API tools faq
paste
Advertisement
Guest User

combofix report

a guest
Feb 15th, 2014
123
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
F# 33.55 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 14-02-14.01 - ASUS 15.02.2014  16:49:34.2.8 - x64
  2. Microsoft Windows 7 Ultimate   6.1.7601.1.1254.90.1055.18.8077.5349 [GMT 2:00]
  3. Running from: c:\users\ASUS\Downloads\ComboFix.exe
  4. AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
  5. FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
  6. SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
  7. SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8. .
  9. .
  10. (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
  11. .
  12. .
  13. c:\windows\PFRO.log
  14. .
  15. .
  16. (((((((((((((((((((((((((   Files Created from 2014-01-15 to 2014-02-15  )))))))))))))))))))))))))))))))
  17. .
  18. .
  19. 2014-02-15 15:05 . 2014-02-15 15:05 --------    d-----w-    c:\users\Public\AppData\Local\temp
  20. 2014-02-15 15:05 . 2014-02-15 15:05 --------    d-----w-    c:\users\Default\AppData\Local\temp
  21. 2014-02-14 21:08 . 2013-05-10 05:56 12625920    ----a-w-    c:\windows\system32\wmploc.DLL
  22. 2014-02-14 21:08 . 2013-05-10 04:30 167424  ----a-w-    c:\program files\Windows Media Player\wmplayer.exe
  23. 2014-02-14 21:08 . 2013-05-10 03:48 164864  ----a-w-    c:\program files (x86)\Windows Media Player\wmplayer.exe
  24. 2014-02-14 21:08 . 2013-05-10 04:56 12625408    ----a-w-    c:\windows\SysWow64\wmploc.DLL
  25. 2014-02-14 21:08 . 2013-05-10 05:56 14631424    ----a-w-    c:\windows\system32\wmp.dll
  26. 2014-02-14 20:56 . 2014-02-14 20:56 --------    d-----w-    c:\windows\Migration
  27. 2014-02-14 20:55 . 2013-10-14 16:00 28368   ----a-w-    c:\windows\system32\IEUDINIT.EXE
  28. 2014-02-14 20:37 . 2014-02-14 20:37 --------    d-----w-    c:\program files (x86)\SkypeWebPlugin
  29. 2014-02-14 20:28 . 2013-10-19 02:18 81408   ----a-w-    c:\windows\system32\imagehlp.dll
  30. 2014-02-14 20:23 . 2013-10-12 02:32 150016  ----a-w-    c:\windows\system32\wshom.ocx
  31. 2014-02-14 20:23 . 2013-10-12 02:31 202752  ----a-w-    c:\windows\system32\scrrun.dll
  32. 2014-02-14 20:23 . 2013-10-12 02:04 121856  ----a-w-    c:\windows\SysWow64\wshom.ocx
  33. 2014-02-14 20:23 . 2013-10-12 02:03 163840  ----a-w-    c:\windows\SysWow64\scrrun.dll
  34. 2014-02-14 20:23 . 2013-10-12 01:33 156160  ----a-w-    c:\windows\system32\cscript.exe
  35. 2014-02-14 20:23 . 2013-10-12 01:33 168960  ----a-w-    c:\windows\system32\wscript.exe
  36. 2014-02-14 20:23 . 2013-10-12 01:15 141824  ----a-w-    c:\windows\SysWow64\wscript.exe
  37. 2014-02-14 20:23 . 2013-10-12 01:15 126976  ----a-w-    c:\windows\SysWow64\cscript.exe
  38. 2014-02-14 15:46 . 2014-02-14 17:05 --------    d-----w-    c:\users\ASUS\MPLABXProjects
  39. 2014-02-13 23:36 . 2011-09-21 06:09 453632  ----a-w-    c:\windows\system32\wbem\repdrvfs.dll
  40. 2014-02-10 20:23 . 2014-02-10 20:23 830648  ----a-w-    c:\windows\system32\drivers\vdbus.sys
  41. 2014-02-10 20:23 . 2014-02-10 20:23 682888  ----a-w-    c:\windows\system32\drivers\cbvd.sys
  42. 2014-02-10 20:23 . 2014-02-10 20:23 236320  ----a-w-    c:\windows\system32\drivers\CBUFS.sys
  43. 2014-02-10 20:23 . 2014-02-10 20:23 87512   ----a-w-    c:\windows\system32\drivers\bdisk.sys
  44. 2014-02-10 20:23 . 2014-02-10 20:23 679792  ----a-w-    c:\windows\system32\drivers\CBreparse.sys
  45. 2014-02-07 01:40 . 2014-02-07 01:40 --------    d-----w-    c:\users\ASUS\AppData\Local\WpfApplication1
  46. 2014-02-06 00:20 . 2008-05-15 01:28 26624   ----a-w-    c:\windows\system32\drivers\jswpslwfx.sys
  47. 2014-02-06 00:19 . 2014-02-06 00:20 --------    d-----w-    c:\program files (x86)\Jumpstart
  48. 2014-02-06 00:19 . 2014-02-06 00:20 --------    d-----w-    c:\programdata\Atheros
  49. 2014-02-05 23:34 . 2014-02-05 23:34 --------    d-----w-    c:\users\ASUS\AppData\Local\Line
  50. 2014-02-05 23:34 . 2014-02-05 23:34 --------    d-----w-    c:\program files (x86)\Naver
  51. 2014-02-05 17:43 . 2014-02-05 17:43 --------    d-----w-    c:\users\ASUS\AppData\Local\SkypeWebPlugin
  52. 2014-02-04 22:17 . 2014-02-04 22:44 --------    d-----w-    c:\users\ASUS\Heaven
  53. 2014-02-04 21:44 . 2014-02-04 21:44 --------    d-----w-    c:\program files (x86)\Unigine
  54. 2014-02-04 16:37 . 2014-02-04 16:37 --------    d-----w-    c:\users\ASUS\AppData\Roaming\ProductData
  55. 2014-01-30 20:54 . 2014-01-30 20:54 57096   ----a-w-    c:\windows\system32\certsentry.dll
  56. 2014-01-30 15:38 . 2014-02-04 16:18 119000  ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
  57. 2014-01-28 00:10 . 2013-08-13 13:00 1002728 ----a-w-    c:\windows\system32\WinUSBCoInstaller2.dll
  58. 2014-01-20 13:16 . 2014-01-20 13:16 --------    d-----w-    c:\users\ASUS\AppData\Local\CrystalDiskMark
  59. 2014-01-16 15:20 . 2014-01-21 20:21 --------    d-----w-    c:\users\ASUS\Cloud@Mail.Ru
  60. 2014-01-16 15:20 . 2014-01-16 15:20 --------    d-----w-    c:\users\ASUS\AppData\Local\Mail.Ru
  61. .
  62. .
  63. .
  64. ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
  65. .
  66. 2014-02-04 17:09 . 2013-02-08 11:47 88567024    ----a-w-    c:\windows\system32\MRT.exe
  67. 2014-01-30 20:54 . 2013-03-28 19:17 48392   ----a-w-    c:\windows\SysWow64\certsentry.dll
  68. 2014-01-15 17:22 . 2013-06-20 16:48 3897568 ----a-w-    c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
  69. 2014-01-07 12:36 . 2014-01-07 12:36 1720192 ----a-w-    c:\windows\system32\WdfCoInstaller01009.dll
  70. 2013-12-16 12:05 . 2013-02-08 09:58 387 ----a-w-    c:\users\ASUS\AppData\Roaming\sp_data.sys
  71. 2013-11-29 16:56 . 2013-10-29 19:15 1096480 ----a-w-    c:\windows\system32\nvspcap64.dll
  72. 2013-11-29 16:56 . 2013-10-29 19:15 979744  ----a-w-    c:\windows\SysWow64\nvspcap.dll
  73. 2013-11-21 15:17 . 2013-11-03 08:08 239616  ----a-w-    c:\windows\system32\USBAccessLink.dll
  74. 2013-11-21 15:17 . 2013-11-03 08:08 196608  ----a-w-    c:\windows\SysWow64\USBAccessLink.dll
  75. .
  76. .
  77. (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
  78. .
  79. .
  80. *Note* empty entries & legit default entries are not shown
  81. REGEDIT4
  82. .
  83. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  84. @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  85. [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  86. 2013-09-10 23:54    131248  ----a-w-    c:\users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
  87. .
  88. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  89. @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  90. [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  91. 2013-09-10 23:54    131248  ----a-w-    c:\users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
  92. .
  93. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  94. @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  95. [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  96. 2013-09-10 23:54    131248  ----a-w-    c:\users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
  97. .
  98. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  99. @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  100. [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  101. 2013-09-10 23:54    131248  ----a-w-    c:\users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
  102. .
  103. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  104. "AdobeBridge"="" [BU]
  105. "cis.exe"="c:\program files\COMODO\COMODO Internet Security\cis.exe" [2013-11-20 8788696]
  106. "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
  107. .
  108. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  109. "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
  110. "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
  111. "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
  112. "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
  113. "jswtrayutil"="c:\program files (x86)\Jumpstart\jswtrayutil.exe" [2008-09-26 528384]
  114. .
  115. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  116. "ConsentPromptBehaviorAdmin"= 5 (0x5)
  117. "ConsentPromptBehaviorUser"= 3 (0x3)
  118. "EnableUIADesktopToggle"= 0 (0x0)
  119. .
  120. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
  121. "LoadAppInit_DLLs"=1 (0x1)
  122. "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
  123. .
  124. R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog64.sys;c:\windows\SYSNATIVE\drivers\AntiLog64.sys [x]
  125. R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
  126. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
  127. R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
  128. R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
  129. R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokolü;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
  130. R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
  131. R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;e:\i386\AsPrOb64.sys;e:\i386\AsPrOb64.sys [x]
  132. R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
  133. R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
  134. R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
  135. R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
  136. R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
  137. R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
  138. R3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files (x86)\Jumpstart\jswpsapi.exe;c:\program files (x86)\Jumpstart\jswpsapi.exe [x]
  139. R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
  140. R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
  141. R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
  142. R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
  143. R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
  144. R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
  145. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
  146. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
  147. R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
  148. R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
  149. R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
  150. S0 bdisk;Comodo Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys;c:\windows\SYSNATIVE\drivers\bdisk.sys [x]
  151. S0 CBUfs;CBUfs;c:\windows\system32\drivers\CBUFS.sys;c:\windows\SYSNATIVE\drivers\CBUFS.sys [x]
  152. S0 cbvd;Comodo Backup Virtual Disk;c:\windows\system32\DRIVERS\cbvd.sys;c:\windows\SYSNATIVE\DRIVERS\cbvd.sys [x]
  153. S0 iusb3hcs;Intel(R) USB 3.0 Ana Bilgisayar Denetleyici Değiştirici Sürücüsü;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
  154. S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
  155. S0 reparse;reparse;c:\windows\system32\DRIVERS\cbreparse.sys;c:\windows\SYSNATIVE\DRIVERS\cbreparse.sys [x]
  156. S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
  157. S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
  158. S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
  159. S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
  160. S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
  161. S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys;c:\windows\SYSNATIVE\DRIVERS\jswpslwfx.sys [x]
  162. S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
  163. S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
  164. S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
  165. S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
  166. S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
  167. S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
  168. S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
  169. S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
  170. S2 COSService.exe;COMODO Online Storage Service;c:\program files\COMODO\COMMON\COSService.exe;c:\program files\COMODO\COMMON\COSService.exe [x]
  171. S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
  172. S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
  173. S2 GeekBuddyRSP;GeekBuddyRSP Service;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
  174. S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
  175. S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
  176. S2 jswpbapi;JumpStart Push-Button Service;c:\program files (x86)\Jumpstart\jswpbapi.exe;c:\program files (x86)\Jumpstart\jswpbapi.exe [x]
  177. S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
  178. S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
  179. S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
  180. S2 SynchronizationService.exe;COMODO BackUp Service;c:\program files\COMODO\COMMON\SynchronizationService.exe;c:\program files\COMODO\COMMON\SynchronizationService.exe [x]
  181. S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
  182. S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
  183. S2 WTGService;WTGService;c:\program files (x86)\AveaConnectionManager\WTGService.exe;c:\program files (x86)\AveaConnectionManager\WTGService.exe [x]
  184. S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
  185. S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Sanal Bağdaştırıcısı;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
  186. S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
  187. S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
  188. S3 ATP;ASUS PS/2 Port Input Device;c:\windows\system32\DRIVERS\AsusTP.sys;c:\windows\SYSNATIVE\DRIVERS\AsusTP.sys [x]
  189. S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
  190. S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
  191. S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
  192. S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
  193. S3 iusb3hub;Intel(R) USB 3.0 Hub Sürücüsü;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
  194. S3 iusb3xhc;Intel(R) USB 3.0 Genişletilebilir Ana Bilgisayar Denetleyici Sürücüsü;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
  195. S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
  196. S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
  197. S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
  198. S3 vdbus;Virtual Disk Bus Enumerator;c:\windows\system32\DRIVERS\vdbus.sys;c:\windows\SYSNATIVE\DRIVERS\vdbus.sys [x]
  199. .
  200. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
  201. start [BU]
  202. .
  203. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
  204. 2014-02-04 02:05    1211720 ----a-w-    c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
  205. .
  206. Contents of the 'Scheduled Tasks' folder
  207. .
  208. 2014-02-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3536734130-3265028361-2442345767-1000Core.job
  209. - c:\users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-08 02:23]
  210. .
  211. 2014-02-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3536734130-3265028361-2442345767-1000UA.job
  212. - c:\users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-08 02:23]
  213. .
  214. 2014-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  215. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 10:44]
  216. .
  217. 2014-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  218. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 10:44]
  219. .
  220. 2013-11-04 c:\windows\Tasks\User_Feed_Synchronization-{31FB8002-5FED-42D9-990C-5F8A50982F94}.job
  221. - c:\windows\system32\msfeedssync.exe [2014-02-14 20:46]
  222. .
  223. .
  224. --------- X64 Entries -----------
  225. .
  226. .
  227. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
  228. 2014-02-04 16:36    2471744 ----a-w-    c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
  229. .
  230. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveIconOverlay]
  231. @="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"
  232. [HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]
  233. 2014-02-10 20:23    7202496 ----a-w-    c:\program files\COMODO\COMMON\ShellExtension.dll
  234. .
  235. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemInSyncIconOverlay]
  236. @="{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}"
  237. [HKEY_CLASSES_ROOT\CLSID\{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}]
  238. 2014-02-10 20:23    7202496 ----a-w-    c:\program files\COMODO\COMMON\ShellExtension.dll
  239. .
  240. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemModifiedIconOverlay]
  241. @="{AE67D273-7253-4236-B55E-D40055B305D6}"
  242. [HKEY_CLASSES_ROOT\CLSID\{AE67D273-7253-4236-B55E-D40055B305D6}]
  243. 2014-02-10 20:23    7202496 ----a-w-    c:\program files\COMODO\COMMON\ShellExtension.dll
  244. .
  245. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemNewIconOverlay]
  246. @="{022F23E9-DA0F-4A86-A728-CAF6150C0B63}"
  247. [HKEY_CLASSES_ROOT\CLSID\{022F23E9-DA0F-4A86-A728-CAF6150C0B63}]
  248. 2014-02-10 20:23    7202496 ----a-w-    c:\program files\COMODO\COMMON\ShellExtension.dll
  249. .
  250. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemUnsynchronizedIconOverlay]
  251. @="{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}"
  252. [HKEY_CLASSES_ROOT\CLSID\{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}]
  253. 2014-02-10 20:23    7202496 ----a-w-    c:\program files\COMODO\COMMON\ShellExtension.dll
  254. .
  255. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  256. @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  257. [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  258. 2013-09-10 23:54    164016  ----a-w-    c:\users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
  259. .
  260. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  261. @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  262. [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  263. 2013-09-10 23:54    164016  ----a-w-    c:\users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
  264. .
  265. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  266. @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  267. [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  268. 2013-09-10 23:54    164016  ----a-w-    c:\users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
  269. .
  270. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  271. @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  272. [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  273. 2013-09-10 23:54    164016  ----a-w-    c:\users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
  274. .
  275. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  276. "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
  277. "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-02 170264]
  278. "ASUS Quick Gesture (x86)"="c:\program files (x86)\asus\asus smart gesture\quickgesture\x86\quickgesture.exe" [2012-07-13 17376]
  279. "ASUS TP Center (x64)"="c:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asustpcenter.exe" [2012-07-13 235488]
  280. "ASUS Quick Gesture (x64)"="c:\program files (x86)\asus\asus smart gesture\quickgesture\x64\quickgesture64.exe" [2012-07-13 19424]
  281. "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
  282. "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-29 1096480]
  283. "USB3MON"="c:\program files (x86)\intel\intel(r) usb 3.0 extensible host controller driver\application\iusb3mon.exe" [2012-03-26 291608]
  284. "RTHDVCPL"="c:\program files\realtek\audio\hda\ravcpl64.exe" [2012-07-02 12921488]
  285. "RtHDVBg"="c:\program files\realtek\audio\hda\ravbg64.exe" [2012-07-10 1214608]
  286. .
  287. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  288. "AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
  289. .
  290. ------- Supplementary Scan -------
  291. .
  292. uLocal Page = c:\windows\system32\blank.htm
  293. uStart Page = hxxp://www.bing.com/
  294. mStart Page = hxxp://www.google.com
  295. mLocal Page = c:\windows\SysWOW64\blank.htm
  296. IE: Download all links with IDM - c:\users\ASUS\Desktop\Programlar\IEGetAll.htm
  297. IE: Download with IDM - c:\users\ASUS\Desktop\Programlar\IEExt.htm
  298. IE: Microsoft Excel'e &Ver - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
  299. Trusted Zone: alipay.com
  300. Trusted Zone: alisoft.com
  301. Trusted Zone: taobao.com
  302. TCP: DhcpNameServer = 192.168.1.1
  303. TCP: Interfaces\{DA65CE73-B608-40A1-86CA-C8BF5E51DCDF}: NameServer = 160.75.100.20,160.75.2.20
  304. .
  305. - - - - ORPHANS REMOVED - - - -
  306. .
  307. BHO-{081524f7-7ed8-43ff-b01e-915c410a9cbe} - (no file)
  308. .
  309. .
  310. .
  311. --------------------- LOCKED REGISTRY KEYS ---------------------
  312. .
  313. [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
  314. @Denied: (2) (LocalSystem)
  315. "Progid"="PhotoManagerDeluxe.8.alb"
  316. .
  317. [HKEY_USERS\S-1-5-21-3536734130-3265028361-2442345767-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F478FB47-8B4E-C975-1444-CD7EDC04C553}*]
  318. "jafkblmlhodmgamefane"=hex:64,62,70,6f,62,66,67,70,65,66,65,68,66,61,68,68,6e,
  319.   70,6f,61,67,66,62,6d,6b,6a,6d,64,6d,64,6b,70,62,6a,69,69,67,6c,6d,69,00,3e
  320. .
  321. [HKEY_USERS\S-1-5-21-3536734130-3265028361-2442345767-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
  322. @Denied: (Full) (Everyone)
  323. @Allowed: (Read) (RestrictedCode)
  324. "scansk"=hex(0):0e,c1,25,2b,65,0d,a9,af,9a,1b,33,10,56,aa,f7,e1,92,f8,80,94,e6,
  325.   70,be,94,35,c8,9c,9a,fb,5e,16,2c,01,2a,64,7a,51,1c,59,15,00,00,00,00,00,00,\
  326. .
  327. [HKEY_USERS\S-1-5-21-3536734130-3265028361-2442345767-1000_Classes\Wow6432Node\CLSID\{d1250aa6-3005-4431-a0c8-3945cc4632f0}]
  328. @Denied: (Full) (Everyone)
  329. @Allowed: (Read) (RestrictedCode)
  330. "Model"=dword:00000075
  331. "Therad"=dword:0000000f
  332. "SpecVersion"=dword:00000068
  333. .
  334. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  335. @Denied: (A 2) (Everyone)
  336. @="FlashBroker"
  337. "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
  338. .
  339. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
  340. "Enabled"=dword:00000001
  341. .
  342. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
  343. @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
  344. .
  345. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
  346. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  347. .
  348. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  349. @Denied: (A 2) (Everyone)
  350. @="IFlashBroker5"
  351. .
  352. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
  353. @="{00020424-0000-0000-C000-000000000046}"
  354. .
  355. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
  356. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  357. "Version"="1.0"
  358. .
  359. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  360. @Denied: (A 2) (Everyone)
  361. @="FlashBroker"
  362. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
  363. .
  364. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
  365. "Enabled"=dword:00000001
  366. .
  367. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
  368. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
  369. .
  370. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
  371. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  372. .
  373. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  374. @Denied: (A 2) (Everyone)
  375. @="Shockwave Flash Object"
  376. .
  377. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  378. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
  379. "ThreadingModel"="Apartment"
  380. .
  381. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  382. @="0"
  383. .
  384. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  385. @="ShockwaveFlash.ShockwaveFlash.11"
  386. .
  387. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  388. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
  389. .
  390. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  391. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  392. .
  393. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  394. @="1.0"
  395. .
  396. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  397. @="ShockwaveFlash.ShockwaveFlash"
  398. .
  399. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  400. @Denied: (A 2) (Everyone)
  401. @="Macromedia Flash Factory Object"
  402. .
  403. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  404. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
  405. "ThreadingModel"="Apartment"
  406. .
  407. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  408. @="FlashFactory.FlashFactory.1"
  409. .
  410. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  411. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
  412. .
  413. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  414. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  415. .
  416. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  417. @="1.0"
  418. .
  419. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  420. @="FlashFactory.FlashFactory"
  421. .
  422. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
  423. @Denied: (A 2) (Everyone)
  424. @="IFlashBroker3"
  425. .
  426. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
  427. @="{00020424-0000-0000-C000-000000000046}"
  428. .
  429. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
  430. @="{6EF568F4-D437-4466-AA63-A3645136D93E}"
  431. "Version"="1.0"
  432. .
  433. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
  434. @Denied: (A 2) (Everyone)
  435. @="IFlashBroker"
  436. .
  437. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
  438. @="{00020424-0000-0000-C000-000000000046}"
  439. .
  440. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
  441. @="{6EF568F4-D437-4466-AA63-A3645136D93E}"
  442. "Version"="1.0"
  443. .
  444. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  445. @Denied: (A 2) (Everyone)
  446. @="IFlashBroker5"
  447. .
  448. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
  449. @="{00020424-0000-0000-C000-000000000046}"
  450. .
  451. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
  452. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  453. "Version"="1.0"
  454. .
  455. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
  456. @Denied: (A 2) (Everyone)
  457. @="IFlashBroker2"
  458. .
  459. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
  460. @="{00020424-0000-0000-C000-000000000046}"
  461. .
  462. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
  463. @="{6EF568F4-D437-4466-AA63-A3645136D93E}"
  464. "Version"="1.0"
  465. .
  466. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
  467. @="?????????????????? v1"
  468. .
  469. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
  470. @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
  471. .
  472. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
  473. @="?????????????????? v2"
  474. .
  475. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
  476. @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
  477. .
  478. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  479. @Denied: (A) (Users)
  480. @Denied: (A) (Everyone)
  481. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  482. "BlindDial"=dword:00000000
  483. .
  484. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  485. @Denied: (A) (Users)
  486. @Denied: (A) (Everyone)
  487. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  488. "BlindDial"=dword:00000000
  489. .
  490. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  491. @Denied: (Full) (Everyone)
  492. .
  493. Completion time: 2014-02-15  17:09:59
  494. ComboFix-quarantined-files.txt  2014-02-15 15:09
  495. ComboFix2.txt  2013-10-04 18:07
  496. .
  497. Pre-Run: 10.026.962.944 bayt boş
  498. Post-Run: 10.159.820.800 bayt boş
  499. .
  500. - - End Of File - - BA64903539CCB61756D1BD452282C49A
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!