685-AA2D-E339E803F720}\mpengine.dll
  104. 2014-03-21 02:40 . 2013-10-14 18:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
  105. 2014-03-21 02:36 . 2014-03-21 02:36 878080 ----a-w- c:\windows\system32\advapi32.dll
  106. 2014-03-20 20:35 . 2014-03-21 16:02 -------- d-----w- c:\programdata\PMS
  107. 2014-03-20 20:35 . 2014-03-20 20:35 -------- d-----w- c:\program files (x86)\PS3 Media Server
  108. 2014-03-20 14:09 . 2014-03-20 14:09 1887232 ----a-w- c:\windows\system32\d3d11.dll
  109. 2014-03-20 14:09 . 2014-03-20 14:09 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
  110. 2014-03-18 16:56 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
  111. 2014-03-18 16:56 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
  112. 2014-03-18 16:56 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
  113. 2014-03-18 16:56 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
  114. 2014-03-18 16:55 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
  115. 2014-03-18 16:55 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
  116. 2014-03-18 16:55 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
  117. 2014-03-18 16:55 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
  118. 2014-03-18 16:55 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
  119. 2014-03-18 16:55 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
  120. 2014-03-18 16:55 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
  121. 2014-03-18 16:55 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
  122. 2014-03-18 16:54 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
  123. 2014-03-18 16:54 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
  124. 2014-03-18 16:54 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
  125. 2014-03-18 16:54 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
  126. 2014-03-18 16:54 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
  127. 2014-03-18 16:54 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
  128. 2014-03-18 16:54 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
  129. 2014-03-18 16:54 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
  130. 2014-03-18 16:54 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
  131. 2014-03-18 16:54 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
  132. 2014-03-18 16:52 . 2013-08-02 02:12 43520 ----a-w- c:\windows\system32\csrsrv.dll
  133. 2014-03-18 16:51 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
  134. 2014-03-18 16:51 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
  135. 2014-03-18 16:51 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
  136. 2014-03-18 16:51 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
  137. 2014-03-18 16:39 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
  138. 2014-03-18 16:39 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
  139. 2014-03-18 16:39 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
  140. 2014-03-18 16:39 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
  141. 2014-03-18 16:39 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
  142. 2014-03-18 16:39 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
  143. 2014-03-18 16:39 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
  144. .
  145. .
  146. (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
  147. .
  148. 2014-03-21 02:36 . 2014-03-21 02:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll
  149. 2014-03-18 02:36 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
  150. 2014-03-18 02:36 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
  151. 2014-03-16 15:56 . 2011-12-19 22:02 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
  152. 2014-03-16 15:56 . 2011-12-19 22:02 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
  153. 2014-03-16 15:56 . 2011-12-19 22:02 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
  154. 2014-03-16 15:56 . 2011-12-19 22:02 334136 ----a-w- c:\windows\system32\aswBoot.exe
  155. 2014-03-16 15:55 . 2011-12-19 22:01 43152 ----a-w- c:\windows\avastSS.scr
  156. 2014-03-16 13:58 . 2012-04-17 05:51 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
  157. 2014-03-16 13:58 . 2011-12-19 20:41 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  158. 2014-02-12 16:00 . 2014-03-21 14:26 20184 ----a-w- c:\windows\help\OEM\Scripts\HC_GuestEnabled.exe
  159. 2014-02-02 14:06 . 2014-03-21 14:26 21720 ----a-w- c:\windows\help\OEM\Scripts\PSGRedirector.exe
  160. 2014-01-22 14:52 . 2011-12-19 22:02 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
  161. 2014-01-14 17:02 . 2014-03-21 14:26 20184 ----a-w- c:\windows\help\OEM\Scripts\Solution_BackupAndRestoreLauncher.exe
  162. .
  163. .
  164. ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
  165. .
  166. .
  167. *Note* empty entries & legit default entries are not shown
  168. REGEDIT4
  169. .
  170. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  171. "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
  172. .
  173. [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  174. .
  175. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  176. 2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
  177. .
  178. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
  179. "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
  180. .
  181. [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  182. .
  183. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  184. "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
  185. "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-01-30 21822128]
  186. "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
  187. .
  188. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  189. "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]
  190. "UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
  191. "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
  192. "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
  193. "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
  194. "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-17 98304]
  195. "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
  196. "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-02-26 3814736]
  197. "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-16 3767096]
  198. .
  199. c:\users\Joe Matthews\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  200. CurseClientStartup.ccip [2011-12-31 0]
  201. .
  202. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  203. "ConsentPromptBehaviorAdmin"= 5 (0x5)
  204. "ConsentPromptBehaviorUser"= 3 (0x3)
  205. "EnableUIADesktopToggle"= 0 (0x0)
  206. .
  207. [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
  208. "WallpaperStyle"= 2
  209. .
  210. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
  211. @="Driver"
  212. .
  213. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
  214. "HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
  215. "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  216. "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
  217. "HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
  218. .
  219. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
  220. R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
  221. R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
  222. R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
  223. R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
  224. R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
  225. R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
  226. R3 MAUSBMOBILEPRE;Service for M-Audio MobilePre;c:\windows\system32\DRIVERS\MAudioMobilePre.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioMobilePre.sys [x]
  227. R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
  228. R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
  229. R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
  230. R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
  231. R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
  232. R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
  233. R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
  234. R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys;c:\windows\SYSNATIVE\DRIVERS\tapoas.sys [x]
  235. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
  236. R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
  237. R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
  238. S0 aswRvrt;avast! Revert; [x]
  239. S0 aswVmm;avast! VM Monitor; [x]
  240. S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
  241. S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
  242. S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
  243. S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
  244. S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
  245. S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
  246. S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
  247. S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
  248. S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
  249. S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
  250. S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
  251. S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
  252. S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
  253. S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
  254. .
  255. .
  256. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
  257. ezSharedSvc
  258. .
  259. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
  260. 2009-06-17 20:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
  261. .
  262. Contents of the 'Scheduled Tasks' folder
  263. .
  264. 2014-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job
  265. - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 13:58]
  266. .
  267. 2014-03-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1149267881-1577925851-292611512-1000Core.job
  268. - c:\users\Joe Matthews\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-13 21:50]
  269. .
  270. 2014-03-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1149267881-1577925851-292611512-1000UA.job
  271. - c:\users\Joe Matthews\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-13 21:50]
  272. .
  273. 2014-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  274. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16 14:37]
  275. .
  276. 2014-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  277. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16 14:37]
  278. .
  279. 2014-03-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1149267881-1577925851-292611512-1000Core.job
  280. - c:\users\Joe Matthews\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-16 23:47]
  281. .
  282. 2014-03-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1149267881-1577925851-292611512-1000UA.job
  283. - c:\users\Joe Matthews\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-16 23:47]
  284. .
  285. 2014-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1149267881-1577925851-292611512-1005Core.job
  286. - c:\users\Natalie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23 18:57]
  287. .
  288. 2014-03-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1149267881-1577925851-292611512-1005UA.job
  289. - c:\users\Natalie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23 18:57]
  290. .
  291. 2014-03-21 c:\windows\Tasks\HPCeeScheduleForJoe Matthews.job
  292. - c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-08-15 21:38]
  293. .
  294. .
  295. --------- X64 Entries -----------
  296. .
  297. .
  298. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
  299. @="{472083B0-C522-11CF-8763-00608CC02F24}"
  300. [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
  301. 2014-03-16 15:56 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
  302. .
  303. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
  304. @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
  305. [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
  306. 2014-01-30 15:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
  307. .
  308. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
  309. @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
  310. [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
  311. 2014-01-30 15:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
  312. .
  313. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
  314. @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
  315. [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
  316. 2014-01-30 15:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
  317. .
  318. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
  319. @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
  320. [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
  321. 2014-01-30 15:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
  322. .
  323. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
  324. @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
  325. [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
  326. 2014-01-30 15:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
  327. .
  328. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  329. "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
  330. "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
  331. "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
  332. .
  333. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
  334. "NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-03-12 21720]
  335. .
  336. ------- Supplementary Scan -------
  337. .
  338. uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_GB&c=94&bd=Pavilion&pf=cnnb
  339. uLocal Page = c:\windows\system32\blank.htm
  340. mLocal Page = c:\windows\SysWOW64\blank.htm
  341. uInternet Settings,ProxyOverride = local
  342. IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
  343. Trusted Zone: clonewarsadventures.com
  344. Trusted Zone: freerealms.com
  345. Trusted Zone: soe.com
  346. Trusted Zone: sony.com
  347. FF - ProfilePath - c:\users\Joe Matthews\AppData\Roaming\Mozilla\Firefox\Profiles\fcrlj9fr.default\
  348. FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=
  349. .
  350. - - - - ORPHANS REMOVED - - - -
  351. .
  352. BHO-{597A9974-8CB0-4f41-B61F-ED065738A397} - c:\program files (x86)\RewardsArcade\RewardsArcade.dll
  353. Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
  354. Wow6432Node-HKLM-Run-<NO NAME> - (no file)
  355. Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
  356. HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
  357. BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
  358. WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
  359. HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
  360. AddRemove-PunkBusterSvc - c:\program files (x86)\GAMERSFIRST\APB RELOADED\Binaries\pbsvc_apb.exe
  361. .
  362. .
  363. .
  364. --------------------- LOCKED REGISTRY KEYS ---------------------
  365. .
  366. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
  367. @Denied: (A 2) (Everyone)
  368. @="FlashBroker"
  369. "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
  370. .
  371. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
  372. "Enabled"=dword:00000001
  373. .
  374. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
  375. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
  376. .
  377. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
  378. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  379. .
  380. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  381. @Denied: (A 2) (Everyone)
  382. @="Shockwave Flash Object"
  383. .
  384. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  385. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
  386. "ThreadingModel"="Apartment"
  387. .
  388. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  389. @="0"
  390. .
  391. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  392. @="ShockwaveFlash.ShockwaveFlash.10"
  393. .
  394. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  395. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
  396. .
  397. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  398. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  399. .
  400. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  401. @="1.0"
  402. .
  403. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  404. @="ShockwaveFlash.ShockwaveFlash"
  405. .
  406. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  407. @Denied: (A 2) (Everyone)
  408. @="Macromedia Flash Factory Object"
  409. .
  410. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  411. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
  412. "ThreadingModel"="Apartment"
  413. .
  414. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  415. @="FlashFactory.FlashFactory.1"
  416. .
  417. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  418. @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
  419. .
  420. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  421. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  422. .
  423. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  424. @="1.0"
  425. .
  426. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  427. @="FlashFactory.FlashFactory"
  428. .
  429. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
  430. @Denied: (A 2) (Everyone)
  431. @="IFlashBroker2"
  432. .
  433. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
  434. @="{00020424-0000-0000-C000-000000000046}"
  435. .
  436. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
  437. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  438. "Version"="1.0"
  439. .
  440. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
  441. "value"="?\0c\03\1c\03!\0a?"
  442. .
  443. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  444. @Denied: (Full) (Everyone)
  445. .
  446. Completion time: 2014-03-23 16:23:36
  447. ComboFix-quarantined-files.txt 2014-03-23 16:23
  448. .
  449. Pre-Run: 29,101,813,760 bytes free
  450. Post-Run: 31,908,450,304 bytes free
  451. .
  452. - - End Of File - - 022FBA49C1E392939D02C327FD3A5799
  453. 6130C7C7C840B09FF3D75974D6C1815B
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!