Dobry den mam problem s coin minerom, tento proces mi neskutocne vytazuje procesor tak ze nejde na Notebooku pracovat a stale sa obnovuje.A nedokaze ho odstranit ani jeden antimalware co som skusal SUPERAntiSpyware, MalwareBYTES. Vzdy sa potom obnovi priecinok na C temp kde sa aplikacia nachadza..zaujimave je ze sa tento proces spusti iba ked som pripojeny na internet.
Tu je log Windows 8 prof. legalna verzia - [plati mi ju skola.
Logfile of random's system information tool 1.09 (written by random/random)
Run by SSejnt at 2013-08-07 16:08:54
Microsoft Windows 8 Pro
System drive C: has 3 GB (6%) free of 50 GB
Total RAM: 3066 MB (61% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 8bee0cfa-a9f0-488d-be60-8a3378636d4c.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task fc22301f-1534-4ee6-b345-db1638dc2d2f.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-08-19 610816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{876d9f09-c6d6-4324-a2cc-04dd9a4de12f}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26 74888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2012-08-19 383488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-08-19 610816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"PC Suite for Smartphones"=C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"SafeQClient"=C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [2012-11-21 474624]
"NI Update Service"=C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2012-11-16 853640]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\SSejnt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 116648]
"F.lux"=C:\Users\SSejnt\Local Settings\Apps\F.lux\flux.exe [2009-08-29 966656]
"Facebook Update"=C:\Users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14 138096]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-02-04 447152]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2013-06-19 9873200]
"Lingoes"=C:\Program Files (x86)\Lingoes\Translator2\Lingoes.exe [2011-10-31 2375680]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-03 19603048]
"icq"=C:\Users\SSejnt\AppData\Roaming\ICQM\icq.exe [2013-07-01 28696936]
"NIRegistrationWizard"=C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [2010-06-21 846520]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-05-15 5622512]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
NI Error Reporting.lnk - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\STDU Viewer\STDUViewerApp.exe" %1
======List of files/folders created in the last 1 month======
2013-08-07 16:08:54 ----D---- C:\rsit
2013-08-07 16:08:54 ----D---- C:\Program Files (x86)\trend micro
2013-08-06 23:45:43 ----D---- C:\temp
2013-08-06 22:06:02 ----D---- C:\Users\SSejnt\AppData\Roaming\SUPERAntiSpyware.com
2013-08-06 22:05:44 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-08-06 17:16:29 ----D---- C:\Users\SSejnt\AppData\Roaming\Malwarebytes
2013-08-06 17:16:13 ----D---- C:\ProgramData\Malwarebytes
2013-08-06 17:16:12 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-06 11:49:35 ----A---- C:\Windows\ntbtlog.txt
2013-07-23 14:46:05 ----D---- C:\ProgramData\genicam
2013-07-22 11:20:42 ----D---- C:\Users\SSejnt\AppData\Roaming\Radmin
2013-07-22 11:18:30 ----D---- C:\Program Files (x86)\Radmin Viewer 3
2013-07-18 10:34:46 ----D---- C:\Program Files (x86)\JKI
2013-07-18 08:29:58 ----ASH---- C:\pagefile.sys
2013-07-17 19:54:25 ----D---- C:\Windows\SysWOW64\cvirte
2013-07-17 13:59:43 ----SHD---- C:\Windows\SysWOW64\AI_RecycleBin
2013-07-17 13:57:12 ----D---- C:\ProgramData\JKI
2013-07-17 13:57:11 ----D---- C:\Users\SSejnt\AppData\Roaming\JKI
2013-07-17 08:45:31 ----SD---- C:\Windows\SysWOW64\Microsoft
2013-07-16 15:15:49 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-16 10:38:30 ----A---- C:\Windows\SysWOW64\explorer.exe
2013-07-16 10:38:30 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2013-07-16 10:38:30 ----A---- C:\Windows\explorer.exe
2013-07-16 10:38:26 ----A---- C:\Windows\SysWOW64\mfcore.dll
2013-07-16 10:38:19 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-16 10:38:19 ----A---- C:\Windows\SysWOW64\mscms.dll
2013-07-16 10:38:16 ----A---- C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-16 10:38:12 ----A---- C:\Windows\SysWOW64\samlib.dll
2013-07-16 10:35:32 ----A---- C:\Windows\SysWOW64\DWrite.dll
2013-07-16 10:35:07 ----A---- C:\Windows\SysWOW64\qedit.dll
2013-07-16 10:34:23 ----A---- C:\Windows\SysWOW64\ieframe.dll
2013-07-16 10:34:19 ----A---- C:\Windows\SysWOW64\mshtml.dll
2013-07-16 10:34:14 ----A---- C:\Windows\SysWOW64\iertutil.dll
2013-07-16 10:34:11 ----A---- C:\Windows\SysWOW64\wininet.dll
2013-07-16 10:34:11 ----A---- C:\Windows\SysWOW64\urlmon.dll
2013-07-16 10:34:11 ----A---- C:\Windows\SysWOW64\jscript9.dll
2013-07-16 10:34:10 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2013-07-16 10:34:09 ----A---- C:\Windows\SysWOW64\jscript.dll
2013-07-16 10:33:01 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-16 09:38:54 ----D---- C:\Program Files (x86)\Microsoft Web Tools
======List of files/folders modified in the last 1 month======
2013-08-07 16:08:54 ----RD---- C:\Program Files (x86)
2013-08-07 16:08:09 ----D---- C:\Windows\Prefetch
2013-08-07 16:05:53 ----D---- C:\Windows\Temp
2013-08-07 03:00:04 ----D---- C:\Windows\Microsoft.NET
2013-08-07 01:14:34 ----SHD---- C:\System Volume Information
2013-08-06 22:06:05 ----D---- C:\Windows\Tasks
2013-08-06 22:06:01 ----HD---- C:\ProgramData
2013-08-06 22:05:44 ----RD---- C:\Program Files
2013-08-06 21:18:10 ----D---- C:\Windows
2013-08-06 21:01:21 ----D---- C:\Windows\System32
2013-08-05 22:20:24 ----D---- C:\Windows\Inf
2013-08-04 11:39:38 ----D---- C:\Users\SSejnt\AppData\Roaming\vlc
2013-07-31 20:43:46 ----D---- C:\Program Files (x86)\mutualpublic
2013-07-28 13:33:40 ----D---- C:\Users\SSejnt\AppData\Roaming\Winamp
2013-07-27 08:54:43 ----D---- C:\Program Files (x86)\Connectify
2013-07-26 12:55:26 ----SHD---- C:\Windows\Installer
2013-07-26 12:55:23 ----D---- C:\Program Files (x86)\Google
2013-07-26 07:56:29 ----D---- C:\Windows\SoftwareDistribution
2013-07-26 07:56:29 ----D---- C:\Windows\debug
2013-07-23 14:46:50 ----D---- C:\Windows\AUInstallAgent
2013-07-23 14:46:08 ----D---- C:\Windows\twain_32
2013-07-23 14:44:40 ----D---- C:\Windows\Downloaded Installations
2013-07-18 08:44:20 ----D---- C:\Windows\SysWOW64
2013-07-18 08:40:03 ----D---- C:\Program Files (x86)\National Instruments
2013-07-18 08:39:43 ----D---- C:\Program Files (x86)\Common Files\Merge Modules
2013-07-18 08:28:36 ----D---- C:\ProgramData\National Instruments
2013-07-17 20:46:18 ----RSD---- C:\Windows\assembly
2013-07-17 19:55:57 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-17 17:14:10 ----D---- C:\Users\SSejnt\AppData\Roaming\systweak
2013-07-17 09:37:13 ----D---- C:\Windows\WinSxS
2013-07-17 08:45:51 ----D---- C:\ProgramData\AVAST Software
2013-07-16 15:13:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-16 11:28:00 ----D---- C:\Windows\CbsTemp
2013-07-16 11:20:36 ----D---- C:\ProgramData\Microsoft Help
2013-07-16 10:24:08 ----D---- C:\ProgramData\Package Cache
2013-07-16 10:16:59 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
2013-07-16 10:16:30 ----D---- C:\Windows\SysWOW64\1033
2013-07-16 10:10:17 ----D---- C:\Program Files (x86)\Microsoft SDKs
2013-07-16 09:56:19 ----D---- C:\ProgramData\Windows App Certification Kit
2013-07-15 21:42:43 ----D---- C:\ProgramData\GarenaMessenger
2013-07-15 21:42:42 ----D---- C:\Users\SSejnt\AppData\Roaming\GarenaPlus
2013-07-09 09:49:59 ----D---- C:\Users\SSejnt\AppData\Roaming\Xilinx
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys []
R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys []
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys []
R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys []
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys []
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys []
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys []
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys []
R0 hpdskflt;@oem1.inf,%service_desc%;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys []
R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys []
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys []
R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys []
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys []
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys []
R0 NIPALK;NIPALK; C:\Windows\System32\drivers\nipalk.sys []
R0 nipbcfk;National Instruments Class Upper Filter Driver; C:\Windows\System32\drivers\nipbcfk.sys []
R0 nipxibaf;National Instruments PXI Bridge Access Driver; C:\Windows\System32\drivers\nipxibaf.sys []
R0 nipxibrc;National Instruments PXI Bridge Configuration Driver; C:\Windows\System32\drivers\nipxibrc.sys []
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys []
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\Windows\System32\drivers\pci.sys []
R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys []
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys []
R0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys []
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys []
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys []
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys []
R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys []
R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys []
R1 Beep;Beep; C:\Windows\SysWOW64\drivers\Beep.sys []
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys []
R1 cnnctfy3;@oem7.inf,%cnnctfy3_Desc%;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys []
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []
R1 Msfs;Msfs; C:\Windows\SysWOW64\drivers\Msfs.sys []
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys []
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys []
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys []
R1 Npfs;Npfs; C:\Windows\SysWOW64\drivers\Npfs.sys []
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys []
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys []
R1 Null;Null; C:\Windows\SysWOW64\drivers\Null.sys []
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys []
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys []
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys []
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys []
R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys []
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys []
R2 nipxirmk;nipxirmk; \??\C:\Windows\system32\drivers\nipxirmkl.sys []
R2 nistreamk;nistreamk; C:\Windows\system32\drivers\nistreamkl.sys []
R2 NiViPxiK;NI-VISA PXI Driver; C:\Windows\System32\drivers\NiViPxiKl.sys []
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys []
R2 PYNWAGNT;PYNWAGNT; \??\C:\Windows\System32\Drivers\pynwagnt.sys []
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys []
R2 secdrv;Security Driver; C:\Windows\SysWOW64\drivers\secdrv.sys []
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys []
R3 Accelerometer;@oem1.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys []
R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys []
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys []
R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys []
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys []
R3 DNE;@oem5.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys []
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys []
R3 fastfat;FAT12/16/32 File System Driver; C:\Windows\SysWOW64\drivers\fastfat.sys []
R3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys []
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys []
R3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\Windows\System32\drivers\i8042prt.sys []
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys []
R3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys []
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\Windows\System32\drivers\kbdclass.sys []
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\Windows\System32\drivers\monitor.sys []
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys []
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys []
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys []
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys []
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys []
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys []
R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys []
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys []
R3 NDProxy;NDIS Proxy; C:\Windows\SysWOW64\drivers\NDProxy.sys []
R3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys []
R3 nimdbgk;nimdbgk; \??\C:\Windows\system32\drivers\nimdbgkl.sys []
R3 nimxdfk;nimxdfk; \??\C:\Windows\system32\drivers\nimxdfkl.sys []
R3 NiViPciK;NI-VISA PCI Driver; C:\Windows\System32\drivers\NiViPciKl.sys []
R3 Ntfs;Ntfs; C:\Windows\SysWOW64\drivers\Ntfs.sys []
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys []
R3 PyNwFlt;@oem93.inf,%PyNwFltService_Desc%;Pylon GigE Vision Streaming Filter Service; C:\Windows\system32\DRIVERS\pynwflt.sys []
R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys []
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys []
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys []
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys []
R3 SensorsSimulatorDriver;@oem3.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys []
R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys []
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys []
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys []
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys []
R3 SynTP;@oem2.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys []
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys []
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys []
R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\Windows\System32\drivers\usbccgp.sys []
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys []
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\Windows\System32\drivers\usbhub.sys []
R3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\Windows\System32\drivers\USBSTOR.SYS []
R3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys []
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys []
S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys []
S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys []
S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys []
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys []
S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys []
S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys []
S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys []
S0 arc;arc; C:\Windows\System32\drivers\arc.sys []
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys []
S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys []
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\Windows\System32\drivers\bxvbda.sys []
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\System32\drivers\evbda.sys []
S0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys []
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys []
S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\System32\drivers\gagp30kx.sys []
S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys []
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys []
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys []
S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys []
S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys []
S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys []
S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys []
S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys []
S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys []
S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys []
S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys []
S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys []
S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys []
S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys []
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys []
S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys []
S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys []
S0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys []
S0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys []
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys []
S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys []
S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys []
S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys []
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys []
S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys []
S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\Windows\System32\drivers\uagp35.sys []
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys []
S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys []
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys []
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys []
S1 SUHDCrypt;SUHDCrypt; \??\C:\Windows\system32\Drivers\PDisk.sys [2012-10-20 208256]
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys []
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys []
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys []
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys []
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys []
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys []
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []
S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys []
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys []
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys []
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys []
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys []
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys []
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys []
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys []
S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys []
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2012-12-21 14920]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2012-12-21 9160]
S3 exfat;exFAT File System Driver; C:\Windows\SysWOW64\drivers\exfat.sys []
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys []
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys []
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys []
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys []
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\Windows\System32\drivers\vmgencounter.sys []
S3 ggflt;@oem64.inf,%SvcFltDesc%;SEMC USB Flash Driver Filter; C:\Windows\System32\drivers\ggflt.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 ggsemc;@oem64.inf,%SvcDesc%;SEMC USB Flash Driver; C:\Windows\System32\drivers\ggsemc.sys []
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys []
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys []
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys []
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys []
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys []
S3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys []
S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys []
S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys []
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys []
S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys []
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys []
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys []
S3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys []
S3 Modem;Modem; C:\Windows\system32\drivers\modem.sys []
S3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys []
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys []
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys []
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []
S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys []
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys []
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MsRPC;MsRPC; C:\Windows\SysWOW64\drivers\MsRPC.sys []
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys []
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys []
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys []
S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys []
S3 ni1006k;NI PXI-1006 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1006k.sys []
S3 ni1045k;NI PXI-1045 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1045kl.sys []
S3 ni1065k;NI PXIe-1065 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1065k.sys []
S3 nidimk;nidimk; \??\C:\Windows\system32\drivers\nidimkl.sys []
S3 niorbk;niorbk; \??\C:\Windows\system32\drivers\niorbkl.sys []
S3 nipalfwedl;nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys []
S3 nipalusbedl;nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys []
S3 nipxigpk;NI PXI Generic Chassis Pilot; \??\C:\Windows\system32\drivers\nipxigpk.sys []
S3 niwdk;niwdk; C:\Windows\SysWOW64\drivers\niwdk.sys []
S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\Windows\System32\drivers\parport.sys []
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys []
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys []
S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys []
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 RDPWD;RDP Winstation Driver; C:\Windows\SysWOW64\drivers\RDPWD.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys []
S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys []
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []
S3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys []
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys []
S3 ser2at;@oem81.inf,%Serial.SVCDESC%;ATEN USB to Serial port driver; C:\Windows\system32\DRIVERS\ser2at64.sys []
S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys []
S3 Serenum;@oem81.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys []
S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys []
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys []
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys []
S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys []
S3 storvsp;storvsp; C:\Windows\System32\drivers\storvsp.sys []
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys []
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys []
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys []
S3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys []
S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\Windows\System32\drivers\umpass.sys []
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys []
S3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys []
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys []
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys []
S3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS []
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys []
S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys []
S3 Vid;Vid; C:\Windows\System32\drivers\Vid.sys []
S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys []
S3 vmbusr;@%SystemRoot%\system32\vmbusres.dll,-1001; C:\Windows\System32\drivers\vmbusr.sys []
S4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys []
S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 ClassicShellService;Classic Shell Service; C:\Program Files\Classic Shell\ClassicShellService.exe [2012-08-19 63488]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-05-14 156672]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 hpsrv;@oem1.inf,%hpservice_desc%;HP Service; C:\Windows\system32\Hpservice.exe []
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 LkCitadelServer;NI Citadel 4 Service; C:\Windows\SysWOW64\lkcitdl.exe [2010-10-27 695136]
R2 lkClassAds;NI PSP Service Locator; C:\Windows\SysWOW64\lkads.exe [2012-11-28 50328]
R2 lkTimeSync;NI Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2012-11-28 60568]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 Mutual Monitor;Mutual Monitor; C:\Program Files\mutualpublic\Monitor.exe [2013-06-24 913920]
R2 mxssvr;NI Configuration Manager; D:\NI\MAX\nimxs.exe [2012-11-21 51360]
R2 NIApplicationWebServer;NI Application Web Server; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-11-30 54472]
R2 NIDomainService;NI Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2012-11-28 371352]
R2 niLXIDiscovery;NI LXI Discovery Service; C:\VXIPNP\WinNT\NIvisa\niLxiDiscovery.exe [2012-11-07 236768]
R2 nimDNSResponder;NI mDNS Responder Service; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2012-09-26 258776]
R2 NINetworkDiscovery;NI Network Discovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2012-12-19 172344]
R2 nipxirmu;NI PXI Resource Manager; C:\Windows\SysWOW64\nipxism.exe [2013-01-17 19056]
R2 niSvcLoc;NI System Web Server; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [2012-11-30 54464]
R2 NITaggerService;NI Variable Engine; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [2012-06-07 680624]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe []
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe []
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-29 3463080]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe []
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-31 116648]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11 256904]
S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 8704]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-31 116648]
S3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe []
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe []
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 62976]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 NILM License Manager;NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2010-08-02 1427688]
S3 NiRioRpc;NI-RIO Server; C:\Windows\SysWOW64\NiRioRpc.exe [2013-01-29 31840]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpcEnum;OpcEnum; C:\Windows\SysWOW64\Opcenum.exe [2012-05-18 139488]
S3 OracleMTSRecoveryService;OracleMTSRecoveryService; D:\oracle11g\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [2011-08-27 69632]
S3 OracleXEClrAgent;OracleXEClrAgent; D:\oracle11g\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [2011-08-27 12800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2012-07-26 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe []
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2013-05-16 98304]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe []
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S4 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S4 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S4 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe []
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe [2011-08-27 49152]
S4 OracleServiceXE;OracleServiceXE; d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [2011-08-27 115773440]
S4 OracleXETNSListener;OracleXETNSListener; D:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [2011-08-27 512000]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 23040]
S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 23040]
S4 Service1;PCTrss; C:\Users\SSejnt\Desktop\PctRssService\PctRssService\bin\Debug\PctRssService.exe [2013-05-20 9728]
S4 ServiceATNET;ServiceATNET; C:\Users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe [2013-04-20 9216]
S4 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Coin miner nejde odstranit
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Coin miner nejde odstranit
Zdravím!
Dejte log ComboFix:
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Coin miner nejde odstranit
ComboFix 13-08-07.01 - SSejnt 08/07/2013 20:00:16.1.2 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.3066.2021 [GMT 2:00]
Running from: F:\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1357998173.bdinstall.bin
c:\programdata\1358000599.bdinstall.bin
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\users\SSejnt\AppData\Local\assembly\tmp
c:\users\SSejnt\AppData\Local\TempDIR
c:\users\SSejnt\AppData\Local\TempDIR\Print\addprinter.cmd
c:\users\SSejnt\AppData\Local\TempDIR\Print\addprinter64.cmd
c:\users\SSejnt\AppData\Local\TempDIR\Print\default.cmd
c:\users\SSejnt\AppData\Local\TempDIR\Print\Install.exe
c:\users\SSejnt\AppData\Local\TempDIR\Print\prepare.cmd
c:\users\SSejnt\AppData\Local\TempDIR\Print\prnport.vbs
c:\users\SSejnt\AppData\Local\TempDIR\Print\StopUIClients.exe
c:\users\SSejnt\AppData\Local\TempDIR\Print\uninstall.cmd
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\mfricres.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\mpc33dat.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\OEMSETUP.DSC
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\OEMSETUP.INF
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rc4mannt.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rc4mon.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\readme.htm
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4d.rcf
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dcd.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dCD.psz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dct.cat
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dgc.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dgs.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dgu.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dHP.chm
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dIS.xml
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dLG.dat
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dMI.miz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dpl.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dUC.cfz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dur.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dus.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\ricdb32.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\ricipp.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\ricjc32.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\trackid.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\mfricr64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\mpc33d64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\OEMSETUP.DSC
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\OEMSETUP.INF
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rc4man64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rc4mon64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\readme.htm
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4d.rcf
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dcd.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dCD.psz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dct.cat
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dgc.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dgs.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dgu.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dHP.chm
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dIS.xml
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dLG.dat
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dMI.miz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dpl.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dUC.cfz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dur.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dus.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\ricdb64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\ricipp.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\ricjc64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\trackid64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\SafeQ_cli.exe
c:\users\SSejnt\AppData\Roaming\Microsoft\~DFK84761b.tmp
c:\users\SSejnt\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\bass.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\peaadje.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\Windows\Start Menu\Internet Explorer.lnk
c:\users\SSejnt\EULA.txt
c:\windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
c:\windows\SysWow64\~GLH0006.TMP
D:\Autorun.inf
D:\setup.exe
.
----- File Replicators -----
.
c:\program files (x86)\FreeFileSharingBox\msysgit\bin\git.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-add.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-annotate.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-apply.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-archive.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-bisect--helper.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-blame.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-branch.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-bundle.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-cat-file.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-check-attr.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-check-ref-format.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-checkout-index.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-checkout.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-cherry-pick.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-cherry.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-clean.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-clone.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-column.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-commit-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-commit.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-config.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-count-objects.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-credential.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-describe.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-diff-files.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-diff-index.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-diff-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-diff.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fast-export.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fetch-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fetch.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fmt-merge-msg.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-for-each-ref.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-format-patch.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fsck-objects.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fsck.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-gc.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-get-tar-commit-id.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-grep.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-hash-object.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-help.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-index-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-init-db.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-init.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-log.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-ls-files.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-ls-remote.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-ls-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mailinfo.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mailsplit.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-base.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-file.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-index.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-ours.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-recursive.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-subtree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mktag.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mktree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mv.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-name-rev.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-notes.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-pack-objects.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-pack-redundant.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-pack-refs.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-patch-id.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-peek-remote.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-prune-packed.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-prune.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-push.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-read-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-receive-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-reflog.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-remote-ext.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-remote-fd.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-remote.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-replace.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-repo-config.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-rerere.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-reset.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-rev-list.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-rev-parse.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-revert.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-rm.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-send-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-shortlog.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-show-branch.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-show-ref.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-show.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-stage.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-status.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-stripspace.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-symbolic-ref.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-tag.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-tar-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-unpack-file.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-unpack-objects.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-update-index.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-update-ref.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-update-server-info.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-upload-archive.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-var.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-verify-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-verify-tag.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-whatchanged.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-write-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-07-07 to 2013-08-07 )))))))))))))))))))))))))))))))
.
.
2013-08-07 18:19 . 2013-08-07 18:22 -------- d-----w- c:\users\SSejnt\AppData\Local\temp
2013-08-07 18:19 . 2013-08-07 18:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-07 14:08 . 2013-08-07 14:08 -------- d-----w- C:\rsit
2013-08-07 14:08 . 2013-08-07 14:08 -------- d-----w- c:\program files (x86)\trend micro
2013-08-06 21:45 . 2013-08-07 17:29 -------- d-----w- C:\temp
2013-08-06 20:06 . 2013-08-06 20:06 -------- d-----w- c:\users\SSejnt\AppData\Roaming\SUPERAntiSpyware.com
2013-08-06 20:05 . 2013-08-06 20:06 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-06 20:05 . 2013-08-06 20:05 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\users\SSejnt\AppData\Roaming\Malwarebytes
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\programdata\Malwarebytes
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-06 15:16 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\users\SSejnt\AppData\Local\Programs
2013-08-01 04:06 . 2013-08-01 04:06 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-26 22:09 . 2013-07-26 22:09 34840 ----a-w- c:\windows\system32\drivers\cnnctfy3.sys
2013-07-23 12:46 . 2013-03-11 15:47 57568 ----a-w- c:\windows\system32\drivers\pynwagnt.sys
2013-07-23 12:46 . 2013-07-23 12:46 -------- d-----w- c:\programdata\genicam
2013-07-23 12:46 . 2013-07-23 12:46 -------- d-----w- c:\program files\Basler
2013-07-22 09:20 . 2013-07-22 09:20 -------- d-----w- c:\users\SSejnt\AppData\Roaming\Radmin
2013-07-22 09:18 . 2013-07-22 09:18 -------- d-----w- c:\program files (x86)\Radmin Viewer 3
2013-07-22 09:17 . 2013-07-22 09:17 -------- d-----w- c:\users\SSejnt\AppData\Local\Downloaded Installations
2013-07-18 08:34 . 2013-07-18 08:34 -------- d-----w- c:\program files (x86)\JKI
2013-07-17 17:54 . 2013-07-17 17:54 -------- d-----w- c:\windows\system32\cvirte
2013-07-17 17:54 . 2013-07-17 17:54 -------- d-----w- c:\windows\SysWow64\cvirte
2013-07-17 16:33 . 2013-07-17 16:35 -------- d-----w- c:\windows\system32\MRT
2013-07-17 12:33 . 2013-07-17 12:33 -------- d-----w- c:\users\SSejnt\Web Essentials
2013-07-17 11:59 . 2013-07-18 08:35 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-07-17 11:57 . 2013-07-18 08:35 -------- d-----w- c:\programdata\JKI
2013-07-17 11:57 . 2013-07-17 12:46 -------- d-----w- c:\users\SSejnt\AppData\Roaming\JKI
2013-07-17 07:58 . 2013-07-17 07:58 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-07-17 06:45 . 2013-07-17 06:45 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-07-16 13:15 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 13:15 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-16 08:36 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-16 08:36 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-16 08:36 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-16 08:36 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-16 08:36 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-16 08:36 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-16 08:36 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-16 08:35 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys
2013-07-16 08:35 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-16 08:35 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-07-16 08:35 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-07-16 08:35 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-16 08:35 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-16 08:35 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-16 08:33 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-16 08:33 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-16 07:38 . 2013-07-16 07:39 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-16 08:24 . 2012-09-26 08:11 2598368 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2013-06-27 06:59 . 2013-06-27 06:59 249856 ------w- c:\windows\Setup1.exe
2013-06-27 06:59 . 2013-06-27 06:59 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-06-23 22:57 . 2012-12-12 11:31 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 19:48 . 2012-09-26 10:06 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2012-09-26 10:06 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-19 10:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-09 17:53 . 2013-06-09 17:53 83024 ----a-w- c:\windows\SysWow64\mfcm110u.dll
2013-06-09 17:53 . 2013-06-09 17:53 83016 ----a-w- c:\windows\SysWow64\mfcm110.dll
2013-06-09 17:53 . 2013-06-09 17:53 8247888 ----a-w- c:\windows\SysWow64\mfc110ud.dll
2013-06-09 17:53 . 2013-06-09 17:53 8177224 ----a-w- c:\windows\SysWow64\mfc110d.dll
2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110fra.dll
2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110deu.dll
2013-06-09 17:53 . 2013-06-09 17:53 73808 ----a-w- c:\windows\SysWow64\mfc110esn.dll
2013-06-09 17:53 . 2013-06-09 17:53 72784 ----a-w- c:\windows\SysWow64\mfc110ita.dll
2013-06-09 17:53 . 2013-06-09 17:53 70736 ----a-w- c:\windows\SysWow64\mfc110rus.dll
2013-06-09 17:53 . 2013-06-09 17:53 65104 ----a-w- c:\windows\SysWow64\mfc110enu.dll
2013-06-09 17:53 . 2013-06-09 17:53 53840 ----a-w- c:\windows\SysWow64\mfc110jpn.dll
2013-06-09 17:53 . 2013-06-09 17:53 53328 ----a-w- c:\windows\SysWow64\mfc110kor.dll
2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110cht.dll
2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110chs.dll
2013-06-09 17:53 . 2013-06-09 17:53 4456520 ----a-w- c:\windows\SysWow64\mfc110u.dll
2013-06-09 17:53 . 2013-06-09 17:53 4421192 ----a-w- c:\windows\SysWow64\mfc110.dll
2013-06-09 17:53 . 2013-06-09 17:53 164424 ----a-w- c:\windows\SysWow64\atl110.dll
2013-06-09 17:53 . 2013-06-09 17:53 111696 ----a-w- c:\windows\SysWow64\mfcm110d.dll
2013-06-09 17:53 . 2013-06-09 17:53 110672 ----a-w- c:\windows\SysWow64\mfcm110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 90192 ----a-w- c:\windows\system32\mfcm110u.dll
2013-06-09 13:59 . 2013-06-09 13:59 90184 ----a-w- c:\windows\system32\mfcm110.dll
2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110fra.dll
2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110deu.dll
2013-06-09 13:59 . 2013-06-09 13:59 73808 ----a-w- c:\windows\system32\mfc110esn.dll
2013-06-09 13:59 . 2013-06-09 13:59 72784 ----a-w- c:\windows\system32\mfc110ita.dll
2013-06-09 13:59 . 2013-06-09 13:59 70736 ----a-w- c:\windows\system32\mfc110rus.dll
2013-06-09 13:59 . 2013-06-09 13:59 65104 ----a-w- c:\windows\system32\mfc110enu.dll
2013-06-09 13:59 . 2013-06-09 13:59 5619784 ----a-w- c:\windows\system32\mfc110u.dll
2013-06-09 13:59 . 2013-06-09 13:59 5592648 ----a-w- c:\windows\system32\mfc110.dll
2013-06-09 13:59 . 2013-06-09 13:59 53840 ----a-w- c:\windows\system32\mfc110jpn.dll
2013-06-09 13:59 . 2013-06-09 13:59 53328 ----a-w- c:\windows\system32\mfc110kor.dll
2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110cht.dll
2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110chs.dll
2013-06-09 13:59 . 2013-06-09 13:59 192584 ----a-w- c:\windows\system32\atl110.dll
2013-06-09 13:59 . 2013-06-09 13:59 120912 ----a-w- c:\windows\system32\mfcm110d.dll
2013-06-09 13:59 . 2013-06-09 13:59 119376 ----a-w- c:\windows\system32\mfcm110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 10932304 ----a-w- c:\windows\system32\mfc110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 10860616 ----a-w- c:\windows\system32\mfc110d.dll
2013-05-30 23:24 . 2013-06-25 11:44 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-05-23 23:01 . 2013-06-25 11:40 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-05-23 22:27 . 2013-06-25 11:40 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-05-22 22:16 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 22:37 . 2013-06-25 11:38 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-05-15 22:35 . 2013-06-25 11:38 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-05-15 22:35 . 2013-06-27 15:26 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-05-15 02:25 . 2013-06-25 11:40 888320 ----a-w- c:\windows\system32\autochk.exe
2013-05-15 02:25 . 2013-06-25 11:40 542208 ----a-w- c:\windows\system32\untfs.dll
2013-05-15 02:24 . 2013-06-25 11:40 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-05-15 02:24 . 2013-06-25 11:40 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-05-14 13:14 . 2013-06-25 11:38 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-14 09:23 . 2013-06-25 11:38 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-08-19 17:37 610816 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\SSejnt\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Facebook Update"="c:\users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-06-14 138096]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-02-04 447152]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-06-19 9873200]
"Lingoes"="c:\program files (x86)\Lingoes\Translator2\Lingoes.exe" [2011-10-31 2375680]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"icq"="c:\users\SSejnt\AppData\Roaming\ICQM\icq.exe" [2013-07-01 28696936]
"NIRegistrationWizard"="c:\program files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe" [2010-06-21 846520]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"PC Suite for Smartphones"="c:\program files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-12-25 548864]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"SafeQClient"="c:\program files (x86)\SafeQ\SafeQ_cli.exe" [2012-11-21 474624]
"NI Update Service"="c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" [2012-11-16 853640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2012-9-18 661184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 SUHDCrypt;SUHDCrypt;c:\windows\system32\Drivers\PDisk.sys;c:\windows\SYSNATIVE\Drivers\PDisk.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 Mutual Monitor;Mutual Monitor;c:\program files\mutualpublic\Monitor.exe run;c:\program files\mutualpublic\Monitor.exe run [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys;c:\windows\SYSNATIVE\drivers\ggflt.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys;c:\windows\SYSNATIVE\drivers\ni1006k.sys [x]
R3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys;c:\windows\SYSNATIVE\drivers\ni1045kl.sys [x]
R3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys;c:\windows\SYSNATIVE\drivers\ni1065k.sys [x]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys;c:\windows\SYSNATIVE\drivers\nidimkl.sys [x]
R3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys;c:\windows\SYSNATIVE\drivers\nipalfwedl.sys [x]
R3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys;c:\windows\SYSNATIVE\drivers\nipalusbedl.sys [x]
R3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys;c:\windows\SYSNATIVE\drivers\nipxigpk.sys [x]
R3 NiRioRpc;NI-RIO Server;c:\windows\SysWOW64\NiRioRpc.exe;c:\windows\SysWOW64\NiRioRpc.exe [x]
R3 niwdk;niwdk; [x]
R3 ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at64.sys;c:\windows\SYSNATIVE\DRIVERS\ser2at64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R4 OracleJobSchedulerXE;OracleJobSchedulerXE;d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe XE;d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [x]
R4 OracleServiceXE;OracleServiceXE;d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE;d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [x]
R4 OracleXETNSListener;OracleXETNSListener;d:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe;d:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [x]
R4 ServiceATNET;ServiceATNET;c:\users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe;c:\users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe [x]
S0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\System32\drivers\nipbcfk.sys;c:\windows\SYSNATIVE\drivers\nipbcfk.sys [x]
S0 nipxibaf;National Instruments PXI Bridge Access Driver;c:\windows\System32\drivers\nipxibaf.sys;c:\windows\SYSNATIVE\drivers\nipxibaf.sys [x]
S0 nipxibrc;National Instruments PXI Bridge Configuration Driver;c:\windows\System32\drivers\nipxibrc.sys;c:\windows\SYSNATIVE\drivers\nipxibrc.sys [x]
S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
S2 niLXIDiscovery;NI LXI Discovery Service;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe [x]
S2 nimDNSResponder;NI mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [x]
S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [x]
S2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys;c:\windows\SYSNATIVE\drivers\nipxirmkl.sys [x]
S2 nistreamk;nistreamk;c:\windows\system32\drivers\nistreamkl.sys;c:\windows\SYSNATIVE\drivers\nistreamkl.sys [x]
S2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys;c:\windows\SYSNATIVE\drivers\NiViPxiKl.sys [x]
S2 PYNWAGNT;PYNWAGNT;c:\windows\System32\Drivers\pynwagnt.sys;c:\windows\SYSNATIVE\Drivers\pynwagnt.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys;c:\windows\SYSNATIVE\drivers\NiViPciKl.sys [x]
S3 PyNwFlt;Pylon GigE Vision Streaming Filter Service;c:\windows\system32\DRIVERS\pynwflt.sys;c:\windows\SYSNATIVE\DRIVERS\pynwflt.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk63x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk63x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-27 18:29]
.
2013-08-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
- c:\users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14 11:34]
.
2013-08-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
- c:\users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14 11:34]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-31 17:27]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-31 17:27]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
- c:\users\SSejnt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 20:04]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
- c:\users\SSejnt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 20:04]
.
2013-08-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 8bee0cfa-a9f0-488d-be60-8a3378636d4c.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-08-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fc22301f-1534-4ee6-b345-db1638dc2d2f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-08-19 17:37 741376 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Connectify Hotspot"="c:\program files (x86)\Connectify\Connectify.exe" [2013-05-14 5236512]
"Connectify Dispatch"="c:\program files (x86)\Connectify\DispatchUI.exe" [2013-05-14 3121440]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.zaparit.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{5C46615A-FBFF-4D98-BC98-B0B7509DD017}: NameServer = 192.168.209.1
.
.
------- File Associations -------
.
.txt=STDUViewerFile.TXT
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{57B09796-0105-4364-AEAA-B7802E56BD53}_is1 - c:\users\SSejnt\Documents\Miranda pack by sssugi 2.7\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Classic Shell\ClassicShellService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\windows\SysWOW64\lkads.exe
d:\ni\MAX\nimxs.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
c:\windows\SysWOW64\lkcitdl.exe
c:\windows\SysWOW64\lktsrv.exe
c:\windows\SysWOW64\nipxism.exe
.
**************************************************************************
.
Completion time: 2013-08-07 20:39:39 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-07 18:39
.
Pre-Run: 2,682,896,384 bytes free
Post-Run: 2,801,319,936 bytes free
.
- - End Of File - - 362074AFB777C90792EF64F0B1559174
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.3066.2021 [GMT 2:00]
Running from: F:\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1357998173.bdinstall.bin
c:\programdata\1358000599.bdinstall.bin
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\users\SSejnt\AppData\Local\assembly\tmp
c:\users\SSejnt\AppData\Local\TempDIR
c:\users\SSejnt\AppData\Local\TempDIR\Print\addprinter.cmd
c:\users\SSejnt\AppData\Local\TempDIR\Print\addprinter64.cmd
c:\users\SSejnt\AppData\Local\TempDIR\Print\default.cmd
c:\users\SSejnt\AppData\Local\TempDIR\Print\Install.exe
c:\users\SSejnt\AppData\Local\TempDIR\Print\prepare.cmd
c:\users\SSejnt\AppData\Local\TempDIR\Print\prnport.vbs
c:\users\SSejnt\AppData\Local\TempDIR\Print\StopUIClients.exe
c:\users\SSejnt\AppData\Local\TempDIR\Print\uninstall.cmd
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\mfricres.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\mpc33dat.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\OEMSETUP.DSC
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\OEMSETUP.INF
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rc4mannt.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rc4mon.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\readme.htm
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4d.rcf
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dcd.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dCD.psz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dct.cat
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dgc.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dgs.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dgu.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dHP.chm
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dIS.xml
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dLG.dat
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dMI.miz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dpl.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\Rica4dUC.cfz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dur.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\rica4dus.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\ricdb32.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\ricipp.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\ricjc32.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver\trackid.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\mfricr64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\mpc33d64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\OEMSETUP.DSC
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\OEMSETUP.INF
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rc4man64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rc4mon64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\readme.htm
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4d.rcf
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dcd.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dCD.psz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dct.cat
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dgc.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dgs.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dgu.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dHP.chm
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dIS.xml
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dLG.dat
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dMI.miz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dpl.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\Rica4dUC.cfz
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dur.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\rica4dus.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\ricdb64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\ricipp.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\ricjc64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\PrintDriver64\trackid64.dl_
c:\users\SSejnt\AppData\Local\TempDIR\SafeQ_cli.exe
c:\users\SSejnt\AppData\Roaming\Microsoft\~DFK84761b.tmp
c:\users\SSejnt\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\bass.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\peaadje.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\SSejnt\AppData\Roaming\Microsoft\Windows\Start Menu\Internet Explorer.lnk
c:\users\SSejnt\EULA.txt
c:\windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
c:\windows\SysWow64\~GLH0006.TMP
D:\Autorun.inf
D:\setup.exe
.
----- File Replicators -----
.
c:\program files (x86)\FreeFileSharingBox\msysgit\bin\git.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-add.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-annotate.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-apply.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-archive.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-bisect--helper.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-blame.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-branch.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-bundle.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-cat-file.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-check-attr.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-check-ref-format.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-checkout-index.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-checkout.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-cherry-pick.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-cherry.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-clean.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-clone.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-column.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-commit-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-commit.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-config.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-count-objects.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-credential.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-describe.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-diff-files.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-diff-index.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-diff-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-diff.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fast-export.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fetch-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fetch.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fmt-merge-msg.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-for-each-ref.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-format-patch.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fsck-objects.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-fsck.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-gc.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-get-tar-commit-id.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-grep.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-hash-object.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-help.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-index-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-init-db.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-init.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-log.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-ls-files.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-ls-remote.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-ls-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mailinfo.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mailsplit.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-base.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-file.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-index.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-ours.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-recursive.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-subtree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-merge.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mktag.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mktree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-mv.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-name-rev.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-notes.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-pack-objects.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-pack-redundant.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-pack-refs.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-patch-id.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-peek-remote.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-prune-packed.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-prune.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-push.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-read-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-receive-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-reflog.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-remote-ext.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-remote-fd.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-remote.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-replace.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-repo-config.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-rerere.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-reset.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-rev-list.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-rev-parse.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-revert.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-rm.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-send-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-shortlog.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-show-branch.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-show-ref.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-show.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-stage.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-status.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-stripspace.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-symbolic-ref.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-tag.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-tar-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-unpack-file.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-unpack-objects.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-update-index.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-update-ref.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-update-server-info.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-upload-archive.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-var.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-verify-pack.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-verify-tag.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-whatchanged.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git-write-tree.exe
c:\program files (x86)\FreeFileSharingBox\msysgit\libexec\git-core\git.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-07-07 to 2013-08-07 )))))))))))))))))))))))))))))))
.
.
2013-08-07 18:19 . 2013-08-07 18:22 -------- d-----w- c:\users\SSejnt\AppData\Local\temp
2013-08-07 18:19 . 2013-08-07 18:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-07 14:08 . 2013-08-07 14:08 -------- d-----w- C:\rsit
2013-08-07 14:08 . 2013-08-07 14:08 -------- d-----w- c:\program files (x86)\trend micro
2013-08-06 21:45 . 2013-08-07 17:29 -------- d-----w- C:\temp
2013-08-06 20:06 . 2013-08-06 20:06 -------- d-----w- c:\users\SSejnt\AppData\Roaming\SUPERAntiSpyware.com
2013-08-06 20:05 . 2013-08-06 20:06 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-06 20:05 . 2013-08-06 20:05 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\users\SSejnt\AppData\Roaming\Malwarebytes
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\programdata\Malwarebytes
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-06 15:16 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\users\SSejnt\AppData\Local\Programs
2013-08-01 04:06 . 2013-08-01 04:06 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-26 22:09 . 2013-07-26 22:09 34840 ----a-w- c:\windows\system32\drivers\cnnctfy3.sys
2013-07-23 12:46 . 2013-03-11 15:47 57568 ----a-w- c:\windows\system32\drivers\pynwagnt.sys
2013-07-23 12:46 . 2013-07-23 12:46 -------- d-----w- c:\programdata\genicam
2013-07-23 12:46 . 2013-07-23 12:46 -------- d-----w- c:\program files\Basler
2013-07-22 09:20 . 2013-07-22 09:20 -------- d-----w- c:\users\SSejnt\AppData\Roaming\Radmin
2013-07-22 09:18 . 2013-07-22 09:18 -------- d-----w- c:\program files (x86)\Radmin Viewer 3
2013-07-22 09:17 . 2013-07-22 09:17 -------- d-----w- c:\users\SSejnt\AppData\Local\Downloaded Installations
2013-07-18 08:34 . 2013-07-18 08:34 -------- d-----w- c:\program files (x86)\JKI
2013-07-17 17:54 . 2013-07-17 17:54 -------- d-----w- c:\windows\system32\cvirte
2013-07-17 17:54 . 2013-07-17 17:54 -------- d-----w- c:\windows\SysWow64\cvirte
2013-07-17 16:33 . 2013-07-17 16:35 -------- d-----w- c:\windows\system32\MRT
2013-07-17 12:33 . 2013-07-17 12:33 -------- d-----w- c:\users\SSejnt\Web Essentials
2013-07-17 11:59 . 2013-07-18 08:35 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-07-17 11:57 . 2013-07-18 08:35 -------- d-----w- c:\programdata\JKI
2013-07-17 11:57 . 2013-07-17 12:46 -------- d-----w- c:\users\SSejnt\AppData\Roaming\JKI
2013-07-17 07:58 . 2013-07-17 07:58 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-07-17 06:45 . 2013-07-17 06:45 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-07-16 13:15 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 13:15 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-16 08:36 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-16 08:36 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-16 08:36 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-16 08:36 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-16 08:36 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-16 08:36 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-16 08:36 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-16 08:35 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys
2013-07-16 08:35 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-16 08:35 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-07-16 08:35 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-07-16 08:35 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-16 08:35 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-16 08:35 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-16 08:33 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-16 08:33 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-16 07:38 . 2013-07-16 07:39 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-16 08:24 . 2012-09-26 08:11 2598368 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2013-06-27 06:59 . 2013-06-27 06:59 249856 ------w- c:\windows\Setup1.exe
2013-06-27 06:59 . 2013-06-27 06:59 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-06-23 22:57 . 2012-12-12 11:31 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 19:48 . 2012-09-26 10:06 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2012-09-26 10:06 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-19 10:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-09 17:53 . 2013-06-09 17:53 83024 ----a-w- c:\windows\SysWow64\mfcm110u.dll
2013-06-09 17:53 . 2013-06-09 17:53 83016 ----a-w- c:\windows\SysWow64\mfcm110.dll
2013-06-09 17:53 . 2013-06-09 17:53 8247888 ----a-w- c:\windows\SysWow64\mfc110ud.dll
2013-06-09 17:53 . 2013-06-09 17:53 8177224 ----a-w- c:\windows\SysWow64\mfc110d.dll
2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110fra.dll
2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110deu.dll
2013-06-09 17:53 . 2013-06-09 17:53 73808 ----a-w- c:\windows\SysWow64\mfc110esn.dll
2013-06-09 17:53 . 2013-06-09 17:53 72784 ----a-w- c:\windows\SysWow64\mfc110ita.dll
2013-06-09 17:53 . 2013-06-09 17:53 70736 ----a-w- c:\windows\SysWow64\mfc110rus.dll
2013-06-09 17:53 . 2013-06-09 17:53 65104 ----a-w- c:\windows\SysWow64\mfc110enu.dll
2013-06-09 17:53 . 2013-06-09 17:53 53840 ----a-w- c:\windows\SysWow64\mfc110jpn.dll
2013-06-09 17:53 . 2013-06-09 17:53 53328 ----a-w- c:\windows\SysWow64\mfc110kor.dll
2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110cht.dll
2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110chs.dll
2013-06-09 17:53 . 2013-06-09 17:53 4456520 ----a-w- c:\windows\SysWow64\mfc110u.dll
2013-06-09 17:53 . 2013-06-09 17:53 4421192 ----a-w- c:\windows\SysWow64\mfc110.dll
2013-06-09 17:53 . 2013-06-09 17:53 164424 ----a-w- c:\windows\SysWow64\atl110.dll
2013-06-09 17:53 . 2013-06-09 17:53 111696 ----a-w- c:\windows\SysWow64\mfcm110d.dll
2013-06-09 17:53 . 2013-06-09 17:53 110672 ----a-w- c:\windows\SysWow64\mfcm110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 90192 ----a-w- c:\windows\system32\mfcm110u.dll
2013-06-09 13:59 . 2013-06-09 13:59 90184 ----a-w- c:\windows\system32\mfcm110.dll
2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110fra.dll
2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110deu.dll
2013-06-09 13:59 . 2013-06-09 13:59 73808 ----a-w- c:\windows\system32\mfc110esn.dll
2013-06-09 13:59 . 2013-06-09 13:59 72784 ----a-w- c:\windows\system32\mfc110ita.dll
2013-06-09 13:59 . 2013-06-09 13:59 70736 ----a-w- c:\windows\system32\mfc110rus.dll
2013-06-09 13:59 . 2013-06-09 13:59 65104 ----a-w- c:\windows\system32\mfc110enu.dll
2013-06-09 13:59 . 2013-06-09 13:59 5619784 ----a-w- c:\windows\system32\mfc110u.dll
2013-06-09 13:59 . 2013-06-09 13:59 5592648 ----a-w- c:\windows\system32\mfc110.dll
2013-06-09 13:59 . 2013-06-09 13:59 53840 ----a-w- c:\windows\system32\mfc110jpn.dll
2013-06-09 13:59 . 2013-06-09 13:59 53328 ----a-w- c:\windows\system32\mfc110kor.dll
2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110cht.dll
2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110chs.dll
2013-06-09 13:59 . 2013-06-09 13:59 192584 ----a-w- c:\windows\system32\atl110.dll
2013-06-09 13:59 . 2013-06-09 13:59 120912 ----a-w- c:\windows\system32\mfcm110d.dll
2013-06-09 13:59 . 2013-06-09 13:59 119376 ----a-w- c:\windows\system32\mfcm110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 10932304 ----a-w- c:\windows\system32\mfc110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 10860616 ----a-w- c:\windows\system32\mfc110d.dll
2013-05-30 23:24 . 2013-06-25 11:44 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-05-23 23:01 . 2013-06-25 11:40 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-05-23 22:27 . 2013-06-25 11:40 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-05-22 22:16 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 22:37 . 2013-06-25 11:38 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-05-15 22:35 . 2013-06-25 11:38 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-05-15 22:35 . 2013-06-27 15:26 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-05-15 02:25 . 2013-06-25 11:40 888320 ----a-w- c:\windows\system32\autochk.exe
2013-05-15 02:25 . 2013-06-25 11:40 542208 ----a-w- c:\windows\system32\untfs.dll
2013-05-15 02:24 . 2013-06-25 11:40 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-05-15 02:24 . 2013-06-25 11:40 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-05-14 13:14 . 2013-06-25 11:38 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-14 09:23 . 2013-06-25 11:38 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-08-19 17:37 610816 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\SSejnt\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Facebook Update"="c:\users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-06-14 138096]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-02-04 447152]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-06-19 9873200]
"Lingoes"="c:\program files (x86)\Lingoes\Translator2\Lingoes.exe" [2011-10-31 2375680]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"icq"="c:\users\SSejnt\AppData\Roaming\ICQM\icq.exe" [2013-07-01 28696936]
"NIRegistrationWizard"="c:\program files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe" [2010-06-21 846520]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"PC Suite for Smartphones"="c:\program files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-12-25 548864]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"SafeQClient"="c:\program files (x86)\SafeQ\SafeQ_cli.exe" [2012-11-21 474624]
"NI Update Service"="c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" [2012-11-16 853640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2012-9-18 661184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 SUHDCrypt;SUHDCrypt;c:\windows\system32\Drivers\PDisk.sys;c:\windows\SYSNATIVE\Drivers\PDisk.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 Mutual Monitor;Mutual Monitor;c:\program files\mutualpublic\Monitor.exe run;c:\program files\mutualpublic\Monitor.exe run [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys;c:\windows\SYSNATIVE\drivers\ggflt.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys;c:\windows\SYSNATIVE\drivers\ni1006k.sys [x]
R3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys;c:\windows\SYSNATIVE\drivers\ni1045kl.sys [x]
R3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys;c:\windows\SYSNATIVE\drivers\ni1065k.sys [x]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys;c:\windows\SYSNATIVE\drivers\nidimkl.sys [x]
R3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys;c:\windows\SYSNATIVE\drivers\nipalfwedl.sys [x]
R3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys;c:\windows\SYSNATIVE\drivers\nipalusbedl.sys [x]
R3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys;c:\windows\SYSNATIVE\drivers\nipxigpk.sys [x]
R3 NiRioRpc;NI-RIO Server;c:\windows\SysWOW64\NiRioRpc.exe;c:\windows\SysWOW64\NiRioRpc.exe [x]
R3 niwdk;niwdk; [x]
R3 ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at64.sys;c:\windows\SYSNATIVE\DRIVERS\ser2at64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R4 OracleJobSchedulerXE;OracleJobSchedulerXE;d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe XE;d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [x]
R4 OracleServiceXE;OracleServiceXE;d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE;d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [x]
R4 OracleXETNSListener;OracleXETNSListener;d:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe;d:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [x]
R4 ServiceATNET;ServiceATNET;c:\users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe;c:\users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe [x]
S0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\System32\drivers\nipbcfk.sys;c:\windows\SYSNATIVE\drivers\nipbcfk.sys [x]
S0 nipxibaf;National Instruments PXI Bridge Access Driver;c:\windows\System32\drivers\nipxibaf.sys;c:\windows\SYSNATIVE\drivers\nipxibaf.sys [x]
S0 nipxibrc;National Instruments PXI Bridge Configuration Driver;c:\windows\System32\drivers\nipxibrc.sys;c:\windows\SYSNATIVE\drivers\nipxibrc.sys [x]
S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
S2 niLXIDiscovery;NI LXI Discovery Service;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe [x]
S2 nimDNSResponder;NI mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [x]
S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [x]
S2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys;c:\windows\SYSNATIVE\drivers\nipxirmkl.sys [x]
S2 nistreamk;nistreamk;c:\windows\system32\drivers\nistreamkl.sys;c:\windows\SYSNATIVE\drivers\nistreamkl.sys [x]
S2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys;c:\windows\SYSNATIVE\drivers\NiViPxiKl.sys [x]
S2 PYNWAGNT;PYNWAGNT;c:\windows\System32\Drivers\pynwagnt.sys;c:\windows\SYSNATIVE\Drivers\pynwagnt.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys;c:\windows\SYSNATIVE\drivers\NiViPciKl.sys [x]
S3 PyNwFlt;Pylon GigE Vision Streaming Filter Service;c:\windows\system32\DRIVERS\pynwflt.sys;c:\windows\SYSNATIVE\DRIVERS\pynwflt.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk63x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk63x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-27 18:29]
.
2013-08-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
- c:\users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14 11:34]
.
2013-08-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
- c:\users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-14 11:34]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-31 17:27]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-31 17:27]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
- c:\users\SSejnt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 20:04]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
- c:\users\SSejnt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 20:04]
.
2013-08-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 8bee0cfa-a9f0-488d-be60-8a3378636d4c.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-08-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fc22301f-1534-4ee6-b345-db1638dc2d2f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-08-19 17:37 741376 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Connectify Hotspot"="c:\program files (x86)\Connectify\Connectify.exe" [2013-05-14 5236512]
"Connectify Dispatch"="c:\program files (x86)\Connectify\DispatchUI.exe" [2013-05-14 3121440]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.zaparit.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{5C46615A-FBFF-4D98-BC98-B0B7509DD017}: NameServer = 192.168.209.1
.
.
------- File Associations -------
.
.txt=STDUViewerFile.TXT
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{57B09796-0105-4364-AEAA-B7802E56BD53}_is1 - c:\users\SSejnt\Documents\Miranda pack by sssugi 2.7\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Classic Shell\ClassicShellService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\windows\SysWOW64\lkads.exe
d:\ni\MAX\nimxs.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
c:\windows\SysWOW64\lkcitdl.exe
c:\windows\SysWOW64\lktsrv.exe
c:\windows\SysWOW64\nipxism.exe
.
**************************************************************************
.
Completion time: 2013-08-07 20:39:39 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-07 18:39
.
Pre-Run: 2,682,896,384 bytes free
Post-Run: 2,801,319,936 bytes free
.
- - End Of File - - 362074AFB777C90792EF64F0B1559174
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Coin miner nejde odstranit
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Zložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Folder::
c:\users\SSejnt\AppData\Local\Facebook\Update
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
Driver::
niwdk
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Coin miner nejde odstranit
ComboFix 13-08-07.01 - SSejnt 08/07/2013 22:13:36.2.2 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.3066.1762 [GMT 2:00]
Running from: F:\ComboFix.exe
Command switches used :: c:\users\SSejnt\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\SSejnt\AppData\Local\Facebook\Update
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_niwdk
.
.
((((((((((((((((((((((((( Files Created from 2013-07-07 to 2013-08-07 )))))))))))))))))))))))))))))))
.
.
2013-08-07 20:29 . 2013-08-07 20:33 -------- d-----w- c:\users\SSejnt\AppData\Local\temp
2013-08-07 20:29 . 2013-08-07 20:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-07 14:08 . 2013-08-07 14:08 -------- d-----w- C:\rsit
2013-08-07 14:08 . 2013-08-07 14:08 -------- d-----w- c:\program files (x86)\trend micro
2013-08-06 21:45 . 2013-08-07 17:29 -------- d-----w- C:\temp
2013-08-06 20:06 . 2013-08-06 20:06 -------- d-----w- c:\users\SSejnt\AppData\Roaming\SUPERAntiSpyware.com
2013-08-06 20:05 . 2013-08-06 20:06 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-06 20:05 . 2013-08-06 20:05 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\users\SSejnt\AppData\Roaming\Malwarebytes
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\programdata\Malwarebytes
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-06 15:16 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\users\SSejnt\AppData\Local\Programs
2013-08-01 04:06 . 2013-08-01 04:06 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-26 22:09 . 2013-07-26 22:09 34840 ----a-w- c:\windows\system32\drivers\cnnctfy3.sys
2013-07-23 12:46 . 2013-03-11 15:47 57568 ----a-w- c:\windows\system32\drivers\pynwagnt.sys
2013-07-23 12:46 . 2013-07-23 12:46 -------- d-----w- c:\programdata\genicam
2013-07-23 12:46 . 2013-07-23 12:46 -------- d-----w- c:\program files\Basler
2013-07-22 09:20 . 2013-07-22 09:20 -------- d-----w- c:\users\SSejnt\AppData\Roaming\Radmin
2013-07-22 09:18 . 2013-07-22 09:18 -------- d-----w- c:\program files (x86)\Radmin Viewer 3
2013-07-22 09:17 . 2013-07-22 09:17 -------- d-----w- c:\users\SSejnt\AppData\Local\Downloaded Installations
2013-07-18 08:34 . 2013-07-18 08:34 -------- d-----w- c:\program files (x86)\JKI
2013-07-17 17:54 . 2013-07-17 17:54 -------- d-----w- c:\windows\system32\cvirte
2013-07-17 17:54 . 2013-07-17 17:54 -------- d-----w- c:\windows\SysWow64\cvirte
2013-07-17 16:33 . 2013-07-17 16:35 -------- d-----w- c:\windows\system32\MRT
2013-07-17 12:33 . 2013-07-17 12:33 -------- d-----w- c:\users\SSejnt\Web Essentials
2013-07-17 11:59 . 2013-07-18 08:35 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-07-17 11:57 . 2013-07-18 08:35 -------- d-----w- c:\programdata\JKI
2013-07-17 11:57 . 2013-07-17 12:46 -------- d-----w- c:\users\SSejnt\AppData\Roaming\JKI
2013-07-17 07:58 . 2013-07-17 07:58 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-07-17 06:45 . 2013-07-17 06:45 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-07-16 13:15 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 13:15 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-16 08:36 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-16 08:36 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-16 08:36 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-16 08:36 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-16 08:36 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-16 08:36 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-16 08:36 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-16 08:35 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys
2013-07-16 08:35 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-16 08:35 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-07-16 08:35 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-07-16 08:35 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-16 08:35 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-16 08:35 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-16 08:33 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-16 08:33 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-16 07:38 . 2013-07-16 07:39 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-16 08:24 . 2012-09-26 08:11 2598368 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2013-06-27 06:59 . 2013-06-27 06:59 249856 ------w- c:\windows\Setup1.exe
2013-06-27 06:59 . 2013-06-27 06:59 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-06-23 22:57 . 2012-12-12 11:31 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 19:48 . 2012-09-26 10:06 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2012-09-26 10:06 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-19 10:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-09 17:53 . 2013-06-09 17:53 83024 ----a-w- c:\windows\SysWow64\mfcm110u.dll
2013-06-09 17:53 . 2013-06-09 17:53 83016 ----a-w- c:\windows\SysWow64\mfcm110.dll
2013-06-09 17:53 . 2013-06-09 17:53 8247888 ----a-w- c:\windows\SysWow64\mfc110ud.dll
2013-06-09 17:53 . 2013-06-09 17:53 8177224 ----a-w- c:\windows\SysWow64\mfc110d.dll
2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110fra.dll
2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110deu.dll
2013-06-09 17:53 . 2013-06-09 17:53 73808 ----a-w- c:\windows\SysWow64\mfc110esn.dll
2013-06-09 17:53 . 2013-06-09 17:53 72784 ----a-w- c:\windows\SysWow64\mfc110ita.dll
2013-06-09 17:53 . 2013-06-09 17:53 70736 ----a-w- c:\windows\SysWow64\mfc110rus.dll
2013-06-09 17:53 . 2013-06-09 17:53 65104 ----a-w- c:\windows\SysWow64\mfc110enu.dll
2013-06-09 17:53 . 2013-06-09 17:53 53840 ----a-w- c:\windows\SysWow64\mfc110jpn.dll
2013-06-09 17:53 . 2013-06-09 17:53 53328 ----a-w- c:\windows\SysWow64\mfc110kor.dll
2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110cht.dll
2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110chs.dll
2013-06-09 17:53 . 2013-06-09 17:53 4456520 ----a-w- c:\windows\SysWow64\mfc110u.dll
2013-06-09 17:53 . 2013-06-09 17:53 4421192 ----a-w- c:\windows\SysWow64\mfc110.dll
2013-06-09 17:53 . 2013-06-09 17:53 164424 ----a-w- c:\windows\SysWow64\atl110.dll
2013-06-09 17:53 . 2013-06-09 17:53 111696 ----a-w- c:\windows\SysWow64\mfcm110d.dll
2013-06-09 17:53 . 2013-06-09 17:53 110672 ----a-w- c:\windows\SysWow64\mfcm110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 90192 ----a-w- c:\windows\system32\mfcm110u.dll
2013-06-09 13:59 . 2013-06-09 13:59 90184 ----a-w- c:\windows\system32\mfcm110.dll
2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110fra.dll
2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110deu.dll
2013-06-09 13:59 . 2013-06-09 13:59 73808 ----a-w- c:\windows\system32\mfc110esn.dll
2013-06-09 13:59 . 2013-06-09 13:59 72784 ----a-w- c:\windows\system32\mfc110ita.dll
2013-06-09 13:59 . 2013-06-09 13:59 70736 ----a-w- c:\windows\system32\mfc110rus.dll
2013-06-09 13:59 . 2013-06-09 13:59 65104 ----a-w- c:\windows\system32\mfc110enu.dll
2013-06-09 13:59 . 2013-06-09 13:59 5619784 ----a-w- c:\windows\system32\mfc110u.dll
2013-06-09 13:59 . 2013-06-09 13:59 5592648 ----a-w- c:\windows\system32\mfc110.dll
2013-06-09 13:59 . 2013-06-09 13:59 53840 ----a-w- c:\windows\system32\mfc110jpn.dll
2013-06-09 13:59 . 2013-06-09 13:59 53328 ----a-w- c:\windows\system32\mfc110kor.dll
2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110cht.dll
2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110chs.dll
2013-06-09 13:59 . 2013-06-09 13:59 192584 ----a-w- c:\windows\system32\atl110.dll
2013-06-09 13:59 . 2013-06-09 13:59 120912 ----a-w- c:\windows\system32\mfcm110d.dll
2013-06-09 13:59 . 2013-06-09 13:59 119376 ----a-w- c:\windows\system32\mfcm110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 10932304 ----a-w- c:\windows\system32\mfc110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 10860616 ----a-w- c:\windows\system32\mfc110d.dll
2013-05-30 23:24 . 2013-06-25 11:44 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-05-23 23:01 . 2013-06-25 11:40 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-05-23 22:27 . 2013-06-25 11:40 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-05-22 22:16 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 22:37 . 2013-06-25 11:38 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-05-15 22:35 . 2013-06-25 11:38 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-05-15 22:35 . 2013-06-27 15:26 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-05-15 02:25 . 2013-06-25 11:40 888320 ----a-w- c:\windows\system32\autochk.exe
2013-05-15 02:25 . 2013-06-25 11:40 542208 ----a-w- c:\windows\system32\untfs.dll
2013-05-15 02:24 . 2013-06-25 11:40 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-05-15 02:24 . 2013-06-25 11:40 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-05-14 13:14 . 2013-06-25 11:38 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-14 09:23 . 2013-06-25 11:38 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-08-19 17:37 610816 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\SSejnt\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-02-04 447152]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-06-19 9873200]
"Lingoes"="c:\program files (x86)\Lingoes\Translator2\Lingoes.exe" [2011-10-31 2375680]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"icq"="c:\users\SSejnt\AppData\Roaming\ICQM\icq.exe" [2013-07-01 28696936]
"NIRegistrationWizard"="c:\program files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe" [2010-06-21 846520]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"PC Suite for Smartphones"="c:\program files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-12-25 548864]
"SafeQClient"="c:\program files (x86)\SafeQ\SafeQ_cli.exe" [2012-11-21 474624]
"NI Update Service"="c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" [2012-11-16 853640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2012-9-18 661184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 SUHDCrypt;SUHDCrypt;c:\windows\system32\Drivers\PDisk.sys;c:\windows\SYSNATIVE\Drivers\PDisk.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys;c:\windows\SYSNATIVE\drivers\ggflt.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys;c:\windows\SYSNATIVE\drivers\ni1006k.sys [x]
R3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys;c:\windows\SYSNATIVE\drivers\ni1045kl.sys [x]
R3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys;c:\windows\SYSNATIVE\drivers\ni1065k.sys [x]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys;c:\windows\SYSNATIVE\drivers\nidimkl.sys [x]
R3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys;c:\windows\SYSNATIVE\drivers\nipalfwedl.sys [x]
R3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys;c:\windows\SYSNATIVE\drivers\nipalusbedl.sys [x]
R3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys;c:\windows\SYSNATIVE\drivers\nipxigpk.sys [x]
R3 NiRioRpc;NI-RIO Server;c:\windows\SysWOW64\NiRioRpc.exe;c:\windows\SysWOW64\NiRioRpc.exe [x]
R3 ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at64.sys;c:\windows\SYSNATIVE\DRIVERS\ser2at64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R4 OracleJobSchedulerXE;OracleJobSchedulerXE;d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe XE;d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [x]
R4 OracleServiceXE;OracleServiceXE;d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE;d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [x]
R4 OracleXETNSListener;OracleXETNSListener;d:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe;d:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [x]
R4 ServiceATNET;ServiceATNET;c:\users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe;c:\users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe [x]
S0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\System32\drivers\nipbcfk.sys;c:\windows\SYSNATIVE\drivers\nipbcfk.sys [x]
S0 nipxibaf;National Instruments PXI Bridge Access Driver;c:\windows\System32\drivers\nipxibaf.sys;c:\windows\SYSNATIVE\drivers\nipxibaf.sys [x]
S0 nipxibrc;National Instruments PXI Bridge Configuration Driver;c:\windows\System32\drivers\nipxibrc.sys;c:\windows\SYSNATIVE\drivers\nipxibrc.sys [x]
S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 Mutual Monitor;Mutual Monitor;c:\program files\mutualpublic\Monitor.exe run;c:\program files\mutualpublic\Monitor.exe run [x]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
S2 niLXIDiscovery;NI LXI Discovery Service;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe [x]
S2 nimDNSResponder;NI mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [x]
S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [x]
S2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys;c:\windows\SYSNATIVE\drivers\nipxirmkl.sys [x]
S2 nistreamk;nistreamk;c:\windows\system32\drivers\nistreamkl.sys;c:\windows\SYSNATIVE\drivers\nistreamkl.sys [x]
S2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys;c:\windows\SYSNATIVE\drivers\NiViPxiKl.sys [x]
S2 PYNWAGNT;PYNWAGNT;c:\windows\System32\Drivers\pynwagnt.sys;c:\windows\SYSNATIVE\Drivers\pynwagnt.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys;c:\windows\SYSNATIVE\drivers\NiViPciKl.sys [x]
S3 PyNwFlt;Pylon GigE Vision Streaming Filter Service;c:\windows\system32\DRIVERS\pynwflt.sys;c:\windows\SYSNATIVE\DRIVERS\pynwflt.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk63x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk63x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-27 18:29]
.
2013-08-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 8bee0cfa-a9f0-488d-be60-8a3378636d4c.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-08-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fc22301f-1534-4ee6-b345-db1638dc2d2f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-08-19 17:37 741376 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Connectify Hotspot"="c:\program files (x86)\Connectify\Connectify.exe" [2013-05-14 5236512]
"Connectify Dispatch"="c:\program files (x86)\Connectify\DispatchUI.exe" [2013-05-14 3121440]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.zaparit.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{5C46615A-FBFF-4D98-BC98-B0B7509DD017}: NameServer = 192.168.209.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{57B09796-0105-4364-AEAA-B7802E56BD53}_is1 - c:\users\SSejnt\Documents\Miranda pack by sssugi 2.7\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Classic Shell\ClassicShellService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\windows\SysWOW64\lkads.exe
c:\windows\SysWOW64\lktsrv.exe
c:\program files\mutualpublic\Monitor.exe
d:\ni\MAX\nimxs.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
c:\windows\SysWOW64\lkcitdl.exe
c:\windows\SysWOW64\nipxism.exe
.
**************************************************************************
.
Completion time: 2013-08-07 22:49:33 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-07 20:49
ComboFix2.txt 2013-08-07 18:39
.
Pre-Run: 2,861,260,800 bytes free
Post-Run: 2,718,113,792 bytes free
.
- - End Of File - - 6337F6E391F52F071D6B1D38A2C70282
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.3066.1762 [GMT 2:00]
Running from: F:\ComboFix.exe
Command switches used :: c:\users\SSejnt\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\SSejnt\AppData\Local\Facebook\Update
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\SSejnt\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2118713317-4237605874-1306304185-1001UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_niwdk
.
.
((((((((((((((((((((((((( Files Created from 2013-07-07 to 2013-08-07 )))))))))))))))))))))))))))))))
.
.
2013-08-07 20:29 . 2013-08-07 20:33 -------- d-----w- c:\users\SSejnt\AppData\Local\temp
2013-08-07 20:29 . 2013-08-07 20:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-07 14:08 . 2013-08-07 14:08 -------- d-----w- C:\rsit
2013-08-07 14:08 . 2013-08-07 14:08 -------- d-----w- c:\program files (x86)\trend micro
2013-08-06 21:45 . 2013-08-07 17:29 -------- d-----w- C:\temp
2013-08-06 20:06 . 2013-08-06 20:06 -------- d-----w- c:\users\SSejnt\AppData\Roaming\SUPERAntiSpyware.com
2013-08-06 20:05 . 2013-08-06 20:06 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-06 20:05 . 2013-08-06 20:05 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\users\SSejnt\AppData\Roaming\Malwarebytes
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\programdata\Malwarebytes
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-06 15:16 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-06 15:16 . 2013-08-06 15:16 -------- d-----w- c:\users\SSejnt\AppData\Local\Programs
2013-08-01 04:06 . 2013-08-01 04:06 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-26 22:09 . 2013-07-26 22:09 34840 ----a-w- c:\windows\system32\drivers\cnnctfy3.sys
2013-07-23 12:46 . 2013-03-11 15:47 57568 ----a-w- c:\windows\system32\drivers\pynwagnt.sys
2013-07-23 12:46 . 2013-07-23 12:46 -------- d-----w- c:\programdata\genicam
2013-07-23 12:46 . 2013-07-23 12:46 -------- d-----w- c:\program files\Basler
2013-07-22 09:20 . 2013-07-22 09:20 -------- d-----w- c:\users\SSejnt\AppData\Roaming\Radmin
2013-07-22 09:18 . 2013-07-22 09:18 -------- d-----w- c:\program files (x86)\Radmin Viewer 3
2013-07-22 09:17 . 2013-07-22 09:17 -------- d-----w- c:\users\SSejnt\AppData\Local\Downloaded Installations
2013-07-18 08:34 . 2013-07-18 08:34 -------- d-----w- c:\program files (x86)\JKI
2013-07-17 17:54 . 2013-07-17 17:54 -------- d-----w- c:\windows\system32\cvirte
2013-07-17 17:54 . 2013-07-17 17:54 -------- d-----w- c:\windows\SysWow64\cvirte
2013-07-17 16:33 . 2013-07-17 16:35 -------- d-----w- c:\windows\system32\MRT
2013-07-17 12:33 . 2013-07-17 12:33 -------- d-----w- c:\users\SSejnt\Web Essentials
2013-07-17 11:59 . 2013-07-18 08:35 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-07-17 11:57 . 2013-07-18 08:35 -------- d-----w- c:\programdata\JKI
2013-07-17 11:57 . 2013-07-17 12:46 -------- d-----w- c:\users\SSejnt\AppData\Roaming\JKI
2013-07-17 07:58 . 2013-07-17 07:58 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-07-17 06:45 . 2013-07-17 06:45 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-07-16 13:15 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 13:15 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-16 08:36 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-16 08:36 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-16 08:36 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-16 08:36 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-16 08:36 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-16 08:36 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-16 08:36 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-16 08:35 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys
2013-07-16 08:35 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-16 08:35 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-07-16 08:35 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-07-16 08:35 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-16 08:35 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-16 08:35 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-16 08:33 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-16 08:33 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-16 07:38 . 2013-07-16 07:39 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-16 08:24 . 2012-09-26 08:11 2598368 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2013-06-27 06:59 . 2013-06-27 06:59 249856 ------w- c:\windows\Setup1.exe
2013-06-27 06:59 . 2013-06-27 06:59 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-06-23 22:57 . 2012-12-12 11:31 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 19:48 . 2012-09-26 10:06 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2012-09-26 10:06 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-19 10:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-09 17:53 . 2013-06-09 17:53 83024 ----a-w- c:\windows\SysWow64\mfcm110u.dll
2013-06-09 17:53 . 2013-06-09 17:53 83016 ----a-w- c:\windows\SysWow64\mfcm110.dll
2013-06-09 17:53 . 2013-06-09 17:53 8247888 ----a-w- c:\windows\SysWow64\mfc110ud.dll
2013-06-09 17:53 . 2013-06-09 17:53 8177224 ----a-w- c:\windows\SysWow64\mfc110d.dll
2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110fra.dll
2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110deu.dll
2013-06-09 17:53 . 2013-06-09 17:53 73808 ----a-w- c:\windows\SysWow64\mfc110esn.dll
2013-06-09 17:53 . 2013-06-09 17:53 72784 ----a-w- c:\windows\SysWow64\mfc110ita.dll
2013-06-09 17:53 . 2013-06-09 17:53 70736 ----a-w- c:\windows\SysWow64\mfc110rus.dll
2013-06-09 17:53 . 2013-06-09 17:53 65104 ----a-w- c:\windows\SysWow64\mfc110enu.dll
2013-06-09 17:53 . 2013-06-09 17:53 53840 ----a-w- c:\windows\SysWow64\mfc110jpn.dll
2013-06-09 17:53 . 2013-06-09 17:53 53328 ----a-w- c:\windows\SysWow64\mfc110kor.dll
2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110cht.dll
2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110chs.dll
2013-06-09 17:53 . 2013-06-09 17:53 4456520 ----a-w- c:\windows\SysWow64\mfc110u.dll
2013-06-09 17:53 . 2013-06-09 17:53 4421192 ----a-w- c:\windows\SysWow64\mfc110.dll
2013-06-09 17:53 . 2013-06-09 17:53 164424 ----a-w- c:\windows\SysWow64\atl110.dll
2013-06-09 17:53 . 2013-06-09 17:53 111696 ----a-w- c:\windows\SysWow64\mfcm110d.dll
2013-06-09 17:53 . 2013-06-09 17:53 110672 ----a-w- c:\windows\SysWow64\mfcm110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 90192 ----a-w- c:\windows\system32\mfcm110u.dll
2013-06-09 13:59 . 2013-06-09 13:59 90184 ----a-w- c:\windows\system32\mfcm110.dll
2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110fra.dll
2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110deu.dll
2013-06-09 13:59 . 2013-06-09 13:59 73808 ----a-w- c:\windows\system32\mfc110esn.dll
2013-06-09 13:59 . 2013-06-09 13:59 72784 ----a-w- c:\windows\system32\mfc110ita.dll
2013-06-09 13:59 . 2013-06-09 13:59 70736 ----a-w- c:\windows\system32\mfc110rus.dll
2013-06-09 13:59 . 2013-06-09 13:59 65104 ----a-w- c:\windows\system32\mfc110enu.dll
2013-06-09 13:59 . 2013-06-09 13:59 5619784 ----a-w- c:\windows\system32\mfc110u.dll
2013-06-09 13:59 . 2013-06-09 13:59 5592648 ----a-w- c:\windows\system32\mfc110.dll
2013-06-09 13:59 . 2013-06-09 13:59 53840 ----a-w- c:\windows\system32\mfc110jpn.dll
2013-06-09 13:59 . 2013-06-09 13:59 53328 ----a-w- c:\windows\system32\mfc110kor.dll
2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110cht.dll
2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110chs.dll
2013-06-09 13:59 . 2013-06-09 13:59 192584 ----a-w- c:\windows\system32\atl110.dll
2013-06-09 13:59 . 2013-06-09 13:59 120912 ----a-w- c:\windows\system32\mfcm110d.dll
2013-06-09 13:59 . 2013-06-09 13:59 119376 ----a-w- c:\windows\system32\mfcm110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 10932304 ----a-w- c:\windows\system32\mfc110ud.dll
2013-06-09 13:59 . 2013-06-09 13:59 10860616 ----a-w- c:\windows\system32\mfc110d.dll
2013-05-30 23:24 . 2013-06-25 11:44 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-05-23 23:01 . 2013-06-25 11:40 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-05-23 22:27 . 2013-06-25 11:40 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-05-22 22:16 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 22:37 . 2013-06-25 11:38 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-05-15 22:35 . 2013-06-25 11:38 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-05-15 22:35 . 2013-06-27 15:26 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-05-15 02:25 . 2013-06-25 11:40 888320 ----a-w- c:\windows\system32\autochk.exe
2013-05-15 02:25 . 2013-06-25 11:40 542208 ----a-w- c:\windows\system32\untfs.dll
2013-05-15 02:24 . 2013-06-25 11:40 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-05-15 02:24 . 2013-06-25 11:40 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-05-14 13:14 . 2013-06-25 11:38 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-14 09:23 . 2013-06-25 11:38 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-08-19 17:37 610816 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\SSejnt\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-02-04 447152]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-06-19 9873200]
"Lingoes"="c:\program files (x86)\Lingoes\Translator2\Lingoes.exe" [2011-10-31 2375680]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"icq"="c:\users\SSejnt\AppData\Roaming\ICQM\icq.exe" [2013-07-01 28696936]
"NIRegistrationWizard"="c:\program files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe" [2010-06-21 846520]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"PC Suite for Smartphones"="c:\program files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-12-25 548864]
"SafeQClient"="c:\program files (x86)\SafeQ\SafeQ_cli.exe" [2012-11-21 474624]
"NI Update Service"="c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" [2012-11-16 853640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2012-9-18 661184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 SUHDCrypt;SUHDCrypt;c:\windows\system32\Drivers\PDisk.sys;c:\windows\SYSNATIVE\Drivers\PDisk.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys;c:\windows\SYSNATIVE\drivers\ggflt.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys;c:\windows\SYSNATIVE\drivers\ni1006k.sys [x]
R3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys;c:\windows\SYSNATIVE\drivers\ni1045kl.sys [x]
R3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys;c:\windows\SYSNATIVE\drivers\ni1065k.sys [x]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys;c:\windows\SYSNATIVE\drivers\nidimkl.sys [x]
R3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys;c:\windows\SYSNATIVE\drivers\nipalfwedl.sys [x]
R3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys;c:\windows\SYSNATIVE\drivers\nipalusbedl.sys [x]
R3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys;c:\windows\SYSNATIVE\drivers\nipxigpk.sys [x]
R3 NiRioRpc;NI-RIO Server;c:\windows\SysWOW64\NiRioRpc.exe;c:\windows\SysWOW64\NiRioRpc.exe [x]
R3 ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at64.sys;c:\windows\SYSNATIVE\DRIVERS\ser2at64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R4 OracleJobSchedulerXE;OracleJobSchedulerXE;d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe XE;d:\oracle11g\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [x]
R4 OracleServiceXE;OracleServiceXE;d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE;d:\oracle11g\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [x]
R4 OracleXETNSListener;OracleXETNSListener;d:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe;d:\oracle11g\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [x]
R4 ServiceATNET;ServiceATNET;c:\users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe;c:\users\SSejnt\Documents\Visual Studio 2012\Projects\ATNET\ATNET\bin\Debug\ATNET.exe [x]
S0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\System32\drivers\nipbcfk.sys;c:\windows\SYSNATIVE\drivers\nipbcfk.sys [x]
S0 nipxibaf;National Instruments PXI Bridge Access Driver;c:\windows\System32\drivers\nipxibaf.sys;c:\windows\SYSNATIVE\drivers\nipxibaf.sys [x]
S0 nipxibrc;National Instruments PXI Bridge Configuration Driver;c:\windows\System32\drivers\nipxibrc.sys;c:\windows\SYSNATIVE\drivers\nipxibrc.sys [x]
S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 Mutual Monitor;Mutual Monitor;c:\program files\mutualpublic\Monitor.exe run;c:\program files\mutualpublic\Monitor.exe run [x]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
S2 niLXIDiscovery;NI LXI Discovery Service;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe [x]
S2 nimDNSResponder;NI mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [x]
S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [x]
S2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys;c:\windows\SYSNATIVE\drivers\nipxirmkl.sys [x]
S2 nistreamk;nistreamk;c:\windows\system32\drivers\nistreamkl.sys;c:\windows\SYSNATIVE\drivers\nistreamkl.sys [x]
S2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys;c:\windows\SYSNATIVE\drivers\NiViPxiKl.sys [x]
S2 PYNWAGNT;PYNWAGNT;c:\windows\System32\Drivers\pynwagnt.sys;c:\windows\SYSNATIVE\Drivers\pynwagnt.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys;c:\windows\SYSNATIVE\drivers\NiViPciKl.sys [x]
S3 PyNwFlt;Pylon GigE Vision Streaming Filter Service;c:\windows\system32\DRIVERS\pynwflt.sys;c:\windows\SYSNATIVE\DRIVERS\pynwflt.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk63x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk63x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-27 18:29]
.
2013-08-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 8bee0cfa-a9f0-488d-be60-8a3378636d4c.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-08-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fc22301f-1534-4ee6-b345-db1638dc2d2f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-08-19 17:37 741376 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Connectify Hotspot"="c:\program files (x86)\Connectify\Connectify.exe" [2013-05-14 5236512]
"Connectify Dispatch"="c:\program files (x86)\Connectify\DispatchUI.exe" [2013-05-14 3121440]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.zaparit.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{5C46615A-FBFF-4D98-BC98-B0B7509DD017}: NameServer = 192.168.209.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{57B09796-0105-4364-AEAA-B7802E56BD53}_is1 - c:\users\SSejnt\Documents\Miranda pack by sssugi 2.7\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Classic Shell\ClassicShellService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\windows\SysWOW64\lkads.exe
c:\windows\SysWOW64\lktsrv.exe
c:\program files\mutualpublic\Monitor.exe
d:\ni\MAX\nimxs.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
c:\windows\SysWOW64\lkcitdl.exe
c:\windows\SysWOW64\nipxism.exe
.
**************************************************************************
.
Completion time: 2013-08-07 22:49:33 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-07 20:49
ComboFix2.txt 2013-08-07 18:39
.
Pre-Run: 2,861,260,800 bytes free
Post-Run: 2,718,113,792 bytes free
.
- - End Of File - - 6337F6E391F52F071D6B1D38A2C70282
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Coin miner nejde odstranit
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Coin miner nejde odstranit
Po pripojeni na internet sa zase vytvoril proces coin-miner. A vytazuje procesor na 100%.
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Coin miner nejde odstranit
Zkuste použít tento nástroj: http://www.anti-spyware-101.com/cz/odst ... 2coinminer .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Coin miner nejde odstranit
No, len ako to stiahnem tie subory ked NB vobec nereaguje. cakal som hodinu a nic:) myslite zeby to slo keby som to nainstaloval v inom notasi a do svojho len preniesol???
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Coin miner nejde odstranit
Stáhl bych to na jiném na flešku a přenesl.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Coin miner nejde odstranit
No bohuzial, produkt sa musi aktivovat ak chcem nieco vycistit, a akutalna virova databaza sa aktualizuje po nainstalovani..:/
Re: Coin miner nejde odstranit
podarilo sa mi ho spojazndnit spyhunter ale nic nenasiel.
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Coin miner nejde odstranit
Zkusíme něco jiného. Proveďte obnovu systému k datu před nákazou. Pak restartujte do nouz. režimu a použijte úplný sken MBAM: http://www.malwarebytes.org/mbam.php . Před smazáním nalezených položek dejte log sem ke kontrole.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Coin miner nejde odstranit
No je je tu dalsia zahada system uz mam odkedy ho dali na trh a nemam vytvoreny ani jeden bod obnovenia. A to som vystriedal za tu dobu 3 anti virusy, pri ktorych sa ten bod vytvara ze?.
-
Rudy
- Site Admin
- Příspěvky: 119529
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Coin miner nejde odstranit
Zkuste to proskenovat AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?